This commit is contained in:
William Brawner 2020-02-14 22:35:10 -07:00
parent 57b388da05
commit d8faa66a1c

View file

@ -15,9 +15,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
import org.springframework.security.crypto.password.PasswordEncoder import org.springframework.security.crypto.password.PasswordEncoder
import org.springframework.security.provisioning.JdbcUserDetailsManager import org.springframework.security.provisioning.JdbcUserDetailsManager
import org.springframework.web.servlet.config.annotation.CorsRegistry import org.springframework.security.web.header.writers.StaticHeadersWriter
import org.springframework.web.servlet.config.annotation.EnableWebMvc
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
import javax.sql.DataSource import javax.sql.DataSource
@ -64,21 +62,17 @@ open class SecurityConfig(
.and() .and()
.httpBasic() .httpBasic()
.and() .and()
.cors()
.and()
.csrf() .csrf()
.disable() .disable()
.headers()
.addHeaderWriter(StaticHeadersWriter("Access-Control-Allow-Origin", "*"))
.addHeaderWriter(StaticHeadersWriter("Access-Control-Allow-Methods", "GET", "POST", "PUT", "DELETE"))
.addHeaderWriter(StaticHeadersWriter("Access-Control-Max-Age", "3600"))
.addHeaderWriter(StaticHeadersWriter("Access-Control-Allow-Credentials", "true"))
.addHeaderWriter(StaticHeadersWriter("Access-Control-Allow-Headers", "Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization"));
} }
} }
@Configuration @Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableGlobalMethodSecurity(prePostEnabled = true)
open class MethodSecurity : GlobalMethodSecurityConfiguration() open class MethodSecurity : GlobalMethodSecurityConfiguration()
@Configuration
@EnableWebMvc
open class CorsConfiguration : WebMvcConfigurer {
override fun addCorsMappings(registry: CorsRegistry) {
registry.addMapping("/**")
}
}