Fincer
/
java-bookstore
mirror of https://github.com/Fincer/java-bookstore
1
0
Fork 0
Code Issues 0 Releases 4 Wiki Activity
Browse Source

Spring security: Comment out cookie and header settings 

Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
v0.0.4-alpha
Pekka Helenius 4 years ago
parent
61bc35eeb0
commit
4919ad3101
1 changed files with 3 additions and 5 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -5
      bookstore/src/main/java/com/fjordtek/bookstore/config/WebSecurityConfig.java

+ 3
- 5
bookstore/src/main/java/com/fjordtek/bookstore/config/WebSecurityConfig.java View File

@ -17,9 +17,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import com.fjordtek.bookstore.service.session.BookSameSiteCookieFilter;
import com.fjordtek.bookstore.service.session.BookStoreAccessDeniedHandler; import com.fjordtek.bookstore.service.session.BookStoreAccessDeniedHandler;
import com.fjordtek.bookstore.service.session.BookStoreAuthenticationFailureHandler; import com.fjordtek.bookstore.service.session.BookStoreAuthenticationFailureHandler;
import com.fjordtek.bookstore.service.session.BookStoreAuthenticationSuccessHandler; import com.fjordtek.bookstore.service.session.BookStoreAuthenticationSuccessHandler;
@ -126,7 +124,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
* public access to it is denied by default. * public access to it is denied by default.
*/ */
httpSecurity httpSecurity
.addFilterAfter(new BookSameSiteCookieFilter(), BasicAuthenticationFilter.class)
// .addFilterAfter(new BookSameSiteCookieFilter(), BasicAuthenticationFilter.class)
.authorizeRequests() .authorizeRequests()
.antMatchers( .antMatchers(
env.getProperty("spring.h2.console.path") + "/**", env.getProperty("spring.h2.console.path") + "/**",
@ -171,12 +169,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.and() .and()
.sessionManagement() .sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and()
/* .and()
.headers() .headers()
.frameOptions().sameOrigin() .frameOptions().sameOrigin()
// .contentTypeOptions().disable() // .contentTypeOptions().disable()
.contentSecurityPolicy("frame-ancestors 'self'") .contentSecurityPolicy("frame-ancestors 'self'")
*/
; ;
} }


Write Preview
Loading…
Cancel
Save