Manually format security configuration

Update security configuration formatting to follow conventions recommended in the Spring Security documentation. See gh-7958
2017-08-31 16:12:02 -07:00 · 2017-08-31 16:12:02 -07:00 · ecb8461e8c
parent 8f79ca9e65
commit ecb8461e8c
4 changed files with 26 additions and 12 deletions
--- a/spring-boot-samples/spring-boot-sample-actuator-custom-security/src/main/java/sample/actuator/customsecurity/SecurityConfiguration.java
+++ b/spring-boot-samples/spring-boot-sample-actuator-custom-security/src/main/java/sample/actuator/customsecurity/SecurityConfiguration.java
@ -24,6 +24,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http.authorizeRequests()
 				.requestMatchers(this.bootSecurity.endpointIds("status", "info")).permitAll()
--- a/spring-boot-samples/spring-boot-sample-secure-oauth2-actuator/src/main/java/sample/secure/oauth2/actuator/ActuatorSecurityConfiguration.java
+++ b/spring-boot-samples/spring-boot-sample-secure-oauth2-actuator/src/main/java/sample/secure/oauth2/actuator/ActuatorSecurityConfiguration.java
@ -23,9 +23,12 @@ public class ActuatorSecurityConfiguration extends WebSecurityConfigurerAdapter
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
-		http.requestMatcher(
+		// @formatter:off
-				this.springBootSecurity.endpointIds(SpringBootSecurity.ALL_ENDPOINTS))
+		http.requestMatcher(this.springBootSecurity.endpointIds(SpringBootSecurity.ALL_ENDPOINTS)).authorizeRequests()
-				.authorizeRequests().antMatchers("/**").authenticated().and().httpBasic();
+				.antMatchers("/**").authenticated()
 				.and()
 			.httpBasic();
 		// @formatter:on
 	}
 }
--- a/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java
+++ b/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java
@ -84,11 +84,17 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
-			http.authorizeRequests().antMatchers("/login").permitAll().anyRequest()
+			// @formatter:off
-					.fullyAuthenticated().and().formLogin().loginPage("/login")
+			http.authorizeRequests()
-					.failureUrl("/login?error").and().logout()
+					.antMatchers("/login").permitAll()
-					.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).and()
+					.anyRequest().fullyAuthenticated()
 					.and()
 				.formLogin().loginPage("/login").failureUrl("/login?error")
 					.and()
 				.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
 					.and()
 				.exceptionHandling().accessDeniedPage("/access?error");
 			// @formatter:on
 		}
 	}
--- a/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/web/secure/SampleWebSecureApplication.java
+++ b/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/web/secure/SampleWebSecureApplication.java
@ -69,11 +69,15 @@ public class SampleWebSecureApplication implements WebMvcConfigurer {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			// @formatter:off
 			http.authorizeRequests()
-					.requestMatchers(this.springBootSecurity.staticResources())
+					.requestMatchers(this.springBootSecurity.staticResources()).permitAll()
-					.permitAll().anyRequest().fullyAuthenticated().and().formLogin()
+					.anyRequest().fullyAuthenticated()
-					.loginPage("/login").failureUrl("/login?error").permitAll().and()
+					.and()
 				.formLogin().loginPage("/login").failureUrl("/login?error").permitAll()
 					.and()
 				.logout().permitAll();
 			// @formatter:on
 		}
 		@Override