How do I login to Spring Security, JSF 2.2, and Managedbean?

Question

How do I login to Spring Security, JSF 2.2, and Managedbean?

Asked 7 years, 2 months ago

Viewed 1,094 times

2

Hello. I need some help. I am configuring Spring Security in a JSF Project 2.2. Using Annotation. I’ve been able to configure the filters. But I don’t understand how to configure login Managedbean to search the database and log in to JSF. Below is my Spring Security configuration class

@Configuration

@Enablewebsecurity public class Securityconfig extends Websecurityconfigureradapter {

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication().withUser("zezinho").password("123456").roles(Constantes.PERMISSAO_USER);
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable();

    http.authorizeRequests()
            .antMatchers(Constantes.RESOURCES).permitAll()
            .antMatchers(Constantes.PUBLIC + Constantes.URL_ALL).permitAll()
            .antMatchers(Constantes.PRIVATE).hasRole(Constantes.PERMISSAO_USER).anyRequest().authenticated()
            .and()
            .formLogin()
            .loginPage(Constantes.PAGE_PUBLIC_URL_LOGIN)
            .successForwardUrl(Constantes.PAGE_PRIVATE_URL_PRINCIPAL)
            .permitAll();
}

@Override
public void configure(WebSecurity web) throws Exception {

// web.ignoring(). antMatchers("/Resources/**");; }

}

Important to remember that I use Hibernate and a User Table. So. I want to make the user query in Managedbean. and then log in if it exists. Can someone help me?

1 answer

Browser other questions tagged java spring spring-security

You are not signed in. Login or sign up in order to post.

by hlucasfranca • **429** points · Answer 1 · 2017-04-04T02:37:43+00:00

I had to implement this solution a while ago, based on this link: http://www.programming-free.com/2016/01/spring-security-spring-data-jpa.html

You need to configure Authenticationmanagerbuilder, ex:

@Autowired
public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder
                .userDetailsService(this.userDetailsService)
                // configura um encoder para a senha armazenada no banco
                .passwordEncoder(passwordEncoder());
}

And a @Service that implements UserDetailsService:

@Service
public class UserDetailsServiceImpl implements UserDetailsService {

@Autowired
private UsuarioRepository userRepository;

@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    UsuarioEntity user = userRepository.findByNomeUsuario(username);
    //...
    }
}

Abcs!