backup/springboot-security-jwt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updated documentation

Browse Source
This commit is contained in:
svlada 2017-04-17 19:03:01 +02:00
parent fb15315944
commit 34fc3841a4
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -1,2 +1,3 @@
# springboot-security-jwt
Secure your API with JWT Tokens
This repository is created as an example for post I wrote on my blog: [JWT Authentication Tutorial: An example using Spring Boot](http://svlada.com/jwt-token-authentication-with-spring-boot/)

18
etc/blog.md
View File

@ -709,14 +709,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired private ObjectMapper objectMapper;
@Bean
protected AjaxLoginProcessingFilter buildAjaxLoginProcessingFilter() throws Exception {
AjaxLoginProcessingFilter filter = new AjaxLoginProcessingFilter(FORM_BASED_LOGIN_ENTRY_POINT, successHandler, failureHandler, objectMapper);
filter.setAuthenticationManager(this.authenticationManager);
return filter;
}
@Bean
protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception {
List<String> pathsToSkip = Arrays.asList(TOKEN_REFRESH_ENTRY_POINT, FORM_BASED_LOGIN_ENTRY_POINT);
SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, TOKEN_BASED_AUTH_ENTRY_POINT);
@ -732,6 +730,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
return super.authenticationManagerBean();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(ajaxAuthenticationProvider);
auth.authenticationProvider(jwtAuthenticationProvider);
@ -767,6 +766,21 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
}
}
```
#### PasswordEncoderConfig
BCrypt encoder that is in AjaxAuthenticationProvider.
```language-java
@Configuration
public class PasswordEncoderConfig {
@Bean
protected BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
```
#### BloomFilterTokenVerifier
This is dummy class. You should ideally implement your own TokenVerifier to check for revoked tokens.