I use Primefaces 5.2. and Spring Security 4.0.2.
I have a managed bean
Code: Select all
@Getter
@Setter
@ManagedBean
@ViewScoped
public class LoginController implements Serializable {
private static final long serialVersionUID = 1L;
private String userName = "admin";
private String password = "123";
public void doLogin() {
System.out.println("test");
}
}
Code: Select all
<p:commandButton value="Log in" action="#{loginController.doLogin()}" />
Code: Select all
@Configuration
@EnableWebSecurity
public class SpringSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private CustomUserDetailsService userService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/javax.faces.resource/**").permitAll()
.antMatchers("/**").access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')")
.antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')")
.and()
.formLogin()
.loginPage("/pages/security/login.xhtml")
.permitAll()
.and()
.logout()
.logoutSuccessUrl("/pages/security/login.xhtml?logout")
.permitAll();
}
}