Spring Security

CORS (Cross Over Resource Sharing)

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
  ...
  @Override
  protected void configure(final HttpSecurity http) throws Exception {    
    http.cors() /* CORS filter must be enabled */
      .and()
      ...
  }

  ...

  @Bean
  CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration configuration = new CorsConfiguration();
    configuration.setAllowCredentials(true);
    configuration.setAllowedHeaders(Arrays.asList("Authorization", "Content-Type"));
    configuration.setAllowedOrigins(Arrays.asList("http://localhost:4200"));
    configuration.setAllowedMethods(Arrays.asList("GET","POST"));
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", configuration);
    return source;
  }
  ...
}

Registrierung und Login

Links

https://www.baeldung.com/registration-with-spring-mvc-and-spring-security

https://docs.spring.io/spring-session/docs/current/reference/html5/guides/java-rest.html

Zurück zu Spring