Boa noite poderiam ajudar? Ao rodar a aplicação via Docker sou direcionado para a tela de login e mesmo tentando logar com user e senhas de banco não consigo acessar segue a classe Security:
package br.com.alura.forum.config.security;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import br.com.alura.forum.repository.UsuarioRepository;
@EnableWebSecurity @Configuration @Profile(value = {"prod","test"}) public class SecurityConfigurations extends WebSecurityConfigurerAdapter {
@Autowired
private AutenticacaoService autenticacaoService;
@Autowired
private TokenService tokenService;
@Autowired
private UsuarioRepository usuarioRepository;
@Bean
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
// Configurações de autenticação ( controle de acesso login )
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(autenticacaoService).passwordEncoder(new BCryptPasswordEncoder());
}
// Configurações de autorização (url ,quem pode acessar cada url, perfil de
// acesso )
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers(HttpMethod.GET, "/topicos").permitAll()
.antMatchers(HttpMethod.GET, "/topicos/*").permitAll().antMatchers(HttpMethod.POST, "/auth").permitAll()
.antMatchers(HttpMethod.GET, "/actuator/**").permitAll().antMatchers(HttpMethod.DELETE, "/topicos/*")
.hasRole("MODERADOR").anyRequest().authenticated().and().csrf().disable().sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.addFilterBefore(new AutenticacaoViaTokenFilter(tokenService, usuarioRepository),
UsernamePasswordAuthenticationFilter.class);
}
// configurações de recursos estáticos ( requisições para arquivos, Js, CSS,
// imagens, etc )
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/**.html", "/v2/api-docs", "/webjars/**", "/configuration/**",
"/swagger-resources/**");
}
}