MightyPork
/
airsonic-custom
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'origin/pr/403' into stable

Browse Source
master
Andrew DeMaria 9 years ago
parent ad5299eeb8 ca90c36839
commit 5c71e85e74
1 changed files with 14 additions and 14 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 28
      libresonic-main/src/main/java/org/libresonic/player/security/GlobalSecurityConfig.java

28
libresonic-main/src/main/java/org/libresonic/player/security/GlobalSecurityConfig.java
Unescape View File

@ -94,7 +94,7 @@ public class GlobalSecurityConfig extends GlobalAuthenticationConfigurerAdapter
.csrf().requireCsrfProtectionMatcher(csrfSecurityRequestMatcher).and() .csrf().requireCsrfProtectionMatcher(csrfSecurityRequestMatcher).and()
.headers().frameOptions().sameOrigin().and() .headers().frameOptions().sameOrigin().and()
.authorizeRequests() .authorizeRequests()
.antMatchers("/ext/stream/**", "/ext/coverArt.view", "/ext/share/**", "/ext/hls/**") .antMatchers("/ext/stream/**", "/ext/coverArt*", "/ext/share/**", "/ext/hls/**")
.hasAnyRole("TEMP", "USER").and() .hasAnyRole("TEMP", "USER").and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.exceptionHandling().and() .exceptionHandling().and()
@ -125,29 +125,29 @@ public class GlobalSecurityConfig extends GlobalAuthenticationConfigurerAdapter
.frameOptions() .frameOptions()
.sameOrigin() .sameOrigin()
.and().authorizeRequests() .and().authorizeRequests()
.antMatchers("/recover.view", "/accessDenied.view", .antMatchers("/recover*", "/accessDenied*",
"/style/**", "/icons/**", "/flash/**", "/script/**", "/style/**", "/icons/**", "/flash/**", "/script/**",
"/sonos/**", "/crossdomain.xml", "/login", "/error") "/sonos/**", "/crossdomain.xml", "/login", "/error")
.permitAll() .permitAll()
.antMatchers("/personalSettings.view", "/passwordSettings.view", .antMatchers("/personalSettings*", "/passwordSettings*",
"/playerSettings.view", "/shareSettings.view", "/passwordSettings.view") "/playerSettings*", "/shareSettings*", "/passwordSettings*")
.hasRole("SETTINGS") .hasRole("SETTINGS")
.antMatchers("/generalSettings.view", "/advancedSettings.view", "/userSettings.view", .antMatchers("/generalSettings*", "/advancedSettings*", "/userSettings*",
"/musicFolderSettings.view", "/databaseSettings.view") "/musicFolderSettings*", "/databaseSettings*")
.hasRole("ADMIN") .hasRole("ADMIN")
.antMatchers("/deletePlaylist.view", "/savePlaylist.view") .antMatchers("/deletePlaylist*", "/savePlaylist*", "/db*")
.hasRole("PLAYLIST") .hasRole("PLAYLIST")
.antMatchers("/download.view") .antMatchers("/download*")
.hasRole("DOWNLOAD") .hasRole("DOWNLOAD")
.antMatchers("/upload.view") .antMatchers("/upload*")
.hasRole("UPLOAD") .hasRole("UPLOAD")
.antMatchers("/createShare.view") .antMatchers("/createShare*")
.hasRole("SHARE") .hasRole("SHARE")
.antMatchers("/changeCoverArt.view", "/editTags.view") .antMatchers("/changeCoverArt*", "/editTags*")
.hasRole("COVERART") .hasRole("COVERART")
.antMatchers("/setMusicFileInfo.view") .antMatchers("/setMusicFileInfo*")
.hasRole("COMMENT") .hasRole("COMMENT")
.antMatchers("/podcastReceiverAdmin.view") .antMatchers("/podcastReceiverAdmin*")
.hasRole("PODCAST") .hasRole("PODCAST")
.antMatchers("/**") .antMatchers("/**")
.hasRole("USER") .hasRole("USER")
@ -155,7 +155,7 @@ public class GlobalSecurityConfig extends GlobalAuthenticationConfigurerAdapter
.and().formLogin() .and().formLogin()
.loginPage("/login") .loginPage("/login")
.permitAll() .permitAll()
.defaultSuccessUrl("/index.view", true) .defaultSuccessUrl("/index", true)
.failureUrl(FAILURE_URL) .failureUrl(FAILURE_URL)
.usernameParameter("j_username") .usernameParameter("j_username")
.passwordParameter("j_password") .passwordParameter("j_password")

Write Preview
Loading…
Cancel
Save