Class SecurityConfig
java.lang.Object
com.raphaelsalles.backend.infra.security.SecurityConfig
Configuração de Segurança do Spring Security.
Propósito: Definir as regras de autenticação e autorização da aplicação. Configura o filtro JWT, desabilita CSRF (API Stateless) e define permissões de endpoints.
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.authentication.AuthenticationManagerauthenticationManager(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration config) Expõe o AuthenticationManager como Bean.org.springframework.security.web.SecurityFilterChainsecurityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) Configura a cadeia de filtros de segurança.
-
Field Details
-
securityFilter
-
-
Constructor Details
-
SecurityConfig
-
-
Method Details
-
securityFilterChain
@Bean public org.springframework.security.web.SecurityFilterChain securityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception Configura a cadeia de filtros de segurança.Regras:
- Endpoints públicos: /api/auth/**, /api/dev/**, Swagger.
- Endpoints protegidos: Todos os demais exigem autenticação.
- Endpoints administrativos: /api/painel-gestao/** exigem role ADMIN.
- Parameters:
http- O objeto HttpSecurity.- Returns:
- A cadeia de filtros configurada.
- Throws:
Exception
-
authenticationManager
@Bean public org.springframework.security.authentication.AuthenticationManager authenticationManager(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration config) throws Exception Expõe o AuthenticationManager como Bean.- Parameters:
config- A configuração de autenticação.- Returns:
- O AuthenticationManager.
- Throws:
Exception
-