wip

src/main/java/com/jh/boot/security/JhSecurityConfig.java

@@ -8,7 +8,9 @@ import javax.servlet.http.HttpServletResponse;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.AuthenticationException;

src/main/java/com/jh/boot/security/model/AppRole.java

@@ -8,6 +8,8 @@ import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.Table;
 
+import org.springframework.security.core.GrantedAuthority;
+
 import com.jh.boot.jpa.AbstractIdEntity;
 
 /**
@@ -17,7 +19,7 @@ import com.jh.boot.jpa.AbstractIdEntity;
  */
 @Entity
 @Table(name = "APP_ROLE")
-public class AppRole extends AbstractIdEntity {
+public class AppRole extends AbstractIdEntity implements GrantedAuthority {
 
 	private static final long serialVersionUID = 1L;
 
@@ -26,6 +28,17 @@ public class AppRole extends AbstractIdEntity {
 
 	
 	
+	public AppRole() {
+		super();
+	}
+
+	
+	public AppRole(String name) {
+		super();
+		this.name = name;
+	}
+
+
 	public String getName() {
 		return name;
 	}
@@ -34,4 +47,9 @@ public class AppRole extends AbstractIdEntity {
 		this.name = name;
 	}
 
+	@Override
+	public String getAuthority() {
+		return getName();
+	}
+
 }

src/main/java/com/jh/boot/security/service/AppUserAuthService.java

@@ -2,9 +2,7 @@ package com.jh.boot.security.service;
 
 import java.util.Collection;
 import java.util.Date;
-import java.util.HashSet;
 import java.util.Locale;
-import java.util.Set;
 import java.util.UUID;
 
 import org.slf4j.Logger;
@@ -19,9 +17,9 @@ import org.springframework.util.StringUtils;
 import com.jh.boot.security.AppUserAuthentication;
 import com.jh.boot.security.AuthService;
 import com.jh.boot.security.AuthServiceListener;
-import com.jh.boot.security.GrantedRole;
 import com.jh.boot.security.PasswordHash;
 import com.jh.boot.security.PasswordUtils;
+import com.jh.boot.security.model.AppRole;
 import com.jh.boot.security.model.AppUser;
 import com.jh.boot.security.model.ResetPasswordToken;
 import com.jh.boot.security.repository.AppUserRepository;
@@ -54,12 +52,13 @@ public class AppUserAuthService implements AuthService {
 		user.setPasswordSalt(null);
 		user.setVersion(null);
 		
-		Set<GrantedRole> roles = new HashSet<>();
+		//ADD implicit user
+		user.getRoles().add(new AppRole("USER"));
 		
 		//initialize roles
 		user.initRolesMap();
 		
-		AppUserAuthentication auth = new AppUserAuthentication(user, roles);
+		AppUserAuthentication auth = new AppUserAuthentication(user, user.getRoles());
 		return auth;
 	}