tmvolpato/SecurityConfiguration.java

## SecurityConfiguration.java
public class SecurityConfiguration {

		@Inject
		private Authorization authorization;

		@Inject
		private EntityManagerContextInitializer contextInitializer;

		private static final String JPA_CONFIG = "jpa.config";
		private static final String LOGIN_PAGE = "/login.faces";
		private static final String LOGIN_PAGE_REDIRECT_TO = LOGIN_PAGE + ".xhtml?faces-redirect=true";
		private static final String ERROR_PAGE = "/error-page.xhtml?failure=true";
		private static final String LOGOUT = "/logout";
		private static final String RESOURCES = "/javax.faces.resource/**";

		private static final String USER = "/main/entries/user/**";

		@SuppressWarnings("unchecked")
		public void ConfigureInternal(@Observes SecurityConfigurationEvent event) {
			final SecurityConfigurationBuilder builder = event.getBuilder();

			builder.idmConfig()
					.named(JPA_CONFIG)
					.stores()
					.jpa()
					.supportType(User.class,Role.class, Group.class,Partition.class)
					.supportGlobalRelationship(Grant.class, GroupMembership.class)
					.supportCredentials(true)
					.mappedEntity(
							RoleTypeEntity.class,
							UserTypeEntity.class,
							GrantTypeEntity.class,
							GroupTypeEntity.class,
							PasswordTypeEntity.class,
							PartitionTypeEntity.class,
							RelationshipTypeEntity.class,
							GroupMembershipTypeEntity.class,
							RelationshipIdentityTypeEntity.class)
					.addContextInitializer(this.contextInitializer)
					.setCredentialHandlerProperty(
							PasswordCredentialHandler.PASSWORD_ENCODER,
							new BCryptPasswordEncoder(10));
		}
        public void configureHttpSecurity(@Observes SecurityConfigurationEvent event) {
			final SecurityConfigurationBuilder builder = event.getBuilder();

			builder.http().allPaths().authenticateWith().form()
					.loginPage(LOGIN_PAGE).errorPage(ERROR_PAGE).forPath(LOGOUT)
					.logout().redirectTo(LOGIN_PAGE_REDIRECT_TO).forPath(RESOURCES)
					.unprotected().forPath(USER).authorizeWith()
					.role(this.authorization.USER_VIEW);
		}
}
	public class SecurityConfiguration {

	@Inject
	private Authorization authorization;

	@Inject
	private EntityManagerContextInitializer contextInitializer;

	private static final String JPA_CONFIG = "jpa.config";
	private static final String LOGIN_PAGE = "/login.faces";
	private static final String LOGIN_PAGE_REDIRECT_TO = LOGIN_PAGE + ".xhtml?faces-redirect=true";
	private static final String ERROR_PAGE = "/error-page.xhtml?failure=true";
	private static final String LOGOUT = "/logout";
	private static final String RESOURCES = "/javax.faces.resource/**";

	private static final String USER = "/main/entries/user/**";

	@SuppressWarnings("unchecked")
	public void ConfigureInternal(@Observes SecurityConfigurationEvent event) {
	final SecurityConfigurationBuilder builder = event.getBuilder();

	builder.idmConfig()
	.named(JPA_CONFIG)
	.stores()
	.jpa()
	.supportType(User.class,Role.class, Group.class,Partition.class)
	.supportGlobalRelationship(Grant.class, GroupMembership.class)
	.supportCredentials(true)
	.mappedEntity(
	RoleTypeEntity.class,
	UserTypeEntity.class,
	GrantTypeEntity.class,
	GroupTypeEntity.class,
	PasswordTypeEntity.class,
	PartitionTypeEntity.class,
	RelationshipTypeEntity.class,
	GroupMembershipTypeEntity.class,
	RelationshipIdentityTypeEntity.class)
	.addContextInitializer(this.contextInitializer)
	.setCredentialHandlerProperty(
	PasswordCredentialHandler.PASSWORD_ENCODER,
	new BCryptPasswordEncoder(10));
	}
	public void configureHttpSecurity(@Observes SecurityConfigurationEvent event) {
	final SecurityConfigurationBuilder builder = event.getBuilder();

	builder.http().allPaths().authenticateWith().form()
	.loginPage(LOGIN_PAGE).errorPage(ERROR_PAGE).forPath(LOGOUT)
	.logout().redirectTo(LOGIN_PAGE_REDIRECT_TO).forPath(RESOURCES)
	.unprotected().forPath(USER).authorizeWith()
	.role(this.authorization.USER_VIEW);
	}
	}