SEC-2194: Remove login page from hellomvc and insecuremvc

2013-08-09 11:39:16 -05:00 · 2013-08-09 11:39:16 -05:00 · 22e4d1646a
parent 13da42ca1b
commit 22e4d1646a
4 changed files with 2 additions and 91 deletions
--- a/samples/hellomvc-jc/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java
+++ b/samples/hellomvc-jc/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java
@ -15,6 +15,7 @@
 */
 package org.springframework.security.samples.config;

+import org.springframework.core.annotation.Order;
 import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;

 /**
@ -22,5 +23,6 @@ import org.springframework.security.web.context.AbstractSecurityWebApplicationIn
 *
 * @author Rob Winch
 */
+@Order(2)
 public class MessageSecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
 }
--- a/samples/hellomvc-jc/src/main/java/org/springframework/security/samples/config/SecurityConfig.java
+++ b/samples/hellomvc-jc/src/main/java/org/springframework/security/samples/config/SecurityConfig.java
@ -2,7 +2,6 @@ package org.springframework.security.samples.config;

 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@ -17,16 +16,4 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
            .inMemoryAuthentication()
                .withUser("user").password("password").roles("USER");
    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http
-            .authorizeRequests()
-                .antMatchers("/resources/**").permitAll()
-                .anyRequest().authenticated()
-                .and()
-            .formLogin()
-                .loginPage("/login")
-                .permitAll();
-    }
 }
--- a/samples/hellomvc-jc/src/main/webapp/WEB-INF/views/login.jspx
+++ b/samples/hellomvc-jc/src/main/webapp/WEB-INF/views/login.jspx
@ -1,39 +0,0 @@
-<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
-    xmlns:spring="http://www.springframework.org/tags"
-    xmlns:c="http://java.sun.com/jsp/jstl/core"
-    xmlns:form="http://www.springframework.org/tags/form" version="2.0">
-    <jsp:directive.page language="java" contentType="text/html" />
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
-<head>
-<title>Please Login</title>
-</head>
-<body>
-    <c:url value="/login" var="loginUrl"/>
-    <form name="f" action="${loginUrl}" method="post">
-        <fieldset>
-            <legend>Please Login</legend>
-            <c:if test="${param.error != null}">
-                <div class="alert alert-error">
-                    Failed to login.
-                    <c:if test="${SPRING_SECURITY_LAST_EXCEPTION != null}">
-                      Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}" />
-                    </c:if>
-                </div>
-            </c:if>
-            <c:if test="${param.logout != null}">
-                <div class="alert alert-success">
-                    You have been logged out.
-                </div>
-            </c:if>
-            <label for="j_username">Username</label>
-            <input type="text" id="j_username" name="username" value="${username}"/>
-            <label for="j_password">Password</label>
-            <input type="password" id="j_password" name="password"/>
-            <div class="form-actions">
-                <button type="submit" class="btn">Log in</button>
-            </div>
-        </fieldset>
-    </form>
-</body>
-</html>
-</jsp:root>
--- a/samples/insecuremvc/src/main/webapp/WEB-INF/views/login.jspx
+++ b/samples/insecuremvc/src/main/webapp/WEB-INF/views/login.jspx
@ -1,39 +0,0 @@
-<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
-    xmlns:spring="http://www.springframework.org/tags"
-    xmlns:c="http://java.sun.com/jsp/jstl/core"
-    xmlns:form="http://www.springframework.org/tags/form" version="2.0">
-    <jsp:directive.page language="java" contentType="text/html" />
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
-<head>
-<title>Please Login</title>
-</head>
-<body>
-    <c:url value="/login" var="loginUrl"/>
-    <form name="f" action="${loginUrl}" method="post">
-        <fieldset>
-            <legend>Please Login</legend>
-            <c:if test="${param.error != null}">
-                <div class="alert alert-error">
-                    Failed to login.
-                    <c:if test="${SPRING_SECURITY_LAST_EXCEPTION != null}">
-                      Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}" />
-                    </c:if>
-                </div>
-            </c:if>
-            <c:if test="${param.logout != null}">
-                <div class="alert alert-success">
-                    You have been logged out.
-                </div>
-            </c:if>
-            <label for="j_username">Username</label>
-            <input type="text" id="j_username" name="username" value="${username}"/>
-            <label for="j_password">Password</label>
-            <input type="password" id="j_password" name="password"/>
-            <div class="form-actions">
-                <button type="submit" class="btn">Log in</button>
-            </div>
-        </fieldset>
-    </form>
-</body>
-</html>
-</jsp:root>