Merge remote-tracking branch 'upstream/master'

.travis.yml

@@ -0,0 +1,17 @@
+language: java
+
+install: travis_wait 40 mvn -q clean install
+
+jdk:
+  - oraclejdk8
+
+sudo: false
+addons:
+  apt:
+    packages:
+      - oracle-java8-installer
+
+cache:
+  directories:
+  - .autoconf
+  - $HOME/.m2

spring-boot/src/main/java/org/baeldung/controller/GenericEntityController.java

@@ -54,8 +54,6 @@ public class GenericEntityController {
 
     @GetMapping("/entity/findbyversion")
     public ResponseEntity findByVersion(@Version String version) {
-        return version != null
-            ? new ResponseEntity(entityList.stream().findFirst().get(), HttpStatus.OK)
-            : new ResponseEntity(HttpStatus.NOT_FOUND);
+        return version != null ? new ResponseEntity(entityList.stream().findFirst().get(), HttpStatus.OK) : new ResponseEntity(HttpStatus.NOT_FOUND);
     }
 }

spring-boot/src/test/java/com/baeldung/annotation/servletcomponentscan/JavaEEAppIntegrationTest.java

@@ -1,17 +1,12 @@
 package com.baeldung.annotation.servletcomponentscan;
 
-import com.baeldung.annotation.servletcomponentscan.javaee.AttrListener;
-import com.baeldung.annotation.servletcomponentscan.javaee.EchoServlet;
-import com.baeldung.annotation.servletcomponentscan.javaee.HelloFilter;
-import com.baeldung.annotation.servletcomponentscan.javaee.HelloServlet;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.container.test.api.RunAsClient;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.arquillian.test.api.ArquillianResource;
-import org.jboss.shrinkwrap.api.ShrinkWrap;
-import org.jboss.shrinkwrap.api.spec.WebArchive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URL;
 
 import javax.inject.Inject;
 import javax.servlet.FilterRegistration;
@@ -22,24 +17,31 @@ import javax.ws.rs.client.Entity;
 import javax.ws.rs.client.WebTarget;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URL;
 
-import static org.junit.Assert.*;
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.container.test.api.RunAsClient;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import com.baeldung.annotation.servletcomponentscan.javaee.AttrListener;
+import com.baeldung.annotation.servletcomponentscan.javaee.EchoServlet;
+import com.baeldung.annotation.servletcomponentscan.javaee.HelloFilter;
+import com.baeldung.annotation.servletcomponentscan.javaee.HelloServlet;
 
 @RunWith(Arquillian.class)
-public class JavaEEAppTest {
+public class JavaEEAppIntegrationTest {
 
     @Deployment
     public static WebArchive createDeployment() {
-        return ShrinkWrap
-          .create(WebArchive.class)
-          .addClass(JavaEEApp.class)
-          .addClasses(AttrListener.class, HelloFilter.class, HelloServlet.class, EchoServlet.class);
+        return ShrinkWrap.create(WebArchive.class).addClass(JavaEEApp.class).addClasses(AttrListener.class, HelloFilter.class, HelloServlet.class, EchoServlet.class);
     }
 
-    @Inject private ServletContext servletContext;
+    @Inject
+    private ServletContext servletContext;
 
     @Test
     public void givenServletContextListener_whenAccessSpecialAttrs_thenFound() throws MalformedURLException {
@@ -54,21 +56,18 @@ public class JavaEEAppTest {
         FilterRegistration filterRegistration = servletContext.getFilterRegistration("hello filter");
 
         assertNotNull(filterRegistration);
-        assertTrue(filterRegistration
-          .getServletNameMappings()
-          .contains("echo servlet"));
+        assertTrue(filterRegistration.getServletNameMappings().contains("echo servlet"));
     }
 
-    @ArquillianResource private URL base;
+    @ArquillianResource
+    private URL base;
 
     @Test
     @RunAsClient
     public void givenFilterAndServlet_whenGetHello_thenRespondFilteringHello() throws MalformedURLException {
         Client client = ClientBuilder.newClient();
         WebTarget target = client.target(URI.create(new URL(base, "hello").toExternalForm()));
-        Response response = target
-          .request()
-          .get();
+        Response response = target.request().get();
 
         assertEquals("filtering hello", response.readEntity(String.class));
     }
@@ -78,9 +77,7 @@ public class JavaEEAppTest {
     public void givenFilterAndServlet_whenPostEcho_thenEchoFiltered() throws MalformedURLException {
         Client client = ClientBuilder.newClient();
         WebTarget target = client.target(URI.create(new URL(base, "echo").toExternalForm()));
-        Response response = target
-          .request()
-          .post(Entity.entity("echo", MediaType.TEXT_PLAIN_TYPE));
+        Response response = target.request().post(Entity.entity("echo", MediaType.TEXT_PLAIN_TYPE));
 
         assertEquals("filtering echo", response.readEntity(String.class));
     }

spring-boot/src/test/java/com/baeldung/annotation/servletcomponentscan/SpringBootWithServletComponentIntegrationTest.java

@@ -20,7 +20,7 @@ import static org.junit.Assert.*;
 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = SpringBootAnnotatedApp.class)
 @AutoConfigureMockMvc
 @TestPropertySource(properties = { "security.basic.enabled=false", "server.tomcat.additional-tld-skip-patterns=tomee-*.jar,tomcat-*.jar,openejb-*.jar,cxf-*.jar,activemq-*.jar" })
-public class SpringBootWithServletComponentTest {
+public class SpringBootWithServletComponentIntegrationTest {
 
     @Autowired private ServletContext servletContext;
 

spring-boot/src/test/java/com/baeldung/annotation/servletcomponentscan/SpringBootWithoutServletComponentIntegrationTest.java

@@ -20,7 +20,7 @@ import static org.junit.Assert.*;
 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = SpringBootPlainApp.class)
 @AutoConfigureMockMvc
 @TestPropertySource(properties = { "security.basic.enabled=false", "server.tomcat.additional-tld-skip-patterns=tomee-*.jar,tomcat-*.jar,openejb-*.jar,cxf-*.jar,activemq-*.jar" })
-public class SpringBootWithoutServletComponentTest {
+public class SpringBootWithoutServletComponentIntegrationTest {
 
     @Autowired private ServletContext servletContext;
 

spring-boot/src/test/java/org/baeldung/SpringBootApplicationIntegrationTest.java

@@ -45,9 +45,7 @@ public class SpringBootApplicationIntegrationTest {
     public void givenRequestHasBeenMade_whenMeetsFindByDateOfGivenConditions_thenCorrect() throws Exception {
         MediaType contentType = new MediaType(MediaType.APPLICATION_JSON.getType(), MediaType.APPLICATION_JSON.getSubtype(), Charset.forName("utf8"));
 
-        mockMvc.perform(MockMvcRequestBuilders.get("/entity/findbydate/{date}", "2011-12-03T10:15:30"))
-            .andExpect(MockMvcResultMatchers.status().isOk())
-            .andExpect(MockMvcResultMatchers.content().contentType(contentType))
+        mockMvc.perform(MockMvcRequestBuilders.get("/entity/findbydate/{date}", "2011-12-03T10:15:30")).andExpect(MockMvcResultMatchers.status().isOk()).andExpect(MockMvcResultMatchers.content().contentType(contentType))
                 .andExpect(jsonPath("$.id", equalTo(1)));
     }
 
@@ -55,19 +53,14 @@ public class SpringBootApplicationIntegrationTest {
     public void givenRequestHasBeenMade_whenMeetsFindByModeOfGivenConditions_thenCorrect() throws Exception {
         MediaType contentType = new MediaType(MediaType.APPLICATION_JSON.getType(), MediaType.APPLICATION_JSON.getSubtype(), Charset.forName("utf8"));
 
-        mockMvc.perform(MockMvcRequestBuilders.get("/entity/findbymode/{mode}", Modes.ALPHA.name()))
-            .andExpect(MockMvcResultMatchers.status().isOk())
-            .andExpect(MockMvcResultMatchers.content().contentType(contentType))
-            .andExpect(jsonPath("$.id", equalTo(1)));
+        mockMvc.perform(MockMvcRequestBuilders.get("/entity/findbymode/{mode}", Modes.ALPHA.name())).andExpect(MockMvcResultMatchers.status().isOk()).andExpect(MockMvcResultMatchers.content().contentType(contentType)).andExpect(jsonPath("$.id", equalTo(1)));
     }
 
     @Test
     public void givenRequestHasBeenMade_whenMeetsFindByVersionOfGivenConditions_thenCorrect() throws Exception {
         MediaType contentType = new MediaType(MediaType.APPLICATION_JSON.getType(), MediaType.APPLICATION_JSON.getSubtype(), Charset.forName("utf8"));
 
-        mockMvc.perform(MockMvcRequestBuilders.get("/entity/findbyversion").header("Version", "1.0.0"))
-            .andExpect(MockMvcResultMatchers.status().isOk())
-            .andExpect(MockMvcResultMatchers.content().contentType(contentType))
+        mockMvc.perform(MockMvcRequestBuilders.get("/entity/findbyversion").header("Version", "1.0.0")).andExpect(MockMvcResultMatchers.status().isOk()).andExpect(MockMvcResultMatchers.content().contentType(contentType))
                 .andExpect(jsonPath("$.id", equalTo(1)));
     }
 }

spring-mvc-forms/pom.xml

@@ -47,22 +47,6 @@
         	<version>${fileupload.version}</version>
         </dependency>
         
-         <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-web</artifactId>
-            <version>${org.springframework.security.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-config</artifactId>
-            <version>${org.springframework.security.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-taglibs</artifactId>
-            <version>${org.springframework.security.version}</version>
-        </dependency>
-        
     </dependencies>
     <profiles>
         <!-- Local -->
@@ -115,7 +99,6 @@
         <hibernate-validator.version>5.3.3.Final</hibernate-validator.version>
         <deploy-path>enter-location-of-server</deploy-path>
 		<fileupload.version>1.3.2</fileupload.version>
-		<org.springframework.security.version>4.2.1.RELEASE</org.springframework.security.version>
     </properties>
 
 </project>

spring-mvc-forms/src/main/java/com/baeldung/springmvcforms/configuration/WebInitializer.java

@@ -3,7 +3,6 @@ package com.baeldung.springmvcforms.configuration;
 import org.springframework.web.WebApplicationInitializer;
 import org.springframework.web.context.ContextLoaderListener;
 import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
-import org.springframework.web.filter.DelegatingFilterProxy;
 import org.springframework.web.servlet.DispatcherServlet;
 
 import javax.servlet.ServletContext;
@@ -26,8 +25,6 @@ public class WebInitializer implements WebApplicationInitializer {
 		servlet.setLoadOnStartup(1);
 		servlet.addMapping("/");
 
-		container.addFilter("springSecurityFilterChain", new DelegatingFilterProxy("springSecurityFilterChain"))
-        .addMappingForUrlPatterns(null, false, "/*");
 	}
 //	@Override
 //	public void onStartup(ServletContext container) {

spring-mvc-forms/src/main/webapp/WEB-INF/views/403.jsp

@@ -1,12 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
-    pageEncoding="ISO-8859-1"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
-<title></title>
-</head>
-<body>
-Your do not have permission to view this page.
-</body>
-</html>

spring-mvc-forms/src/main/webapp/WEB-INF/views/adminPage.jsp

@@ -1,16 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
-    pageEncoding="ISO-8859-1"%>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
-<title>Insert title here</title>
-</head>
-<body>
-Welcome admin! <a href="<c:url value='/admin_logout' /> " >Logout</a>
-
-<br /><br />
-<a href="<c:url value='/protectedLinks' /> " >Back to links</a>
-</body>
-</html>

spring-mvc-forms/src/main/webapp/WEB-INF/views/protectedLinks.jsp

@@ -1,16 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
-    pageEncoding="ISO-8859-1"%>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
-<title>Insert title here</title>
-</head>
-<body>
-
-<a href="<c:url value="/userPage" />">User page</a>
-<br />
-<a href="<c:url value="/adminPage" />">Admin page</a>
-</body>
-</html>

spring-mvc-forms/src/main/webapp/WEB-INF/views/userPage.jsp

@@ -1,15 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
-    pageEncoding="ISO-8859-1"%>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
-<title>Insert title here</title>
-</head>
-<body>
-Welcome user! <a href="<c:url value='/user_logout' /> " >Logout</a>
-<br /><br />
-<a href="<c:url value='/protectedLinks' /> " >Back to links</a>
-</body>
-</html>

spring-security-custom-permission/pom.xml

@@ -129,6 +129,12 @@
             <version>${spring-security-taglibs.version}</version>
         </dependency>
 		
+		 <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>${spring-security-core.version}</version>
+        </dependency>
+
         <dependency>
             <groupId>javax.servlet.jsp.jstl</groupId>
             <artifactId>jstl-api</artifactId>
@@ -280,11 +286,15 @@
         <start-class>org.baeldung.Application</start-class>
         <!--If you want to run the example with the voters comment the tag above and uncomment the one below-->
         <!--<start-class>org.baeldung.voter.VoterApplication</start-class>-->
+        <!--If you want to run the example with the multiple logins, comment the tag above and uncomment the one below-->
+        <!--<start-class>org.baeldung.multiplelogin.MultipleLoginApplication</start-class>-->
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <java.version>1.8</java.version>
         <derby.version>10.13.1.1</derby.version>
         <taglibs-standard.version>1.1.2</taglibs-standard.version>
         <spring-security-taglibs.version>4.2.0.RELEASE</spring-security-taglibs.version>
+		  <spring-security-core.version>4.2.0.RELEASE</spring-security-core.version>
+      
         <jstl.version>1.2</jstl.version>
         <rest-assured.version>2.4.0</rest-assured.version>
         <cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>

spring-security-custom-permission/src/main/java/org/baeldung/Application.java

@@ -9,7 +9,7 @@ import org.springframework.context.annotation.FilterType;
 
 @Configuration
 @EnableAutoConfiguration
-@ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"))
+@ComponentScan(excludeFilters = {@ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"), @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.multiplelogin.*")})
 public class Application extends SpringBootServletInitializer {
     public static void main(String[] args) {
         SpringApplication.run(Application.class, args);

spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java

@@ -0,0 +1,22 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.context.web.SpringBootServletInitializer;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+
+@SpringBootApplication
+@ComponentScan("org.baeldung.multiplelogin")
+public class MultipleLoginApplication extends SpringBootServletInitializer {
+    public static void main(String[] args) {
+        SpringApplication.run(MultipleLoginApplication.class, args);
+    }
+	
+	@Override
+	protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
+		return application.sources(MultipleLoginApplication.class);
+	}
+}

spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java

@@ -0,0 +1,45 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.ViewResolver;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+import org.springframework.web.servlet.view.InternalResourceViewResolver;
+import org.springframework.web.servlet.view.JstlView;
+import org.springframework.context.annotation.ComponentScan;
+
+@EnableWebMvc
+@Configuration
+@ComponentScan("org.baeldung.controller")
+public class MultipleLoginMvcConfig extends WebMvcConfigurerAdapter {
+
+    public MultipleLoginMvcConfig() {
+        super();
+    }
+
+    // API
+
+    @Override
+    public void addViewControllers(final ViewControllerRegistry registry) {
+        super.addViewControllers(registry);
+
+        registry.addViewController("/anonymous.html");
+
+        registry.addViewController("/login.html");
+        registry.addViewController("/homepage.html");
+        registry.addViewController("/console.html");
+    }
+
+    @Bean
+    public ViewResolver viewResolver() {
+        final InternalResourceViewResolver bean = new InternalResourceViewResolver();
+
+        bean.setViewClass(JstlView.class);
+        bean.setPrefix("/WEB-INF/view/");
+        bean.setSuffix(".jsp");
+
+        return bean;
+    }
+}

spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java

@@ -1,4 +1,4 @@
-package com.baeldung.springmvcforms.configuration;
+package org.baeldung.multiplelogin;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -16,7 +16,7 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 @Configuration
 @EnableWebSecurity
-public class SecurityConfig {
+public class MultipleLoginSecurityConfig {
 
     @Bean
     public UserDetailsService userDetailsService() throws Exception {

spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java

@@ -1,4 +1,4 @@
-package com.baeldung.springmvcforms.controller;
+package org.baeldung.multiplelogin;
 
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;

spring-security-custom-permission/src/main/resources/templates/403.html

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title></title>
+</head>
+<body>
+You do not have permission to view this page.
+</body>
+</html>

spring-security-custom-permission/src/main/resources/templates/adminPage.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Insert title here</title>
+</head>
+<body>
+Welcome admin! <a th:href="@{/admin_logout}" >Logout</a>
+
+<br /><br />
+<a th:href="@{/protectedLinks}" >Back to links</a>
+</body>
+</html>

spring-security-custom-permission/src/main/resources/templates/login.html

@@ -0,0 +1,27 @@
+<html>
+<head></head>
+
+<body>
+    <h1>Login</h1>
+
+    <form name='f' action="login" method='POST'>
+
+        <table>
+            <tr>
+                <td>User:</td>
+                <td><input type="text" name="username"></td>
+            </tr>
+            <tr>
+                <td>Password:</td>
+                <td><input type="password" name="password" /></td>
+            </tr>
+			
+            <tr>
+                <td><input name="submit" type="submit" value="submit" /></td>
+            </tr>
+        </table>
+
+    </form>
+
+</body>
+</html>

spring-security-custom-permission/src/main/resources/templates/loginAdmin.html

@@ -1,10 +1,7 @@
-<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
-	pageEncoding="ISO-8859-1"%>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!DOCTYPE html>
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
 <title>Insert title here</title>
 </head>
 <body>
@@ -15,7 +12,7 @@
         <table>
             <tr>
                 <td>User:</td>
-                <td><input type="text" name="username" value=""></td>
+                <td><input type="text" name="username" /></td>
             </tr>
             <tr>
                 <td>Password:</td>
@@ -28,11 +25,7 @@
 
     </form>
 
-    <%
-        if (request.getParameter("error") != null) {
-            out.println("Login failed!");
-        }
-    %>
+    <p th:if="${param.error}">Login failed!</p>
 
 </body>
 </html>

spring-security-custom-permission/src/main/resources/templates/loginUser.html

@@ -1,10 +1,7 @@
-<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
-	pageEncoding="ISO-8859-1"%>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!DOCTYPE html>
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
 <title>Login</title>
 </head>
 <body>
@@ -15,7 +12,7 @@
         <table>
             <tr>
                 <td>User:</td>
-                <td><input type="text" name="username" value=""></td>
+                <td><input type="text" name="username" /></td>
             </tr>
             <tr>
                 <td>Password:</td>
@@ -27,11 +24,7 @@
         </table>
 
     </form>
-    <%
-        if (request.getParameter("error") != null) {
-            out.println("Login failed!");
-        }
-    %>
+    <p th:if="${param.error}">Login failed!</p>
 
 </body>
 </html>

spring-security-custom-permission/src/main/resources/templates/protectedLinks.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Insert title here</title>
+</head>
+<body>
+
+<a th:href="@{/userPage}">User page</a>
+<br />
+<a th:href="@{/adminPage}">Admin page</a>
+</body>
+</html>

spring-security-custom-permission/src/main/resources/templates/userPage.html

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Insert title here</title>
+</head>
+<body>
+Welcome user! <a th:href="@{/user_logout}" >Logout</a>
+<br /><br />
+<a th:href="@{/protectedLinks}" >Back to links</a>
+</body>
+</html>