security work

2013-06-02 19:27:41 +03:00 · 2013-06-02 19:27:41 +03:00 · 1696627374
parent 56c520a694
commit 1696627374
4 changed files with 51 additions and 20 deletions
--- a/spring-security-custom/src/main/java/org/baeldung/spring/MvcConfig.java
+++ b/spring-security-custom/src/main/java/org/baeldung/spring/MvcConfig.java
@ -23,7 +23,7 @@ public class MvcConfig extends WebMvcConfigurerAdapter {
    public void addViewControllers(final ViewControllerRegistry registry) {
        super.addViewControllers(registry);

-        // registry.addViewController("/login.html");
+        registry.addViewController("/login.html");
        registry.addViewController("/homepage.html");
    }

--- a/spring-security-custom/src/main/resources/webSecurityConfig.xml
+++ b/spring-security-custom/src/main/resources/webSecurityConfig.xml
@ -1,24 +1,31 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
-    xmlns:sec="http://www.springframework.org/schema/security"
    xsi:schemaLocation="
-      http://www.springframework.org/schema/security
-      http://www.springframework.org/schema/security/spring-security-3.1.xsd
-      http://www.springframework.org/schema/beans
-      http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
+        http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security-3.1.xsd
+        http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">

-    <http use-expressions="true" entry-point-ref="restAuthenticationEntryPoint">
-        <intercept-url pattern="/api/**" access="isAuthenticated()" />
+    <http use-expressions="true">
+        <intercept-url pattern="/anonymous*" access="isAnonymous()" />
+        <intercept-url pattern="/login*" access="permitAll" />
+        <intercept-url pattern="/**" access="isAuthenticated()" />

-        <sec:form-login authentication-success-handler-ref="mySuccessHandler" />
+        <form-login login-page='/login.html' login-processing-url="/perform_login" default-target-url="/homepage.html" authentication-failure-url="/login.html?error=true"
+            always-use-default-target="true" />

-        <logout />
    </http>

-    <beans:bean id="mySuccessHandler" class="org.baeldung.security.MySavedRequestAwareAuthenticationSuccessHandler" />
-
    <authentication-manager>
-        <authentication-provider ref="customAuthenticationProvider" />
+        <authentication-provider>
+            <user-service>
+                <user name="user1" password="user1Pass" authorities="ROLE_USER" />
+            </user-service>
+        </authentication-provider>
    </authentication-manager>

+    <!-- <authentication-manager> -->
+    <!-- <authentication-provider ref="customAuthenticationProvider" /> -->
+    <!-- </authentication-manager> -->
+
 </beans:beans>
--- a/spring-security-custom/src/main/webapp/WEB-INF/view/login.jsp
+++ b/spring-security-custom/src/main/webapp/WEB-INF/view/login.jsp
@ -0,0 +1,26 @@
+<html>
+<head></head>
+
+<body>
+	<h1>Login</h1>
+
+	<form name='f' action="perform_login" method='POST'>
+
+		<table>
+			<tr>
+				<td>User:</td>
+				<td><input type='text' name='j_username' value=''></td>
+			</tr>
+			<tr>
+				<td>Password:</td>
+				<td><input type='password' name='j_password' /></td>
+			</tr>
+			<tr>
+				<td><input name="submit" type="submit" value="submit" /></td>
+			</tr>
+		</table>
+
+	</form>
+
+</body>
+</html>
--- a/spring-security-login/src/main/resources/webSecurityConfig.xml
+++ b/spring-security-login/src/main/resources/webSecurityConfig.xml
@ -2,16 +2,14 @@
 <beans:beans xmlns="http://www.springframework.org/schema/security"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
 	xsi:schemaLocation="
-		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
-		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
+		http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security-3.1.xsd
+		http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">

-    <debug/>
-    
 	<http use-expressions="true" >
 		<intercept-url pattern="/anonymous*" access="isAnonymous()" />
-		
        <intercept-url pattern="/login*" access="permitAll" />
-        
        <intercept-url pattern="/**" access="isAuthenticated()" />

 		<form-login 
@ -28,7 +26,7 @@
            
 	</http>
    
-    <beans:bean name="customLogoutSuccessHandler" class="org.baeldung.spring.security.CustomLogoutSuccessHandler" />
+    <beans:bean name="customLogoutSuccessHandler" class="org.baeldung.security.CustomLogoutSuccessHandler" />

 	<authentication-manager>
 		<authentication-provider>