From 1724f67a3934817860b8ee69d61cacd32da4c9ce Mon Sep 17 00:00:00 2001 From: timis1 <12120641+timis1@users.noreply.github.com> Date: Sat, 20 Jan 2024 01:03:25 +0200 Subject: [PATCH] JAVA-29312 Upgrade spring-security-web-mvc (#15687) Co-authored-by: timis1 --- .../spring-security-web-mvc/.gitignore | 2 +- .../spring-security-web-mvc/pom.xml | 23 +++---- .../clearsitedata/SpringSecurityConfig.java | 24 ++++---- ...SimpleUrlAuthenticationSuccessHandler.java | 10 ++-- .../session/filter/SessionFilter.java | 18 +++--- .../security/config/SecSecurityConfig.java | 60 +++++++++---------- .../baeldung/session/web/FooController.java | 2 +- .../session/web/SessionRestController.java | 2 +- .../web/config/MainWebAppInitializer.java | 5 +- .../session/web/config/MvcConfig.java | 15 ++--- .../web/SessionListenerWithMetrics.java | 4 +- .../templates}/mvc-servlet.xml | 0 .../resources/templates/view/anonymous.html | 9 +++ .../resources/templates/view/console.html | 20 +++++++ .../resources/templates/view/homepage.html | 20 +++++++ .../templates/view/invalidSession.html | 9 +++ .../templates/view/login.html} | 0 .../templates/view/sessionExpired.html | 9 +++ .../WEB-INF => resources/templates}/web.xml | 0 .../main/webapp/WEB-INF/view/anonymous.jsp | 10 ---- .../src/main/webapp/WEB-INF/view/console.jsp | 22 ------- .../src/main/webapp/WEB-INF/view/homepage.jsp | 22 ------- .../webapp/WEB-INF/view/invalidSession.jsp | 10 ---- .../webapp/WEB-INF/view/sessionExpired.jsp | 10 ---- ...LogoutClearSiteDataControllerUnitTest.java | 2 +- .../session/SessionConfigurationLiveTest.java | 6 +- 26 files changed, 153 insertions(+), 161 deletions(-) rename spring-security-modules/spring-security-web-mvc/src/main/{webapp/WEB-INF => resources/templates}/mvc-servlet.xml (100%) create mode 100644 spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/anonymous.html create mode 100644 spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/console.html create mode 100644 spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/homepage.html create mode 100644 spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/invalidSession.html rename spring-security-modules/spring-security-web-mvc/src/main/{webapp/WEB-INF/view/login.jsp => resources/templates/view/login.html} (100%) create mode 100644 spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/sessionExpired.html rename spring-security-modules/spring-security-web-mvc/src/main/{webapp/WEB-INF => resources/templates}/web.xml (100%) delete mode 100644 spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/anonymous.jsp delete mode 100644 spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/console.jsp delete mode 100644 spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/homepage.jsp delete mode 100644 spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/invalidSession.jsp delete mode 100644 spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/sessionExpired.jsp diff --git a/spring-security-modules/spring-security-web-mvc/.gitignore b/spring-security-modules/spring-security-web-mvc/.gitignore index 83c05e60c8..32d2932000 100644 --- a/spring-security-modules/spring-security-web-mvc/.gitignore +++ b/spring-security-modules/spring-security-web-mvc/.gitignore @@ -4,7 +4,7 @@ /target /neoDb* /data -/src/main/webapp/WEB-INF/classes +/src/main/resources/templates/classes */META-INF/* # Packaged files # diff --git a/spring-security-modules/spring-security-web-mvc/pom.xml b/spring-security-modules/spring-security-web-mvc/pom.xml index 10dd89f618..857865267c 100644 --- a/spring-security-modules/spring-security-web-mvc/pom.xml +++ b/spring-security-modules/spring-security-web-mvc/pom.xml @@ -10,7 +10,8 @@ com.baeldung - spring-security-modules + parent-boot-3 + ../../parent-boot-3 0.0.1-SNAPSHOT @@ -38,11 +39,6 @@ org.springframework.boot spring-boot-starter-tomcat - - javax.servlet - jstl - runtime - io.dropwizard.metrics @@ -55,9 +51,16 @@ test - javax.servlet - javax.servlet-api - ${javax.version} + io.rest-assured + rest-assured + + + org.springframework.boot + spring-boot-starter-thymeleaf + + + org.thymeleaf.extras + thymeleaf-extras-springsecurity6 @@ -67,7 +70,7 @@ org.springframework.boot spring-boot-maven-plugin - com.baeldung.SpringSessionApplication + com.baeldung.session.SpringSessionApplication JAR diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/clearsitedata/SpringSecurityConfig.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/clearsitedata/SpringSecurityConfig.java index 9138c6fd7b..225f627434 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/clearsitedata/SpringSecurityConfig.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/clearsitedata/SpringSecurityConfig.java @@ -1,36 +1,34 @@ package com.baeldung.clearsitedata; - import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.CACHE; import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.COOKIES; import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.STORAGE; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.logout.HeaderWriterLogoutHandler; import org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter; @Configuration @EnableWebSecurity -@EnableGlobalMethodSecurity(prePostEnabled = true) +@EnableMethodSecurity public class SpringSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.csrf() - .disable() - .formLogin() - .loginPage("/login.html") - .loginProcessingUrl("/perform_login") - .defaultSuccessUrl("/homepage.html", true) - .and() - .logout() - .logoutUrl("/baeldung/logout") - .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(CACHE, COOKIES, STORAGE))); + http.csrf(AbstractHttpConfigurer::disable) + .formLogin(httpSecurityFormLoginConfigurer -> + httpSecurityFormLoginConfigurer.loginPage("/login") + .loginProcessingUrl("/perform_login") + .defaultSuccessUrl("/homepage", true)) + .logout(httpSecurityLogoutConfigurer -> + httpSecurityLogoutConfigurer.logoutUrl("/baeldung/logout") + .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(CACHE, COOKIES, STORAGE)))); return http.build(); } } diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java index 9d4fc19098..e3e8c54306 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java @@ -3,9 +3,9 @@ package com.baeldung.security; import java.io.IOException; import java.util.Collection; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -61,9 +61,9 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu } if (isUser) { - return "/homepage.html"; + return "/homepage"; } else if (isAdmin) { - return "/console.html"; + return "/console"; } else { throw new IllegalStateException(); } diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/filter/SessionFilter.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/filter/SessionFilter.java index c30bfa5506..f61e240a05 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/filter/SessionFilter.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/filter/SessionFilter.java @@ -3,15 +3,15 @@ package com.baeldung.session.filter; import java.io.IOException; import java.util.Arrays; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.FilterConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.Cookie; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public class SessionFilter implements Filter{ diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/security/config/SecSecurityConfig.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/security/config/SecSecurityConfig.java index 1dfb72eca9..86cdccfa46 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/security/config/SecSecurityConfig.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/security/config/SecSecurityConfig.java @@ -3,6 +3,7 @@ package com.baeldung.session.security.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; @@ -11,7 +12,9 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.provisioning.InMemoryUserDetailsManager; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher; import org.springframework.security.web.session.HttpSessionEventPublisher; +import org.springframework.web.servlet.handler.HandlerMappingIntrospector; import com.baeldung.security.MySimpleUrlAuthenticationSuccessHandler; @@ -35,37 +38,28 @@ public class SecSecurityConfig { } @Bean - public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.csrf() - .disable() - .authorizeRequests() - .antMatchers("/anonymous*") - .anonymous() - .antMatchers("/login*", "/invalidSession*", "/sessionExpired*", "/foo/**") - .permitAll() - .anyRequest() - .authenticated() - .and() - .formLogin() - .loginPage("/login.html") - .loginProcessingUrl("/login") - .successHandler(successHandler()) - .failureUrl("/login.html?error=true") - .and() - .logout() - .deleteCookies("JSESSIONID") - .and() - .rememberMe() - .key("uniqueAndSecret") - .tokenValiditySeconds(86400) - .and() - .sessionManagement() - .sessionFixation() - .migrateSession() - .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) - .invalidSessionUrl("/invalidSession.html") - .maximumSessions(2) - .expiredUrl("/sessionExpired.html"); + public SecurityFilterChain filterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception { + http.csrf(AbstractHttpConfigurer::disable) + .authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> + authorizationManagerRequestMatcherRegistry + .requestMatchers(mvc.pattern("/anonymous*")).anonymous() + .requestMatchers(mvc.pattern("/login*"), mvc.pattern("/invalidSession*"), mvc.pattern("/sessionExpired*"), + mvc.pattern("/foo/**")).permitAll() + .anyRequest().authenticated()) + .formLogin(httpSecurityFormLoginConfigurer -> httpSecurityFormLoginConfigurer.loginPage("/login") + .loginProcessingUrl("/login") + .successHandler(successHandler()) + .failureUrl("/login?error=true")) + .logout(httpSecurityLogoutConfigurer -> httpSecurityLogoutConfigurer.deleteCookies("JSESSIONID")) + .rememberMe(httpSecurityRememberMeConfigurer -> + httpSecurityRememberMeConfigurer.key("uniqueAndSecret") + .tokenValiditySeconds(86400)) + .sessionManagement(httpSecuritySessionManagementConfigurer -> + httpSecuritySessionManagementConfigurer.sessionFixation() + .migrateSession().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) + .invalidSessionUrl("/invalidSession") + .maximumSessions(2) + .expiredUrl("/sessionExpired")); return http.build(); } @@ -83,4 +77,8 @@ public class SecSecurityConfig { return new BCryptPasswordEncoder(); } + @Bean + MvcRequestMatcher.Builder mvc(HandlerMappingIntrospector introspector) { + return new MvcRequestMatcher.Builder(introspector); + } } diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/FooController.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/FooController.java index 7c3385dcbd..e8295fc8da 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/FooController.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/FooController.java @@ -1,6 +1,6 @@ package com.baeldung.session.web; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpSession; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/SessionRestController.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/SessionRestController.java index 79f57246a9..1211362d8c 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/SessionRestController.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/SessionRestController.java @@ -1,6 +1,6 @@ package com.baeldung.session.web; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpSession; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MainWebAppInitializer.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MainWebAppInitializer.java index f85f9f3fb0..5c2bbe01ee 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MainWebAppInitializer.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MainWebAppInitializer.java @@ -1,14 +1,13 @@ package com.baeldung.session.web.config; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; +import jakarta.servlet.ServletContext; import org.springframework.web.WebApplicationInitializer; public class MainWebAppInitializer implements WebApplicationInitializer { @Override - public void onStartup(ServletContext sc) throws ServletException { + public void onStartup(ServletContext sc) { sc.getSessionCookieConfig().setHttpOnly(true); sc.getSessionCookieConfig().setSecure(true); } diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MvcConfig.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MvcConfig.java index 4db6d07872..885f02798b 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MvcConfig.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/session/web/config/MvcConfig.java @@ -9,13 +9,13 @@ public class MvcConfig implements WebMvcConfigurer { @Override public void addViewControllers(final ViewControllerRegistry registry) { - registry.addViewController("/anonymous.html"); + registry.addViewController("/anonymous").setViewName("view/anonymous"); - registry.addViewController("/login.html"); - registry.addViewController("/homepage.html"); - registry.addViewController("/sessionExpired.html"); - registry.addViewController("/invalidSession.html"); - registry.addViewController("/console.html"); + registry.addViewController("/login").setViewName("view/login"); + registry.addViewController("/homepage").setViewName("view/homepage"); + registry.addViewController("/sessionExpired").setViewName("view/sessionExpired"); + registry.addViewController("/invalidSession").setViewName("view/invalidSession"); + registry.addViewController("/console").setViewName("view/console"); } @@ -27,7 +27,8 @@ public class MvcConfig implements WebMvcConfigurer { // final InternalResourceViewResolver bean = new InternalResourceViewResolver(); // // bean.setViewClass(JstlView.class); -// bean.setPrefix("/WEB-INF/view/"); +// bean.setPrefix("/templates/view/"); // bean.setSuffix(".jsp"); +// return bean; // } } diff --git a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/web/SessionListenerWithMetrics.java b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/web/SessionListenerWithMetrics.java index fb1a81744e..10baa1c561 100644 --- a/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/web/SessionListenerWithMetrics.java +++ b/spring-security-modules/spring-security-web-mvc/src/main/java/com/baeldung/web/SessionListenerWithMetrics.java @@ -2,8 +2,8 @@ package com.baeldung.web; import java.util.concurrent.atomic.AtomicInteger; -import javax.servlet.http.HttpSessionEvent; -import javax.servlet.http.HttpSessionListener; +import jakarta.servlet.http.HttpSessionEvent; +import jakarta.servlet.http.HttpSessionListener; import com.baeldung.monitoring.MetricRegistrySingleton; import com.codahale.metrics.Counter; diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/mvc-servlet.xml b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/mvc-servlet.xml similarity index 100% rename from spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/mvc-servlet.xml rename to spring-security-modules/spring-security-web-mvc/src/main/resources/templates/mvc-servlet.xml diff --git a/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/anonymous.html b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/anonymous.html new file mode 100644 index 0000000000..d8ec862901 --- /dev/null +++ b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/anonymous.html @@ -0,0 +1,9 @@ + + + + +

Anonymous page

+ + To Login + + \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/console.html b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/console.html new file mode 100644 index 0000000000..4c15ffc1fe --- /dev/null +++ b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/console.html @@ -0,0 +1,20 @@ + + + + +

This is the landing page for the admin

+ +
+ This text is only visible to a user +
+
+ +
+ This text is only visible to an admin +
+
+ + Logout + + + \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/homepage.html b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/homepage.html new file mode 100644 index 0000000000..83a1dff376 --- /dev/null +++ b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/homepage.html @@ -0,0 +1,20 @@ + + + + +

This is the homepage for the user

+ +
+ This text is only visible to a user +
+
+ +
+ This text is only visible to an admin +
+
+ + Logout + + + \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/invalidSession.html b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/invalidSession.html new file mode 100644 index 0000000000..06a4761335 --- /dev/null +++ b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/invalidSession.html @@ -0,0 +1,9 @@ + + + + +

Invalid Session Page

+ + To Login + + \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/login.jsp b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/login.html similarity index 100% rename from spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/login.jsp rename to spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/login.html diff --git a/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/sessionExpired.html b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/sessionExpired.html new file mode 100644 index 0000000000..94d1286f74 --- /dev/null +++ b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/view/sessionExpired.html @@ -0,0 +1,9 @@ + + + + +

Session Expired Page

+ + To Login + + \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/web.xml b/spring-security-modules/spring-security-web-mvc/src/main/resources/templates/web.xml similarity index 100% rename from spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/web.xml rename to spring-security-modules/spring-security-web-mvc/src/main/resources/templates/web.xml diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/anonymous.jsp b/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/anonymous.jsp deleted file mode 100644 index d4e9c0289b..0000000000 --- a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/anonymous.jsp +++ /dev/null @@ -1,10 +0,0 @@ -<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> - - - - -

Anonymous page

- - ">To Login - - \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/console.jsp b/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/console.jsp deleted file mode 100644 index 5a58d8892f..0000000000 --- a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/console.jsp +++ /dev/null @@ -1,22 +0,0 @@ -<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> -<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %> - - - - -

This is the landing page for the admin

- - - This text is only visible to a user -
-
- - - This text is only visible to an admin -
-
- - ">Logout - - - \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/homepage.jsp b/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/homepage.jsp deleted file mode 100644 index 2568adec66..0000000000 --- a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/homepage.jsp +++ /dev/null @@ -1,22 +0,0 @@ -<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> -<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%> - - - - -

This is the homepage for the user

- - - This text is only visible to a user -
-
- - - This text is only visible to an admin -
-
- - ">Logout - - - \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/invalidSession.jsp b/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/invalidSession.jsp deleted file mode 100644 index e8455ee118..0000000000 --- a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/invalidSession.jsp +++ /dev/null @@ -1,10 +0,0 @@ -<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> - - - - -

Invalid Session Page

- - ">To Login - - \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/sessionExpired.jsp b/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/sessionExpired.jsp deleted file mode 100644 index ab0f1c8c63..0000000000 --- a/spring-security-modules/spring-security-web-mvc/src/main/webapp/WEB-INF/view/sessionExpired.jsp +++ /dev/null @@ -1,10 +0,0 @@ -<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> - - - - -

Session Expired Page

- - ">To Login - - \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/clearsitedata/LogoutClearSiteDataControllerUnitTest.java b/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/clearsitedata/LogoutClearSiteDataControllerUnitTest.java index 30036eea89..22fdd2351d 100644 --- a/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/clearsitedata/LogoutClearSiteDataControllerUnitTest.java +++ b/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/clearsitedata/LogoutClearSiteDataControllerUnitTest.java @@ -13,7 +13,7 @@ import org.springframework.test.web.servlet.result.MockMvcResultHandlers; import org.springframework.test.web.servlet.result.MockMvcResultMatchers; import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; -import javax.servlet.Filter; +import jakarta.servlet.Filter; @ExtendWith(SpringExtension.class) @WebAppConfiguration diff --git a/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/session/SessionConfigurationLiveTest.java b/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/session/SessionConfigurationLiveTest.java index 7d9a03d5f6..90342592f8 100644 --- a/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/session/SessionConfigurationLiveTest.java +++ b/spring-security-modules/spring-security-web-mvc/src/test/java/com/baeldung/session/SessionConfigurationLiveTest.java @@ -35,11 +35,11 @@ public class SessionConfigurationLiveTest { Response resp3 = simpleResponseRequestUsingSessionNotFollowingRedirects(sessionFilter); assertThat(resp3.getStatusCode()).isEqualTo(HttpStatus.FOUND.value()); - assertThat(resp3.getHeader("Location")).isEqualTo("http://localhost:8080/invalidSession.html"); + assertThat(resp3.getHeader("Location")).isEqualTo("http://localhost:8080/invalidSession"); } @Test - public void givenValidUser_whenLoginMoreThanMaxValidSession_thenRedirectedToExpiredSessionUri() throws Exception { + public void givenValidUser_whenLoginMoreThanMaxValidSession_thenRedirectedToExpiredSessionUri() { SessionFilter sessionFilter = new SessionFilter(); simpleSvcRequestLoggingIn(sessionFilter); simpleSvcRequestLoggingIn(); @@ -56,7 +56,7 @@ public class SessionConfigurationLiveTest { .get(SESSION_SVC_URL); assertThat(resp4.getStatusCode()).isEqualTo(HttpStatus.FOUND.value()); - assertThat(resp4.getHeader("Location")).isEqualTo("http://localhost:8080/sessionExpired.html"); + assertThat(resp4.getHeader("Location")).isEqualTo("http://localhost:8080/sessionExpired"); } private static void simpleSvcRequestLoggingIn() {