add example for security with profiles (#9185)

Co-authored-by: Mihai Lepadat <mihai.lepadat@irian.at>
2020-06-09 21:49:03 +02:00 · 2020-06-09 21:49:03 +02:00 · 26c11b3e85
parent c387fe5dd6
commit 26c11b3e85
6 changed files with 119 additions and 0 deletions
--- a/spring-5-security/src/main/java/com/baeldung/securityprofile/Application.java
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/Application.java
@ -0,0 +1,14 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+@SpringBootApplication
+@EnableWebSecurity
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+}
--- a/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationNoSecurity.java
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationNoSecurity.java
@ -0,0 +1,17 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@Profile("test")
+public class ApplicationNoSecurity extends WebSecurityConfigurerAdapter {
+
+    @Override
+    public void configure(WebSecurity web) {
+        web.ignoring().antMatchers("/**");
+    }
+
+}
--- a/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationSecurity.java
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationSecurity.java
@ -0,0 +1,16 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@Profile("prod")
+public class ApplicationSecurity extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests().anyRequest().authenticated();
+    }
+}
--- a/spring-5-security/src/main/java/com/baeldung/securityprofile/EmployeeController.java
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/EmployeeController.java
@ -0,0 +1,16 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collections;
+import java.util.List;
+
+@RestController
+public class EmployeeController {
+
+    @GetMapping("/employees")
+    public List<String> getEmployees() {
+        return Collections.singletonList("Adam Johnson");
+    }
+}
--- a/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerNoSecurityUnitTest.java
+++ b/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerNoSecurityUnitTest.java
@ -0,0 +1,28 @@
+package com.baeldung.securityprofile;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@RunWith(SpringRunner.class)
+@WebMvcTest(value = EmployeeController.class)
+@ActiveProfiles("test")
+public class EmployeeControllerNoSecurityUnitTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @Test
+    public void whenSecurityDisabled_shouldBeOk() throws Exception {
+        this.mockMvc.perform(get("/employees"))
+                .andExpect(status().isOk());
+    }
+
+}
--- a/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerUnitTest.java
+++ b/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerUnitTest.java
@ -0,0 +1,28 @@
+package com.baeldung.securityprofile;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@RunWith(SpringRunner.class)
+@WebMvcTest(value = EmployeeController.class)
+@ActiveProfiles("prod")
+public class EmployeeControllerUnitTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @Test
+    public void whenSecurityEnabled_shouldBeForbidden() throws Exception {
+        this.mockMvc.perform(get("/employees"))
+                .andExpect(status().isForbidden());
+    }
+
+}