From 26c11b3e85981879f8248b5bdfb89a88f352e17d Mon Sep 17 00:00:00 2001
From: Mihai238 <mihailepadat@gmail.com>
Date: Tue, 9 Jun 2020 21:49:03 +0200
Subject: [PATCH] add example for security with profiles (#9185)

Co-authored-by: Mihai Lepadat <mihai.lepadat@irian.at>
---
 .../baeldung/securityprofile/Application.java | 14 ++++++++++
 .../ApplicationNoSecurity.java                | 17 +++++++++++
 .../securityprofile/ApplicationSecurity.java  | 16 +++++++++++
 .../securityprofile/EmployeeController.java   | 16 +++++++++++
 .../EmployeeControllerNoSecurityUnitTest.java | 28 +++++++++++++++++++
 .../EmployeeControllerUnitTest.java           | 28 +++++++++++++++++++
 6 files changed, 119 insertions(+)
 create mode 100644 spring-5-security/src/main/java/com/baeldung/securityprofile/Application.java
 create mode 100644 spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationNoSecurity.java
 create mode 100644 spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationSecurity.java
 create mode 100644 spring-5-security/src/main/java/com/baeldung/securityprofile/EmployeeController.java
 create mode 100644 spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerNoSecurityUnitTest.java
 create mode 100644 spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerUnitTest.java

diff --git a/spring-5-security/src/main/java/com/baeldung/securityprofile/Application.java b/spring-5-security/src/main/java/com/baeldung/securityprofile/Application.java
new file mode 100644
index 0000000000..5f17227777
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/Application.java
@@ -0,0 +1,14 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+@SpringBootApplication
+@EnableWebSecurity
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+}
diff --git a/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationNoSecurity.java b/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationNoSecurity.java
new file mode 100644
index 0000000000..c899eb9268
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationNoSecurity.java
@@ -0,0 +1,17 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@Profile("test")
+public class ApplicationNoSecurity extends WebSecurityConfigurerAdapter {
+
+    @Override
+    public void configure(WebSecurity web) {
+        web.ignoring().antMatchers("/**");
+    }
+
+}
diff --git a/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationSecurity.java b/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationSecurity.java
new file mode 100644
index 0000000000..51a8d6aa11
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/ApplicationSecurity.java
@@ -0,0 +1,16 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@Profile("prod")
+public class ApplicationSecurity extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests().anyRequest().authenticated();
+    }
+}
diff --git a/spring-5-security/src/main/java/com/baeldung/securityprofile/EmployeeController.java b/spring-5-security/src/main/java/com/baeldung/securityprofile/EmployeeController.java
new file mode 100644
index 0000000000..a28a5129ca
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/securityprofile/EmployeeController.java
@@ -0,0 +1,16 @@
+package com.baeldung.securityprofile;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collections;
+import java.util.List;
+
+@RestController
+public class EmployeeController {
+
+    @GetMapping("/employees")
+    public List<String> getEmployees() {
+        return Collections.singletonList("Adam Johnson");
+    }
+}
diff --git a/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerNoSecurityUnitTest.java b/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerNoSecurityUnitTest.java
new file mode 100644
index 0000000000..7112392412
--- /dev/null
+++ b/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerNoSecurityUnitTest.java
@@ -0,0 +1,28 @@
+package com.baeldung.securityprofile;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@RunWith(SpringRunner.class)
+@WebMvcTest(value = EmployeeController.class)
+@ActiveProfiles("test")
+public class EmployeeControllerNoSecurityUnitTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @Test
+    public void whenSecurityDisabled_shouldBeOk() throws Exception {
+        this.mockMvc.perform(get("/employees"))
+                .andExpect(status().isOk());
+    }
+
+}
\ No newline at end of file
diff --git a/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerUnitTest.java b/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerUnitTest.java
new file mode 100644
index 0000000000..b8c8b79eb5
--- /dev/null
+++ b/spring-5-security/src/test/java/com/baeldung/securityprofile/EmployeeControllerUnitTest.java
@@ -0,0 +1,28 @@
+package com.baeldung.securityprofile;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@RunWith(SpringRunner.class)
+@WebMvcTest(value = EmployeeController.class)
+@ActiveProfiles("prod")
+public class EmployeeControllerUnitTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @Test
+    public void whenSecurityEnabled_shouldBeForbidden() throws Exception {
+        this.mockMvc.perform(get("/employees"))
+                .andExpect(status().isForbidden());
+    }
+
+}
\ No newline at end of file