Adding source files for article BAEL-1932 (#6746)
This commit is contained in:
parent
2b0d0665ba
commit
275a4acaea
5
pom.xml
5
pom.xml
|
@ -381,7 +381,7 @@
|
||||||
<!-- <module>core-java-12</module> --> <!-- We haven't upgraded to java 12. Fixing in BAEL-10841 -->
|
<!-- <module>core-java-12</module> --> <!-- We haven't upgraded to java 12. Fixing in BAEL-10841 -->
|
||||||
<module>core-java-8</module>
|
<module>core-java-8</module>
|
||||||
<module>core-java-8-2</module>
|
<module>core-java-8-2</module>
|
||||||
<module>core-java-lambdas</module>
|
<module>core-java-lambdas</module>
|
||||||
<!--<module>core-java-9</module> --> <!-- We haven't upgraded to java 9. Fixing in BAEL-10841 -->
|
<!--<module>core-java-9</module> --> <!-- We haven't upgraded to java 9. Fixing in BAEL-10841 -->
|
||||||
<!--<module>core-java-os</module> --> <!-- We haven't upgraded to java 9.-->
|
<!--<module>core-java-os</module> --> <!-- We haven't upgraded to java 9.-->
|
||||||
<module>core-java-arrays</module>
|
<module>core-java-arrays</module>
|
||||||
|
@ -542,6 +542,7 @@
|
||||||
|
|
||||||
<module>tensorflow-java</module>
|
<module>tensorflow-java</module>
|
||||||
<module>spring-boot-flowable</module>
|
<module>spring-boot-flowable</module>
|
||||||
|
<module>spring-security-kerberos</module>
|
||||||
|
|
||||||
</modules>
|
</modules>
|
||||||
|
|
||||||
|
@ -769,6 +770,7 @@
|
||||||
|
|
||||||
<module>tensorflow-java</module>
|
<module>tensorflow-java</module>
|
||||||
<module>spring-boot-flowable</module>
|
<module>spring-boot-flowable</module>
|
||||||
|
<module>spring-security-kerberos</module>
|
||||||
|
|
||||||
</modules>
|
</modules>
|
||||||
|
|
||||||
|
@ -913,6 +915,7 @@
|
||||||
<module>persistence-modules/spring-hibernate-5</module>
|
<module>persistence-modules/spring-hibernate-5</module>
|
||||||
|
|
||||||
<module>spring-boot-flowable</module>
|
<module>spring-boot-flowable</module>
|
||||||
|
<module>spring-security-kerberos</module>
|
||||||
</modules>
|
</modules>
|
||||||
|
|
||||||
</profile>
|
</profile>
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
## @PreFilter and @PostFilter annotations
|
||||||
|
|
||||||
|
### Build the Project ###
|
||||||
|
|
||||||
|
```
|
||||||
|
mvn clean install
|
||||||
|
```
|
||||||
|
|
||||||
|
### Relevant Articles:
|
||||||
|
- [Spring Security – Kerberos](http://www.baeldung.com/xxxxxx)
|
|
@ -0,0 +1,61 @@
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<groupId>com.baeldung</groupId>
|
||||||
|
<artifactId>spring-security-kerberos</artifactId>
|
||||||
|
<version>0.1-SNAPSHOT</version>
|
||||||
|
<name>spring-security-kerberos</name>
|
||||||
|
<packaging>war</packaging>
|
||||||
|
<parent>
|
||||||
|
<artifactId>parent-boot-1</artifactId>
|
||||||
|
<groupId>com.baeldung</groupId>
|
||||||
|
<version>0.0.1-SNAPSHOT</version>
|
||||||
|
<relativePath>../parent-boot-1</relativePath>
|
||||||
|
</parent>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-web</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-security</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security.kerberos</groupId>
|
||||||
|
<artifactId>spring-security-kerberos-core</artifactId>
|
||||||
|
<version>1.0.1.RELEASE</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security.kerberos</groupId>
|
||||||
|
<artifactId>spring-security-kerberos-web</artifactId>
|
||||||
|
<version>1.0.1.RELEASE</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security.kerberos</groupId>
|
||||||
|
<artifactId>spring-security-kerberos-client</artifactId>
|
||||||
|
<version>1.0.1.RELEASE</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-test</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security</groupId>
|
||||||
|
<artifactId>spring-security-test</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-war-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
|
@ -0,0 +1,13 @@
|
||||||
|
package org.baeldung;
|
||||||
|
|
||||||
|
import org.springframework.boot.SpringApplication;
|
||||||
|
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||||
|
|
||||||
|
@SpringBootApplication
|
||||||
|
public class Application {
|
||||||
|
|
||||||
|
public static void main(String[] args) {
|
||||||
|
SpringApplication.run(Application.class, args);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,87 @@
|
||||||
|
package org.baeldung.config;
|
||||||
|
|
||||||
|
import org.baeldung.security.DummyUserDetailsService;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.core.io.FileSystemResource;
|
||||||
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
|
import org.springframework.security.kerberos.authentication.KerberosAuthenticationProvider;
|
||||||
|
import org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider;
|
||||||
|
import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosClient;
|
||||||
|
import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator;
|
||||||
|
import org.springframework.security.kerberos.web.authentication.SpnegoAuthenticationProcessingFilter;
|
||||||
|
import org.springframework.security.kerberos.web.authentication.SpnegoEntryPoint;
|
||||||
|
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
|
http.authorizeRequests()
|
||||||
|
.anyRequest()
|
||||||
|
.authenticated()
|
||||||
|
.and()
|
||||||
|
.addFilterBefore(spnegoAuthenticationProcessingFilter(authenticationManagerBean()), BasicAuthenticationFilter.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
@Bean
|
||||||
|
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||||
|
return super.authenticationManagerBean();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||||
|
auth.authenticationProvider(kerberosAuthenticationProvider())
|
||||||
|
.authenticationProvider(kerberosServiceAuthenticationProvider());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public KerberosAuthenticationProvider kerberosAuthenticationProvider() {
|
||||||
|
KerberosAuthenticationProvider provider = new KerberosAuthenticationProvider();
|
||||||
|
SunJaasKerberosClient client = new SunJaasKerberosClient();
|
||||||
|
client.setDebug(true);
|
||||||
|
provider.setKerberosClient(client);
|
||||||
|
provider.setUserDetailsService(dummyUserDetailsService());
|
||||||
|
return provider;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public SpnegoEntryPoint spnegoEntryPoint() {
|
||||||
|
return new SpnegoEntryPoint("/login");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public SpnegoAuthenticationProcessingFilter spnegoAuthenticationProcessingFilter(AuthenticationManager authenticationManager) {
|
||||||
|
SpnegoAuthenticationProcessingFilter filter = new SpnegoAuthenticationProcessingFilter();
|
||||||
|
filter.setAuthenticationManager(authenticationManager);
|
||||||
|
return filter;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public KerberosServiceAuthenticationProvider kerberosServiceAuthenticationProvider() {
|
||||||
|
KerberosServiceAuthenticationProvider provider = new KerberosServiceAuthenticationProvider();
|
||||||
|
provider.setTicketValidator(sunJaasKerberosTicketValidator());
|
||||||
|
provider.setUserDetailsService(dummyUserDetailsService());
|
||||||
|
return provider;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public SunJaasKerberosTicketValidator sunJaasKerberosTicketValidator() {
|
||||||
|
SunJaasKerberosTicketValidator ticketValidator = new SunJaasKerberosTicketValidator();
|
||||||
|
ticketValidator.setServicePrincipal("HTTP/demo.kerberos.bealdung.com@baeldung.com");
|
||||||
|
ticketValidator.setKeyTabLocation(new FileSystemResource("baeldung.keytab"));
|
||||||
|
ticketValidator.setDebug(true);
|
||||||
|
return ticketValidator;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public DummyUserDetailsService dummyUserDetailsService() {
|
||||||
|
return new DummyUserDetailsService();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,16 @@
|
||||||
|
package org.baeldung.security;
|
||||||
|
|
||||||
|
import org.springframework.security.core.authority.AuthorityUtils;
|
||||||
|
import org.springframework.security.core.userdetails.User;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||||
|
|
||||||
|
public class DummyUserDetailsService implements UserDetailsService {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
||||||
|
return new User(username, "notUsed", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_USER"));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue