Merge pull request #4778 from eugenp/update-basic-auth

update to spring 5

spring-security-rest-basic-auth/pom.xml

@@ -10,9 +10,9 @@
 
     <parent>
         <groupId>com.baeldung</groupId>
-        <artifactId>parent-spring-4</artifactId>
+        <artifactId>parent-spring-5</artifactId>
         <version>0.0.1-SNAPSHOT</version>
-        <relativePath>../parent-spring-4</relativePath>
+        <relativePath>../parent-spring-5</relativePath>
     </parent>
 
     <dependencies>
@@ -22,12 +22,12 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-web</artifactId>
-            <version>${org.springframework.security.version}</version>
+            <version>${spring.version}</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-config</artifactId>
-            <version>${org.springframework.security.version}</version>
+            <version>${spring.version}</version>
         </dependency>
 
         <!-- Spring -->
@@ -96,7 +96,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>${jackson.version}</version>
+            <version>${jackson-databind.version}</version>
         </dependency>
 
         <!-- http -->
@@ -270,8 +270,6 @@
     </profiles>
 
     <properties>
-        <!-- Spring -->
-        <org.springframework.security.version>4.2.6.RELEASE</org.springframework.security.version>
 
         <!-- http -->
         <httpcore.version>4.4.5</httpcore.version>
@@ -280,7 +278,6 @@
         <!-- various -->
         <jstl.version>1.2</jstl.version>
         <javax.servlet.version>3.1.0</javax.servlet.version>
-        <jackson.version>2.8.5</jackson.version>
 
         <!-- util -->
         <guava.version>19.0</guava.version>

spring-security-rest-basic-auth/src/main/java/org/baeldung/filter/CustomWebSecurityConfigurerAdapter.java

@@ -2,11 +2,14 @@ package org.baeldung.filter;
 
 import org.baeldung.security.RestAuthenticationEntryPoint;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
 @Configuration
@@ -20,7 +23,7 @@ public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAda
         auth
           .inMemoryAuthentication()
           .withUser("user1")
-          .password("user1Pass")
+          .password(passwordEncoder().encode("user1Pass"))
           .authorities("ROLE_USER");
     }
 
@@ -38,4 +41,9 @@ public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAda
 
         http.addFilterAfter(new CustomFilter(), BasicAuthenticationFilter.class);
     }
+    
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
 }

spring-security-rest-basic-auth/src/main/java/org/baeldung/spring/WebConfig.java

@@ -7,12 +7,13 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 
 @Configuration
 @EnableWebMvc
 @ComponentScan("org.baeldung.web")
-public class WebConfig extends WebMvcConfigurerAdapter {
+public class WebConfig implements WebMvcConfigurer {
 
     public WebConfig() {
         super();
@@ -22,7 +23,6 @@ public class WebConfig extends WebMvcConfigurerAdapter {
 
     @Override
     public void configureMessageConverters(final List<HttpMessageConverter<?>> converters) {
-        super.configureMessageConverters(converters);
         converters.add(new MappingJackson2HttpMessageConverter());
     }
 

spring-security-rest-basic-auth/src/main/resources/webSecurityConfig.xml

@@ -2,25 +2,27 @@
 <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
     xsi:schemaLocation="
         http://www.springframework.org/schema/security 
-        http://www.springframework.org/schema/security/spring-security-4.2.xsd
+        http://www.springframework.org/schema/security/spring-security.xsd
         http://www.springframework.org/schema/beans 
-        http://www.springframework.org/schema/beans/spring-beans-4.3.xsd"
+        http://www.springframework.org/schema/beans/spring-beans.xsd"
 >
 
     <http create-session="stateless" use-expressions="true">
 
-        <http-basic/>
+        <http-basic entry-point-ref="myBasicAuthenticationEntryPoint"/>
 
     </http>
 
     <authentication-manager>
         <authentication-provider>
             <user-service>
-                <user name="user1" password="user1Pass" authorities="ROLE_USER"/>
+                <user name="user1" password="{noop}user1Pass" authorities="ROLE_USER"/>
             </user-service>
         </authentication-provider>
     </authentication-manager>
 
     <global-method-security pre-post-annotations="enabled"/>
+        
+    <beans:bean id="myBasicAuthenticationEntryPoint" class="org.baeldung.basic.MyBasicAuthenticationEntryPoint" />
 
 </beans:beans>

spring-security-rest-basic-auth/src/main/webapp/WEB-INF/api-servlet.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans xmlns="http://www.springframework.org/schema/beans"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd" >
+  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd" >
 
 </beans>

spring-security-rest-basic-auth/src/test/java/org/baeldung/client/RestClientLiveManualTest.java

@@ -8,6 +8,9 @@ import java.io.IOException;
 import java.security.GeneralSecurityException;
 import java.security.cert.X509Certificate;
 
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLPeerUnverifiedException;
+
 import org.apache.http.HttpResponse;
 import org.apache.http.client.ClientProtocolException;
 import org.apache.http.client.methods.HttpGet;
@@ -16,6 +19,7 @@ import org.apache.http.conn.ssl.NoopHostnameVerifier;
 import org.apache.http.conn.ssl.SSLSocketFactory;
 import org.apache.http.conn.ssl.TrustStrategy;
 import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.http.impl.client.HttpClients;
 import org.junit.Ignore;
 import org.junit.Test;