security work

2013-05-27 00:25:50 +03:00 · 2013-05-27 00:25:50 +03:00 · 3572f7ecd5
commit 3572f7ecd5
parent 74bafb99a9
9 changed files with 10 additions and 76 deletions
--- a/spring-security-rest/.springBeans
+++ b/spring-security-rest/.springBeans
@ -7,7 +7,7 @@
 	</configSuffixes>
 	<enableImports><![CDATA[false]]></enableImports>
 	<configs>
-		<config>src/main/webapp/WEB-INF/mvc-servlet.xml</config>
+		<config>src/main/webapp/WEB-INF/api-servlet.xml</config>
 	</configs>
 	<configSets>
 	</configSets>
--- a/spring-security-rest/src/main/java/org/baeldung/spring/config/ClientWebConfig.java
+++ b/spring-security-rest/src/main/java/org/baeldung/spring/config/ClientWebConfig.java
@ -1,13 +1,8 @@
 package org.baeldung.spring.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.ViewResolver;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 import org.springframework.web.servlet.view.InternalResourceViewResolver;
 import org.springframework.web.servlet.view.JstlView;
@EnableWebMvc
@Configuration
@ -19,24 +14,4 @@ public class ClientWebConfig extends WebMvcConfigurerAdapter {
    // API
    @Override
    public void addViewControllers(final ViewControllerRegistry registry) {
        super.addViewControllers(registry);
        registry.addViewController("/anonymous.html");
        registry.addViewController("/login.html");
        registry.addViewController("/homepage.html");
    }
    @Bean
    public ViewResolver viewResolver() {
        final InternalResourceViewResolver bean = new InternalResourceViewResolver();
        bean.setViewClass(JstlView.class);
        bean.setPrefix("/WEB-INF/view/");
        bean.setSuffix(".jsp");
        return bean;
    }
 }
--- a/spring-security-rest/src/main/java/org/baeldung/spring/security/RestAuthenticationEntryPoint.java
+++ b/spring-security-rest/src/main/java/org/baeldung/spring/security/RestAuthenticationEntryPoint.java
@ -9,6 +9,9 @@ import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.stereotype.Component;
 /**
 * The Entry Point will not redirect to any sort of Login - it will return the 401
 */
@Component
 public final class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
@ -16,4 +19,5 @@ public final class RestAuthenticationEntryPoint implements AuthenticationEntryPo
    public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException {
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
    }
 }
--- a/spring-security-rest/src/main/resources/webSecurityConfig.xml
+++ b/spring-security-rest/src/main/resources/webSecurityConfig.xml
@ -7,8 +7,8 @@
      http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
-    <http entry-point-ref="restAuthenticationEntryPoint">
+    <http use-expressions="true" entry-point-ref="restAuthenticationEntryPoint">
-        <intercept-url pattern="/api/admin/**" access="ROLE_ADMIN" />
+        <intercept-url pattern="/api/**" access="isAuthenticated()" />
        <custom-filter ref="myFilter" position="FORM_LOGIN_FILTER" />
--- a/spring-security-rest/src/main/webapp/WEB-INF/api-servlet.xml
+++ b/spring-security-rest/src/main/webapp/WEB-INF/api-servlet.xml
--- a/spring-security-rest/src/main/webapp/WEB-INF/view/anonymous.jsp
+++ b/spring-security-rest/src/main/webapp/WEB-INF/view/anonymous.jsp
@ -1,10 +0,0 @@
 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 <html>
 <head></head>
 <body>
 	<h1>Anonymous page</h1>
 	<a href="<c:url value="/login.html" />">To Login</a>
 </body>
 </html>
--- a/spring-security-rest/src/main/webapp/WEB-INF/view/homepage.jsp
+++ b/spring-security-rest/src/main/webapp/WEB-INF/view/homepage.jsp
@ -1,9 +0,0 @@
 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 <html>
 <head></head>
 <body>
 	<h1>This is the body of the sample view</h1>
 	<a href="<c:url value="/perform_logout" />">Logout</a>
 </body>
 </html>
--- a/spring-security-rest/src/main/webapp/WEB-INF/view/login.jsp
+++ b/spring-security-rest/src/main/webapp/WEB-INF/view/login.jsp
@ -1,26 +0,0 @@
 <html>
 <head></head>
 <body>
 	<h1>Login</h1>
 	<form name='f' action="perform_login" method='POST'>
 		<table>
 			<tr>
 				<td>User:</td>
 				<td><input type='text' name='j_username' value=''></td>
 			</tr>
 			<tr>
 				<td>Password:</td>
 				<td><input type='password' name='j_password' /></td>
 			</tr>
 			<tr>
 				<td><input name="submit" type="submit" value="submit" /></td>
 			</tr>
 		</table>
 	</form>
 </body>
 </html>
--- a/spring-security-rest/src/main/webapp/WEB-INF/web.xml
+++ b/spring-security-rest/src/main/webapp/WEB-INF/web.xml
@ -24,13 +24,13 @@
    <!-- Spring child -->
    <servlet>
-        <servlet-name>mvc</servlet-name>
+        <servlet-name>api</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
-        <servlet-name>mvc</servlet-name>
+        <servlet-name>api</servlet-name>
-        <url-pattern>/</url-pattern>
+        <url-pattern>/api/*</url-pattern>
    </servlet-mapping>
    <!-- Spring Security -->