iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

clean project of security config (#1141)

Browse Source
This commit is contained in:
lor6 2017-02-09 11:56:53 +02:00 committed by Eugen
parent bfb364769c
commit 3a1505ad29
10 changed files with 1 additions and 315 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
spring-mvc-forms/pom.xml
View File

@ -47,22 +47,6 @@
<version>${fileupload.version}</version> <version>${fileupload.version}</version>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${org.springframework.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${org.springframework.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${org.springframework.security.version}</version>
</dependency>
</dependencies> </dependencies>
<profiles> <profiles>
<!-- Local --> <!-- Local -->
@ -115,7 +99,6 @@
<hibernate-validator.version>5.3.3.Final</hibernate-validator.version> <hibernate-validator.version>5.3.3.Final</hibernate-validator.version>
<deploy-path>enter-location-of-server</deploy-path> <deploy-path>enter-location-of-server</deploy-path>
<fileupload.version>1.3.2</fileupload.version> <fileupload.version>1.3.2</fileupload.version>
<org.springframework.security.version>4.2.1.RELEASE</org.springframework.security.version>
</properties> </properties>
</project> </project>

122
spring-mvc-forms/src/main/java/com/baeldung/springmvcforms/configuration/SecurityConfig.java
View File

@ -1,122 +0,0 @@
package com.baeldung.springmvcforms.configuration;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.TestingAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
public UserDetailsService userDetailsService() throws Exception {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("user")
.password("userPass")
.roles("USER")
.build());
manager.createUser(User.withUsername("admin")
.password("adminPass")
.roles("ADMIN")
.build());
return manager;
}
@Configuration
@Order(1)
public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
public App1ConfigurationAdapter() {
super();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("admin")
.password("admin")
.roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/admin*")
.authorizeRequests()
.anyRequest()
.hasRole("ADMIN")
// log in
.and()
.formLogin()
.loginPage("/loginAdmin")
.loginProcessingUrl("/admin_login")
.failureUrl("/loginAdmin?error=loginError")
.defaultSuccessUrl("/adminPage")
// logout
.and()
.logout()
.logoutUrl("/admin_logout")
.logoutSuccessUrl("/protectedLinks")
.deleteCookies("JSESSIONID")
.and()
.exceptionHandling()
.accessDeniedPage("/403")
.and()
.csrf()
.disable();
}
}
@Configuration
@Order(2)
public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
public App2ConfigurationAdapter() {
super();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user")
.password("user")
.roles("USER");
}
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/user*")
.authorizeRequests()
.anyRequest()
.hasRole("USER")
// log in
.and()
.formLogin()
.loginPage("/loginUser")
.loginProcessingUrl("/user_login")
.failureUrl("/loginUser?error=loginError")
.defaultSuccessUrl("/userPage")
// logout
.and()
.logout()
.logoutUrl("/user_logout")
.logoutSuccessUrl("/protectedLinks")
.deleteCookies("JSESSIONID")
.and()
.exceptionHandling()
.accessDeniedPage("/403")
.and()
.csrf()
.disable();
}
}
}

5
spring-mvc-forms/src/main/java/com/baeldung/springmvcforms/configuration/WebInitializer.java
View File

@ -3,7 +3,6 @@ package com.baeldung.springmvcforms.configuration;
import org.springframework.web.WebApplicationInitializer; import org.springframework.web.WebApplicationInitializer;
import org.springframework.web.context.ContextLoaderListener; import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext; import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import org.springframework.web.filter.DelegatingFilterProxy;
import org.springframework.web.servlet.DispatcherServlet; import org.springframework.web.servlet.DispatcherServlet;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
@ -25,9 +24,7 @@ public class WebInitializer implements WebApplicationInitializer {
servlet.setLoadOnStartup(1); servlet.setLoadOnStartup(1);
servlet.addMapping("/"); servlet.addMapping("/");
container.addFilter("springSecurityFilterChain", new DelegatingFilterProxy("springSecurityFilterChain"))
.addMappingForUrlPatterns(null, false, "/*");
} }
// @Override // @Override
// public void onStartup(ServletContext container) { // public void onStartup(ServletContext container) {

38
spring-mvc-forms/src/main/java/com/baeldung/springmvcforms/controller/UsersController.java
View File

@ -1,38 +0,0 @@
package com.baeldung.springmvcforms.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class UsersController {
@RequestMapping("/protectedLinks")
public String getAnonymousPage() {
return "protectedLinks";
}
@RequestMapping("/userPage")
public String getUserPage() {
return "userPage";
}
@RequestMapping("/adminPage")
public String getAdminPage() {
return "adminPage";
}
@RequestMapping("/loginAdmin")
public String getAdminLoginPage() {
return "loginAdmin";
}
@RequestMapping("/loginUser")
public String getUserLoginPage() {
return "loginUser";
}
@RequestMapping("/403")
public String getAccessDeniedPage() {
return "403";
}
}

12
spring-mvc-forms/src/main/webapp/WEB-INF/views/403.jsp
View File

@ -1,12 +0,0 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title></title>
</head>
<body>
Your do not have permission to view this page.
</body>
</html>

16
spring-mvc-forms/src/main/webapp/WEB-INF/views/adminPage.jsp
View File

@ -1,16 +0,0 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
Welcome admin! <a href="<c:url value='/admin_logout' /> " >Logout</a>
<br /><br />
<a href="<c:url value='/protectedLinks' /> " >Back to links</a>
</body>
</html>

38
spring-mvc-forms/src/main/webapp/WEB-INF/views/loginAdmin.jsp
View File

@ -1,38 +0,0 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<p>Admin login page</p>
<form name="f" action="admin_login" method="POST">
<table>
<tr>
<td>User:</td>
<td><input type="text" name="username" value=""></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="submit" /></td>
</tr>
</table>
</form>
<%
if (request.getParameter("error") != null) {
out.println("Login failed!");
}
%>
</body>
</html>

37
spring-mvc-forms/src/main/webapp/WEB-INF/views/loginUser.jsp
View File

@ -1,37 +0,0 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Login</title>
</head>
<body>
<p>User login page</p>
<form name="f" action="user_login" method="POST">
<table>
<tr>
<td>User:</td>
<td><input type="text" name="username" value=""></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="submit" /></td>
</tr>
</table>
</form>
<%
if (request.getParameter("error") != null) {
out.println("Login failed!");
}
%>
</body>
</html>

16
spring-mvc-forms/src/main/webapp/WEB-INF/views/protectedLinks.jsp
View File

@ -1,16 +0,0 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<a href="<c:url value="/userPage" />">User page</a>
<br />
<a href="<c:url value="/adminPage" />">Admin page</a>
</body>
</html>

15
spring-mvc-forms/src/main/webapp/WEB-INF/views/userPage.jsp
View File

@ -1,15 +0,0 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
Welcome user! <a href="<c:url value='/user_logout' /> " >Logout</a>
<br /><br />
<a href="<c:url value='/protectedLinks' /> " >Back to links</a>
</body>
</html>