From 3f8eddad332a4b7e3013e977ca9c57de12050ebc Mon Sep 17 00:00:00 2001
From: "nnhai1991@gmail.com" <Hai Nguyen>
Date: Sun, 19 Aug 2018 17:24:43 +0800
Subject: [PATCH] additional tests and content

---
 .../main/java/org/baeldung/security/ApplicationConfig.java | 1 +
 .../src/main/webapp/WEB-INF/views/home.jsp                 | 7 +++++--
 .../java/org/baeldung/security/HomeControllerTest.java     | 5 ++++-
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/spring-boot-security-taglibs/src/main/java/org/baeldung/security/ApplicationConfig.java b/spring-boot-security-taglibs/src/main/java/org/baeldung/security/ApplicationConfig.java
index 763422e6df..6419da3bdd 100644
--- a/spring-boot-security-taglibs/src/main/java/org/baeldung/security/ApplicationConfig.java
+++ b/spring-boot-security-taglibs/src/main/java/org/baeldung/security/ApplicationConfig.java
@@ -35,6 +35,7 @@ public class ApplicationConfig extends WebSecurityConfigurerAdapter {
         http.csrf()
                 .and()
             .authorizeRequests()
+                .antMatchers("/adminOnlyURL").hasRole("ADMIN")
                 .anyRequest().permitAll().and().httpBasic();
         // @formatter:on
     }
diff --git a/spring-boot-security-taglibs/src/main/webapp/WEB-INF/views/home.jsp b/spring-boot-security-taglibs/src/main/webapp/WEB-INF/views/home.jsp
index 7291608e3e..eed24182e2 100644
--- a/spring-boot-security-taglibs/src/main/webapp/WEB-INF/views/home.jsp
+++ b/spring-boot-security-taglibs/src/main/webapp/WEB-INF/views/home.jsp
@@ -14,9 +14,9 @@
         ANONYMOUS
     </sec:authorize>
     <sec:authorize access="isAuthenticated()">
-        AUTHENTICATED    
+        AUTHENTICATED Content 
         <sec:authorize access="hasRole('ADMIN')">
-            ADMIN ROLE
+            Content for users who have the "ADMIN" role.
         </sec:authorize>
         <h2>
             principal.username:
@@ -26,6 +26,9 @@
             <sec:csrfInput />
             Text Field: <br /> <input type="text" name="textField" />
         </form>
+        <sec:authorize url="/adminOnlyURL">
+            <a href="/adminOnlyURL">Go to Admin Only URL</a>
+        </sec:authorize>
     </sec:authorize>
 </body>
 </html>
\ No newline at end of file
diff --git a/spring-boot-security-taglibs/src/test/java/org/baeldung/security/HomeControllerTest.java b/spring-boot-security-taglibs/src/test/java/org/baeldung/security/HomeControllerTest.java
index c005185c92..78b3089fba 100644
--- a/spring-boot-security-taglibs/src/test/java/org/baeldung/security/HomeControllerTest.java
+++ b/spring-boot-security-taglibs/src/test/java/org/baeldung/security/HomeControllerTest.java
@@ -31,11 +31,14 @@ public class HomeControllerTest {
         assertTrue(body.contains("AUTHENTICATED"));
 
         // test <sec:authorize access="hasRole('ADMIN')">
-        assertTrue(body.contains("ADMIN ROLE"));
+        assertTrue(body.contains("Content for users who have the \"ADMIN\" role."));
 
         // test <sec:authentication property="principal.username" />
         assertTrue(body.contains("testUser"));
 
+        // test <sec:authorize url="/adminOnlyURL">
+        assertTrue(body.contains("<a href=\"/adminOnlyURL\">"));
+        
         // test <sec:csrfInput />
         assertTrue(body.contains("<input type=\"hidden\" name=\"_csrf\" value=\""));