iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

additional tests and content

Browse Source
This commit is contained in:
nnhai1991@gmail.com 2018-08-19 17:24:43 +08:00
parent 0d684eed97
commit 3f8eddad33
3 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
spring-boot-security-taglibs/src/main/java/org/baeldung/security/ApplicationConfig.java
View File

@ -35,6 +35,7 @@ public class ApplicationConfig extends WebSecurityConfigurerAdapter {
http.csrf() http.csrf()
.and() .and()
.authorizeRequests() .authorizeRequests()
.antMatchers("/adminOnlyURL").hasRole("ADMIN")
.anyRequest().permitAll().and().httpBasic(); .anyRequest().permitAll().and().httpBasic();
// @formatter:on // @formatter:on
} }

7
spring-boot-security-taglibs/src/main/webapp/WEB-INF/views/home.jsp
View File

@ -14,9 +14,9 @@
ANONYMOUS ANONYMOUS
</sec:authorize> </sec:authorize>
<sec:authorize access="isAuthenticated()"> <sec:authorize access="isAuthenticated()">
AUTHENTICATED AUTHENTICATED Content
<sec:authorize access="hasRole('ADMIN')"> <sec:authorize access="hasRole('ADMIN')">
ADMIN ROLE Content for users who have the "ADMIN" role.
</sec:authorize> </sec:authorize>
<h2> <h2>
principal.username: principal.username:
@ -26,6 +26,9 @@
<sec:csrfInput /> <sec:csrfInput />
Text Field: <br /> <input type="text" name="textField" /> Text Field: <br /> <input type="text" name="textField" />
</form> </form>
<sec:authorize url="/adminOnlyURL">
<a href="/adminOnlyURL">Go to Admin Only URL</a>
</sec:authorize>
</sec:authorize> </sec:authorize>
</body> </body>
</html> </html>

5
spring-boot-security-taglibs/src/test/java/org/baeldung/security/HomeControllerTest.java
View File

@ -31,11 +31,14 @@ public class HomeControllerTest {
assertTrue(body.contains("AUTHENTICATED")); assertTrue(body.contains("AUTHENTICATED"));
// test <sec:authorize access="hasRole('ADMIN')"> // test <sec:authorize access="hasRole('ADMIN')">
assertTrue(body.contains("ADMIN ROLE")); assertTrue(body.contains("Content for users who have the \"ADMIN\" role."));
// test <sec:authentication property="principal.username" /> // test <sec:authentication property="principal.username" />
assertTrue(body.contains("testUser")); assertTrue(body.contains("testUser"));
// test <sec:authorize url="/adminOnlyURL">
assertTrue(body.contains("<a href=\"/adminOnlyURL\">"));
// test <sec:csrfInput /> // test <sec:csrfInput />
assertTrue(body.contains("<input type=\"hidden\" name=\"_csrf\" value=\"")); assertTrue(body.contains("<input type=\"hidden\" name=\"_csrf\" value=\""));