boot2 upgrade
This commit is contained in:
parent
047722347e
commit
444f059c8e
|
@ -12,10 +12,10 @@
|
|||
<description>Spring Security MVC Boot</description>
|
||||
|
||||
<parent>
|
||||
<artifactId>parent-boot-5</artifactId>
|
||||
<artifactId>parent-boot-2</artifactId>
|
||||
<groupId>com.baeldung</groupId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
<relativePath>../parent-boot-5</relativePath>
|
||||
<relativePath>../parent-boot-2</relativePath>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
|
@ -79,26 +79,6 @@
|
|||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.apache.derby</groupId>
|
||||
<artifactId>derby</artifactId>
|
||||
<version>${derby.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.derby</groupId>
|
||||
<artifactId>derbyclient</artifactId>
|
||||
<version>${derby.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.derby</groupId>
|
||||
<artifactId>derbynet</artifactId>
|
||||
<version>${derby.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.derby</groupId>
|
||||
<artifactId>derbytools</artifactId>
|
||||
<version>${derby.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>taglibs</groupId>
|
||||
<artifactId>standard</artifactId>
|
||||
|
@ -107,13 +87,11 @@
|
|||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>${spring-security-taglibs.version}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>${spring-security-core.version}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
|
@ -122,10 +100,6 @@
|
|||
<version>${jstl.version}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
|
@ -268,12 +242,7 @@
|
|||
comment the tag above and uncomment the one below -->
|
||||
<!--<start-class>org.baeldung.multipleentrypoints.MultipleEntryPointsApplication</start-class> -->
|
||||
|
||||
<derby.version>10.13.1.1</derby.version>
|
||||
<taglibs-standard.version>1.1.2</taglibs-standard.version>
|
||||
<spring-security-taglibs.version>4.2.2.RELEASE</spring-security-taglibs.version>
|
||||
<spring-security-core.version>4.2.2.RELEASE</spring-security-core.version>
|
||||
<spring-security-test.version>4.2.2.RELEASE</spring-security-test.version>
|
||||
|
||||
<jstl.version>1.2</jstl.version>
|
||||
<cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>
|
||||
</properties>
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
package org.baeldung;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.web.support.SpringBootServletInitializer;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
@EnableAutoConfiguration
|
||||
@ComponentScan({ "org.baeldung.config", "org.baeldung.persistence", "org.baeldung.security", "org.baeldung.web" })
|
||||
// @ComponentScan(excludeFilters = { @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"), @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.multipleauthproviders.*"),
|
||||
// @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.multiplelogin.*"), @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.multipleentrypoints.*"),
|
||||
// @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.rolesauthorities.*"), @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.acl.*") })
|
||||
public class Application extends SpringBootServletInitializer {
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(Application.class, args);
|
||||
}
|
||||
}
|
|
@ -1,80 +0,0 @@
|
|||
package org.baeldung.acl.config;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.cache.ehcache.EhCacheFactoryBean;
|
||||
import org.springframework.cache.ehcache.EhCacheManagerFactoryBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
|
||||
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
|
||||
import org.springframework.security.acls.AclPermissionCacheOptimizer;
|
||||
import org.springframework.security.acls.AclPermissionEvaluator;
|
||||
import org.springframework.security.acls.domain.AclAuthorizationStrategy;
|
||||
import org.springframework.security.acls.domain.AclAuthorizationStrategyImpl;
|
||||
import org.springframework.security.acls.domain.ConsoleAuditLogger;
|
||||
import org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy;
|
||||
import org.springframework.security.acls.domain.EhCacheBasedAclCache;
|
||||
import org.springframework.security.acls.jdbc.BasicLookupStrategy;
|
||||
import org.springframework.security.acls.jdbc.JdbcMutableAclService;
|
||||
import org.springframework.security.acls.jdbc.LookupStrategy;
|
||||
import org.springframework.security.acls.model.PermissionGrantingStrategy;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
|
||||
@Configuration
|
||||
@EnableAutoConfiguration
|
||||
public class ACLContext {
|
||||
|
||||
@Autowired
|
||||
DataSource dataSource;
|
||||
|
||||
@Bean
|
||||
public EhCacheBasedAclCache aclCache() {
|
||||
return new EhCacheBasedAclCache(aclEhCacheFactoryBean().getObject(), permissionGrantingStrategy(), aclAuthorizationStrategy());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public EhCacheFactoryBean aclEhCacheFactoryBean() {
|
||||
EhCacheFactoryBean ehCacheFactoryBean = new EhCacheFactoryBean();
|
||||
ehCacheFactoryBean.setCacheManager(aclCacheManager().getObject());
|
||||
ehCacheFactoryBean.setCacheName("aclCache");
|
||||
return ehCacheFactoryBean;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public EhCacheManagerFactoryBean aclCacheManager() {
|
||||
return new EhCacheManagerFactoryBean();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PermissionGrantingStrategy permissionGrantingStrategy() {
|
||||
return new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public AclAuthorizationStrategy aclAuthorizationStrategy() {
|
||||
return new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_ADMIN"));
|
||||
}
|
||||
|
||||
@Bean
|
||||
public MethodSecurityExpressionHandler defaultMethodSecurityExpressionHandler() {
|
||||
DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
|
||||
AclPermissionEvaluator permissionEvaluator = new AclPermissionEvaluator(aclService());
|
||||
expressionHandler.setPermissionEvaluator(permissionEvaluator);
|
||||
expressionHandler.setPermissionCacheOptimizer(new AclPermissionCacheOptimizer(aclService()));
|
||||
return expressionHandler;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public LookupStrategy lookupStrategy() {
|
||||
return new BasicLookupStrategy(dataSource, aclCache(), aclAuthorizationStrategy(), new ConsoleAuditLogger());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JdbcMutableAclService aclService() {
|
||||
return new JdbcMutableAclService(dataSource, lookupStrategy(), aclCache());
|
||||
}
|
||||
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
package org.baeldung.acl.config;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
|
||||
|
||||
@Configuration
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||
public class AclMethodSecurityConfiguration extends GlobalMethodSecurityConfiguration {
|
||||
|
||||
@Autowired
|
||||
MethodSecurityExpressionHandler defaultMethodSecurityExpressionHandler;
|
||||
|
||||
@Override
|
||||
protected MethodSecurityExpressionHandler createExpressionHandler() {
|
||||
return defaultMethodSecurityExpressionHandler;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,16 +0,0 @@
|
|||
package org.baeldung.acl.config;
|
||||
|
||||
import org.springframework.boot.autoconfigure.domain.EntityScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
|
||||
@Configuration
|
||||
@EnableTransactionManagement
|
||||
@EnableJpaRepositories(basePackages = "org.baeldung.acl.persistence.dao")
|
||||
@PropertySource("classpath:org.baeldung.acl.datasource.properties")
|
||||
@EntityScan(basePackages={ "org.baeldung.acl.persistence.entity" })
|
||||
public class JPAPersistenceConfig {
|
||||
|
||||
}
|
|
@ -1,24 +0,0 @@
|
|||
package org.baeldung.acl.persistence.dao;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.baeldung.acl.persistence.entity.NoticeMessage;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.repository.query.Param;
|
||||
import org.springframework.security.access.prepost.PostAuthorize;
|
||||
import org.springframework.security.access.prepost.PostFilter;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
||||
public interface NoticeMessageRepository extends JpaRepository<NoticeMessage, Long>{
|
||||
|
||||
@PostFilter("hasPermission(filterObject, 'READ')")
|
||||
List<NoticeMessage> findAll();
|
||||
|
||||
@PostAuthorize("hasPermission(returnObject, 'READ')")
|
||||
NoticeMessage findById(Integer id);
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@PreAuthorize("hasPermission(#noticeMessage, 'WRITE')")
|
||||
NoticeMessage save(@Param("noticeMessage")NoticeMessage noticeMessage);
|
||||
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
package org.baeldung.acl.persistence.entity;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
@Entity
|
||||
@Table(name="system_message")
|
||||
public class NoticeMessage {
|
||||
|
||||
@Id
|
||||
@Column
|
||||
private Integer id;
|
||||
@Column
|
||||
private String content;
|
||||
public Integer getId() {
|
||||
return id;
|
||||
}
|
||||
public void setId(Integer id) {
|
||||
this.id = id;
|
||||
}
|
||||
public String getContent() {
|
||||
return content;
|
||||
}
|
||||
public void setContent(String content) {
|
||||
this.content = content;
|
||||
}
|
||||
}
|
|
@ -1,82 +0,0 @@
|
|||
package org.baeldung.config;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
import javax.persistence.EntityManagerFactory;
|
||||
import javax.sql.DataSource;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor;
|
||||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
|
||||
import org.springframework.jdbc.datasource.DriverManagerDataSource;
|
||||
import org.springframework.orm.jpa.JpaTransactionManager;
|
||||
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
|
||||
import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
|
||||
import org.springframework.transaction.PlatformTransactionManager;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
|
||||
@Configuration
|
||||
@EnableTransactionManagement
|
||||
@PropertySource({ "classpath:persistence-derby.properties" })
|
||||
@EnableJpaRepositories(basePackages = "org.baeldung.persistence.dao")
|
||||
public class PersistenceConfig {
|
||||
|
||||
@Autowired
|
||||
private Environment env;
|
||||
|
||||
public PersistenceConfig() {
|
||||
super();
|
||||
}
|
||||
|
||||
// beans
|
||||
|
||||
@Bean
|
||||
public LocalContainerEntityManagerFactoryBean entityManagerFactory() {
|
||||
final LocalContainerEntityManagerFactoryBean em = new LocalContainerEntityManagerFactoryBean();
|
||||
em.setDataSource(dataSource());
|
||||
em.setPackagesToScan(new String[] { "org.baeldung.persistence.model" });
|
||||
|
||||
final HibernateJpaVendorAdapter vendorAdapter = new HibernateJpaVendorAdapter();
|
||||
em.setJpaVendorAdapter(vendorAdapter);
|
||||
em.setJpaProperties(additionalProperties());
|
||||
|
||||
return em;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public DataSource dataSource() {
|
||||
final DriverManagerDataSource dataSource = new DriverManagerDataSource();
|
||||
dataSource.setDriverClassName(env.getProperty("jdbc.driverClassName"));
|
||||
dataSource.setUrl(env.getProperty("jdbc.url"));
|
||||
dataSource.setUsername(env.getProperty("jdbc.user"));
|
||||
dataSource.setPassword(env.getProperty("jdbc.pass"));
|
||||
|
||||
return dataSource;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PlatformTransactionManager transactionManager(final EntityManagerFactory emf) {
|
||||
final JpaTransactionManager transactionManager = new JpaTransactionManager();
|
||||
transactionManager.setEntityManagerFactory(emf);
|
||||
return transactionManager;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PersistenceExceptionTranslationPostProcessor exceptionTranslation() {
|
||||
return new PersistenceExceptionTranslationPostProcessor();
|
||||
}
|
||||
|
||||
final Properties additionalProperties() {
|
||||
final Properties hibernateProperties = new Properties();
|
||||
hibernateProperties.setProperty("hibernate.hbm2ddl.auto", env.getProperty("hibernate.hbm2ddl.auto"));
|
||||
hibernateProperties.setProperty("hibernate.dialect", env.getProperty("hibernate.dialect"));
|
||||
hibernateProperties.setProperty("hibernate.cache.use_second_level_cache", env.getProperty("hibernate.cache.use_second_level_cache"));
|
||||
hibernateProperties.setProperty("hibernate.cache.use_query_cache", env.getProperty("hibernate.cache.use_query_cache"));
|
||||
// hibernateProperties.setProperty("hibernate.globally_quoted_identifiers", "true");
|
||||
return hibernateProperties;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,16 @@
|
|||
package org.baeldung.custom;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
|
||||
|
||||
@SpringBootApplication
|
||||
public class Application extends SpringBootServletInitializer {
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(Application.class, args);
|
||||
}
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
package org.baeldung.config;
|
||||
package org.baeldung.custom.config;
|
||||
|
||||
import org.baeldung.security.CustomMethodSecurityExpressionHandler;
|
||||
import org.baeldung.security.CustomPermissionEvaluator;
|
||||
import org.baeldung.custom.security.CustomMethodSecurityExpressionHandler;
|
||||
import org.baeldung.custom.security.CustomPermissionEvaluator;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.config;
|
||||
package org.baeldung.custom.config;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
@ -7,11 +7,11 @@ import org.springframework.web.servlet.config.annotation.DefaultServletHandlerCo
|
|||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
@Configuration
|
||||
@EnableWebMvc
|
||||
public class MvcConfig extends WebMvcConfigurerAdapter {
|
||||
public class MvcConfig implements WebMvcConfigurer {
|
||||
|
||||
public MvcConfig() {
|
||||
super();
|
||||
|
@ -30,7 +30,6 @@ public class MvcConfig extends WebMvcConfigurerAdapter {
|
|||
|
||||
@Override
|
||||
public void addViewControllers(final ViewControllerRegistry registry) {
|
||||
super.addViewControllers(registry);
|
||||
registry.addViewController("/").setViewName("forward:/index");
|
||||
registry.addViewController("/index");
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
package org.baeldung.config;
|
||||
package org.baeldung.custom.config;
|
||||
|
||||
import org.baeldung.security.MyUserDetailsService;
|
||||
import org.baeldung.custom.security.MyUserDetailsService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
|
@ -1,16 +1,16 @@
|
|||
package org.baeldung.persistence;
|
||||
package org.baeldung.custom.persistence;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.HashSet;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
|
||||
import org.baeldung.persistence.dao.OrganizationRepository;
|
||||
import org.baeldung.persistence.dao.PrivilegeRepository;
|
||||
import org.baeldung.persistence.dao.UserRepository;
|
||||
import org.baeldung.persistence.model.Organization;
|
||||
import org.baeldung.persistence.model.Privilege;
|
||||
import org.baeldung.persistence.model.User;
|
||||
import org.baeldung.custom.persistence.dao.OrganizationRepository;
|
||||
import org.baeldung.custom.persistence.dao.PrivilegeRepository;
|
||||
import org.baeldung.custom.persistence.dao.UserRepository;
|
||||
import org.baeldung.custom.persistence.model.Organization;
|
||||
import org.baeldung.custom.persistence.model.Privilege;
|
||||
import org.baeldung.custom.persistence.model.User;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.stereotype.Component;
|
|
@ -1,6 +1,6 @@
|
|||
package org.baeldung.persistence.dao;
|
||||
package org.baeldung.custom.persistence.dao;
|
||||
|
||||
import org.baeldung.persistence.model.Organization;
|
||||
import org.baeldung.custom.persistence.model.Organization;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
|
||||
public interface OrganizationRepository extends JpaRepository<Organization, Long> {
|
|
@ -1,6 +1,6 @@
|
|||
package org.baeldung.persistence.dao;
|
||||
package org.baeldung.custom.persistence.dao;
|
||||
|
||||
import org.baeldung.persistence.model.Privilege;
|
||||
import org.baeldung.custom.persistence.model.Privilege;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
|
||||
public interface PrivilegeRepository extends JpaRepository<Privilege, Long> {
|
|
@ -1,6 +1,6 @@
|
|||
package org.baeldung.persistence.dao;
|
||||
package org.baeldung.custom.persistence.dao;
|
||||
|
||||
import org.baeldung.persistence.model.User;
|
||||
import org.baeldung.custom.persistence.model.User;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.persistence.model;
|
||||
package org.baeldung.custom.persistence.model;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.persistence.model;
|
||||
package org.baeldung.custom.persistence.model;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.persistence.model;
|
||||
package org.baeldung.custom.persistence.model;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.persistence.model;
|
||||
package org.baeldung.custom.persistence.model;
|
||||
|
||||
import java.util.Set;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.security;
|
||||
package org.baeldung.custom.security;
|
||||
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
|
|
@ -1,6 +1,6 @@
|
|||
package org.baeldung.security;
|
||||
package org.baeldung.custom.security;
|
||||
|
||||
import org.baeldung.persistence.model.User;
|
||||
import org.baeldung.custom.persistence.model.User;
|
||||
import org.springframework.security.access.expression.SecurityExpressionRoot;
|
||||
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
|
||||
import org.springframework.security.core.Authentication;
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.security;
|
||||
package org.baeldung.custom.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
|
@ -1,11 +1,11 @@
|
|||
package org.baeldung.security;
|
||||
package org.baeldung.custom.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import org.baeldung.persistence.model.User;
|
||||
import org.baeldung.custom.persistence.model.User;
|
||||
import org.springframework.security.access.PermissionEvaluator;
|
||||
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
|
||||
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
|
|
@ -1,7 +1,7 @@
|
|||
package org.baeldung.security;
|
||||
package org.baeldung.custom.security;
|
||||
|
||||
import org.baeldung.persistence.dao.UserRepository;
|
||||
import org.baeldung.persistence.model.User;
|
||||
import org.baeldung.custom.persistence.dao.UserRepository;
|
||||
import org.baeldung.custom.persistence.model.User;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
@ -1,11 +1,11 @@
|
|||
package org.baeldung.security;
|
||||
package org.baeldung.custom.security;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import org.baeldung.persistence.model.Privilege;
|
||||
import org.baeldung.persistence.model.User;
|
||||
import org.baeldung.custom.persistence.model.Privilege;
|
||||
import org.baeldung.custom.persistence.model.User;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
|
@ -1,8 +1,8 @@
|
|||
package org.baeldung.web;
|
||||
package org.baeldung.custom.web;
|
||||
|
||||
import org.baeldung.persistence.dao.OrganizationRepository;
|
||||
import org.baeldung.persistence.model.Foo;
|
||||
import org.baeldung.persistence.model.Organization;
|
||||
import org.baeldung.custom.persistence.dao.OrganizationRepository;
|
||||
import org.baeldung.custom.persistence.model.Foo;
|
||||
import org.baeldung.custom.persistence.model.Organization;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
@ -52,7 +52,7 @@ public class MainController {
|
|||
@RequestMapping(method = RequestMethod.GET, value = "/organizations/{id}")
|
||||
@ResponseBody
|
||||
public Organization findOrgById(@PathVariable final long id) {
|
||||
return organizationRepository.findOne(id);
|
||||
return organizationRepository.findById(id).orElse(null);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,12 +1,12 @@
|
|||
package org.baeldung.multipleauthproviders;
|
||||
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@RestController
|
||||
public class MultipleAuthController {
|
||||
|
||||
@RequestMapping("/api/ping")
|
||||
@GetMapping("/api/ping")
|
||||
public String getPing() {
|
||||
return "OK";
|
||||
}
|
||||
|
|
|
@ -1,10 +1,13 @@
|
|||
package org.baeldung.multipleauthproviders;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
@EnableWebSecurity
|
||||
public class MultipleAuthProvidersSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
@ -19,7 +22,7 @@ public class MultipleAuthProvidersSecurityConfig extends WebSecurityConfigurerAd
|
|||
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser("memuser")
|
||||
.password("pass")
|
||||
.password(passwordEncoder().encode("pass"))
|
||||
.roles("USER");
|
||||
}
|
||||
|
||||
|
@ -31,4 +34,9 @@ public class MultipleAuthProvidersSecurityConfig extends WebSecurityConfigurerAd
|
|||
.antMatchers("/api/**")
|
||||
.authenticated();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -8,6 +8,8 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
|||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
||||
|
@ -21,10 +23,15 @@ public class MultipleEntryPointsSecurityConfig {
|
|||
@Bean
|
||||
public UserDetailsService userDetailsService() throws Exception {
|
||||
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
|
||||
manager.createUser(User.withUsername("user").password("userPass").roles("USER").build());
|
||||
manager.createUser(User.withUsername("admin").password("adminPass").roles("ADMIN").build());
|
||||
manager.createUser(User.withUsername("user").password(encoder().encode("userPass")).roles("USER").build());
|
||||
manager.createUser(User.withUsername("admin").password(encoder().encode("adminPass")).roles("ADMIN").build());
|
||||
return manager;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder encoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@Order(1)
|
||||
|
|
|
@ -5,6 +5,7 @@ import org.springframework.context.annotation.Configuration;
|
|||
import org.springframework.web.servlet.ViewResolver;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
import org.springframework.web.servlet.view.InternalResourceViewResolver;
|
||||
import org.springframework.web.servlet.view.JstlView;
|
||||
|
@ -13,7 +14,7 @@ import org.springframework.context.annotation.ComponentScan;
|
|||
@EnableWebMvc
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.controller")
|
||||
public class MultipleLoginMvcConfig extends WebMvcConfigurerAdapter {
|
||||
public class MultipleLoginMvcConfig implements WebMvcConfigurer {
|
||||
|
||||
public MultipleLoginMvcConfig() {
|
||||
super();
|
||||
|
@ -23,8 +24,6 @@ public class MultipleLoginMvcConfig extends WebMvcConfigurerAdapter {
|
|||
|
||||
@Override
|
||||
public void addViewControllers(final ViewControllerRegistry registry) {
|
||||
super.addViewControllers(registry);
|
||||
|
||||
registry.addViewController("/anonymous.html");
|
||||
|
||||
registry.addViewController("/login.html");
|
||||
|
|
|
@ -1,17 +1,16 @@
|
|||
package org.baeldung.multiplelogin;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.authentication.TestingAuthenticationProvider;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
|
||||
@Configuration
|
||||
|
@ -21,10 +20,15 @@ public class MultipleLoginSecurityConfig {
|
|||
@Bean
|
||||
public UserDetailsService userDetailsService() throws Exception {
|
||||
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
|
||||
manager.createUser(User.withUsername("user").password("userPass").roles("USER").build());
|
||||
manager.createUser(User.withUsername("admin").password("adminPass").roles("ADMIN").build());
|
||||
manager.createUser(User.withUsername("user").password(encoder().encode("userPass")).roles("USER").build());
|
||||
manager.createUser(User.withUsername("admin").password(encoder().encode("adminPass")).roles("ADMIN").build());
|
||||
return manager;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public static PasswordEncoder encoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@Order(1)
|
||||
|
@ -36,7 +40,7 @@ public class MultipleLoginSecurityConfig {
|
|||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication().withUser("admin").password("admin").roles("ADMIN");
|
||||
auth.inMemoryAuthentication().withUser("admin").password(encoder().encode("admin")).roles("ADMIN");
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -59,7 +63,7 @@ public class MultipleLoginSecurityConfig {
|
|||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication().withUser("user").password("user").roles("USER");
|
||||
auth.inMemoryAuthentication().withUser("user").password(encoder().encode("user")).roles("USER");
|
||||
}
|
||||
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
|
|
|
@ -1,37 +1,37 @@
|
|||
package org.baeldung.multiplelogin;
|
||||
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
|
||||
@Controller
|
||||
public class UsersController {
|
||||
|
||||
@RequestMapping("/protectedLinks")
|
||||
@GetMapping("/protectedLinks")
|
||||
public String getAnonymousPage() {
|
||||
return "protectedLinks";
|
||||
}
|
||||
|
||||
@RequestMapping("/userPage")
|
||||
@GetMapping("/userPage")
|
||||
public String getUserPage() {
|
||||
return "userPage";
|
||||
}
|
||||
|
||||
@RequestMapping("/adminPage")
|
||||
@GetMapping("/adminPage")
|
||||
public String getAdminPage() {
|
||||
return "adminPage";
|
||||
}
|
||||
|
||||
@RequestMapping("/loginAdmin")
|
||||
@GetMapping("/loginAdmin")
|
||||
public String getAdminLoginPage() {
|
||||
return "loginAdmin";
|
||||
}
|
||||
|
||||
@RequestMapping("/loginUser")
|
||||
@GetMapping("/loginUser")
|
||||
public String getUserLoginPage() {
|
||||
return "loginUser";
|
||||
}
|
||||
|
||||
@RequestMapping("/403")
|
||||
@GetMapping("/403")
|
||||
public String getAccessDeniedPage() {
|
||||
return "403";
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@ package org.baeldung.rolesauthorities;
|
|||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.web.support.SpringBootServletInitializer;
|
||||
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
|
|
|
@ -7,11 +7,11 @@ import org.springframework.web.servlet.config.annotation.DefaultServletHandlerCo
|
|||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
@Configuration
|
||||
@EnableWebMvc
|
||||
public class MvcConfig extends WebMvcConfigurerAdapter {
|
||||
public class MvcConfig implements WebMvcConfigurer {
|
||||
|
||||
public MvcConfig() {
|
||||
super();
|
||||
|
@ -30,7 +30,6 @@ public class MvcConfig extends WebMvcConfigurerAdapter {
|
|||
|
||||
@Override
|
||||
public void addViewControllers(final ViewControllerRegistry registry) {
|
||||
super.addViewControllers(registry);
|
||||
registry.addViewController("/").setViewName("forward:/home");
|
||||
registry.addViewController("/protectedbynothing").setViewName("rolesauthorities/protectedbynothing");
|
||||
registry.addViewController("/protectedbyrole").setViewName("rolesauthorities/protectedbyrole");
|
||||
|
|
|
@ -1,77 +0,0 @@
|
|||
package org.baeldung.rolesauthorities.persistence;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor;
|
||||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
|
||||
import org.springframework.jdbc.datasource.DriverManagerDataSource;
|
||||
import org.springframework.orm.jpa.JpaTransactionManager;
|
||||
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
|
||||
import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
|
||||
@Configuration
|
||||
@EnableTransactionManagement
|
||||
@PropertySource({ "classpath:persistence.properties" })
|
||||
@ComponentScan({ "org.baeldung.rolesauthorities.persistence" })
|
||||
@EnableJpaRepositories(basePackages = "org.baeldung.rolesauthorities.persistence")
|
||||
public class PersistenceJPAConfig {
|
||||
|
||||
@Autowired
|
||||
private Environment env;
|
||||
|
||||
public PersistenceJPAConfig() {
|
||||
super();
|
||||
}
|
||||
|
||||
//
|
||||
|
||||
@Bean
|
||||
public LocalContainerEntityManagerFactoryBean entityManagerFactory() {
|
||||
LocalContainerEntityManagerFactoryBean em = new LocalContainerEntityManagerFactoryBean();
|
||||
em.setDataSource(dataSource());
|
||||
em.setPackagesToScan(new String[] { "org.baeldung.rolesauthorities" });
|
||||
HibernateJpaVendorAdapter vendorAdapter = new HibernateJpaVendorAdapter();
|
||||
em.setJpaVendorAdapter(vendorAdapter);
|
||||
em.setJpaProperties(additionalProperties());
|
||||
return em;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public DataSource dataSource() {
|
||||
DriverManagerDataSource dataSource = new DriverManagerDataSource();
|
||||
dataSource.setDriverClassName(env.getProperty("jdbc.driverClassName"));
|
||||
dataSource.setUrl(env.getProperty("jdbc.url"));
|
||||
dataSource.setUsername(env.getProperty("jdbc.user"));
|
||||
dataSource.setPassword(env.getProperty("jdbc.pass"));
|
||||
return dataSource;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JpaTransactionManager transactionManager() {
|
||||
JpaTransactionManager transactionManager = new JpaTransactionManager();
|
||||
transactionManager.setEntityManagerFactory(entityManagerFactory().getObject());
|
||||
return transactionManager;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PersistenceExceptionTranslationPostProcessor exceptionTranslation() {
|
||||
return new PersistenceExceptionTranslationPostProcessor();
|
||||
}
|
||||
|
||||
protected Properties additionalProperties() {
|
||||
Properties hibernateProperties = new Properties();
|
||||
hibernateProperties.setProperty("hibernate.hbm2ddl.auto", env.getProperty("hibernate.hbm2ddl.auto"));
|
||||
hibernateProperties.setProperty("hibernate.dialect", env.getProperty("hibernate.dialect"));
|
||||
return hibernateProperties;
|
||||
}
|
||||
|
||||
}
|
|
@ -3,6 +3,7 @@ package org.baeldung.voter;
|
|||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
|
||||
/**
|
||||
|
@ -10,7 +11,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
|
|||
*/
|
||||
|
||||
@Configuration
|
||||
public class VoterMvcConfig extends WebMvcConfigurerAdapter {
|
||||
public class VoterMvcConfig implements WebMvcConfigurer {
|
||||
@Override
|
||||
public void addViewControllers(ViewControllerRegistry registry) {
|
||||
registry.addViewController("/").setViewName("private");
|
||||
|
|
|
@ -12,6 +12,8 @@ import org.springframework.security.config.annotation.authentication.builders.Au
|
|||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.access.expression.WebExpressionVoter;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
|
@ -24,7 +26,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Autowired
|
||||
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
|
||||
// @formatter: off
|
||||
auth.inMemoryAuthentication().withUser("user").password("pass").roles("USER").and().withUser("admin").password("pass").roles("ADMIN");
|
||||
auth.inMemoryAuthentication().withUser("user").password(passwordEncoder().encode("pass")).roles("USER").and().withUser("admin").password(passwordEncoder().encode("pass")).roles("ADMIN");
|
||||
// @formatter: on
|
||||
}
|
||||
|
||||
|
@ -45,4 +47,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
// @formatter: on
|
||||
return new UnanimousBased(decisionVoters);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,28 +0,0 @@
|
|||
INSERT INTO system_message(id,content) VALUES (1,'First Level Message');
|
||||
INSERT INTO system_message(id,content) VALUES (2,'Second Level Message');
|
||||
INSERT INTO system_message(id,content) VALUES (3,'Third Level Message');
|
||||
|
||||
INSERT INTO acl_class (id, class) VALUES
|
||||
(1, 'org.baeldung.acl.persistence.entity.NoticeMessage');
|
||||
|
||||
INSERT INTO acl_sid (id, principal, sid) VALUES
|
||||
(1, 1, 'manager'),
|
||||
(2, 1, 'hr'),
|
||||
(3, 1, 'admin'),
|
||||
(4, 0, 'ROLE_EDITOR');
|
||||
|
||||
INSERT INTO acl_object_identity (id, object_id_class, object_id_identity, parent_object, owner_sid, entries_inheriting) VALUES
|
||||
(1, 1, 1, NULL, 3, 0),
|
||||
(2, 1, 2, NULL, 3, 0),
|
||||
(3, 1, 3, NULL, 3, 0)
|
||||
;
|
||||
|
||||
INSERT INTO acl_entry (id, acl_object_identity, ace_order, sid, mask, granting, audit_success, audit_failure) VALUES
|
||||
(1, 1, 1, 1, 1, 1, 1, 1),
|
||||
(2, 1, 2, 1, 2, 1, 1, 1),
|
||||
(3, 1, 3, 4, 1, 1, 1, 1),
|
||||
(4, 2, 1, 2, 1, 1, 1, 1),
|
||||
(5, 2, 2, 4, 1, 1, 1, 1),
|
||||
(6, 3, 1, 4, 1, 1, 1, 1),
|
||||
(7, 3, 2, 4, 2, 1, 1, 1)
|
||||
;
|
|
@ -1,58 +0,0 @@
|
|||
create table system_message (id integer not null, content varchar(255), primary key (id));
|
||||
|
||||
CREATE TABLE IF NOT EXISTS acl_sid (
|
||||
id bigint(20) NOT NULL AUTO_INCREMENT,
|
||||
principal tinyint(1) NOT NULL,
|
||||
sid varchar(100) NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE KEY unique_uk_1 (sid,principal)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS acl_class (
|
||||
id bigint(20) NOT NULL AUTO_INCREMENT,
|
||||
class varchar(255) NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE KEY unique_uk_2 (class)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS acl_entry (
|
||||
id bigint(20) NOT NULL AUTO_INCREMENT,
|
||||
acl_object_identity bigint(20) NOT NULL,
|
||||
ace_order int(11) NOT NULL,
|
||||
sid bigint(20) NOT NULL,
|
||||
mask int(11) NOT NULL,
|
||||
granting tinyint(1) NOT NULL,
|
||||
audit_success tinyint(1) NOT NULL,
|
||||
audit_failure tinyint(1) NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE KEY unique_uk_4 (acl_object_identity,ace_order)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS acl_object_identity (
|
||||
id bigint(20) NOT NULL AUTO_INCREMENT,
|
||||
object_id_class bigint(20) NOT NULL,
|
||||
object_id_identity bigint(20) NOT NULL,
|
||||
parent_object bigint(20) DEFAULT NULL,
|
||||
owner_sid bigint(20) DEFAULT NULL,
|
||||
entries_inheriting tinyint(1) NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE KEY unique_uk_3 (object_id_class,object_id_identity)
|
||||
);
|
||||
|
||||
ALTER TABLE acl_entry
|
||||
ADD FOREIGN KEY (acl_object_identity) REFERENCES acl_object_identity(id);
|
||||
|
||||
ALTER TABLE acl_entry
|
||||
ADD FOREIGN KEY (sid) REFERENCES acl_sid(id);
|
||||
|
||||
--
|
||||
-- Constraints for table acl_object_identity
|
||||
--
|
||||
ALTER TABLE acl_object_identity
|
||||
ADD FOREIGN KEY (parent_object) REFERENCES acl_object_identity (id);
|
||||
|
||||
ALTER TABLE acl_object_identity
|
||||
ADD FOREIGN KEY (object_id_class) REFERENCES acl_class (id);
|
||||
|
||||
ALTER TABLE acl_object_identity
|
||||
ADD FOREIGN KEY (owner_sid) REFERENCES acl_sid (id);
|
|
@ -1,10 +0,0 @@
|
|||
server.port=8082
|
||||
server.context-path=/
|
||||
spring.datasource.driver-class-name=org.h2.Driver
|
||||
spring.datasource.url=jdbc:h2:mem:security_permission;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
|
||||
spring.datasource.username=sa
|
||||
spring.datasource.password=
|
||||
spring.jpa.hibernate.ddl-auto=create-drop
|
||||
spring.jpa.database=H2
|
||||
spring.jpa.show-sql=false
|
||||
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.H2Dialect
|
|
@ -1,5 +1,4 @@
|
|||
server.port=8082
|
||||
server.context-path=/spring-security-mvc-boot
|
||||
spring.datasource.driver-class-name=org.h2.Driver
|
||||
spring.datasource.url=jdbc:h2:mem:security_permission;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
|
||||
spring.datasource.username=sa
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
spring.datasource.url=jdbc:h2:mem:testdb;DB_CLOSE_ON_EXIT=FALSE
|
||||
spring.datasource.username=sa
|
||||
spring.datasource.password=
|
||||
spring.datasource.driverClassName=org.h2.Driver
|
||||
spring.jpa.hibernate.ddl-auto=update
|
||||
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.H2Dialect
|
||||
|
||||
spring.h2.console.path=/myconsole
|
||||
spring.h2.console.enabled=true
|
||||
spring.datasource.initialize=true
|
||||
spring.datasource.schema=classpath:acl-schema.sql
|
||||
spring.datasource.data=classpath:acl-data.sql
|
|
@ -1,12 +0,0 @@
|
|||
# jdbc.X
|
||||
jdbc.driverClassName=org.apache.derby.jdbc.EmbeddedDriver
|
||||
jdbc.url=jdbc:derby:memory:spring_custom_user_service;create=true
|
||||
jdbc.user=tutorialuser
|
||||
jdbc.pass=tutorialpass
|
||||
|
||||
# hibernate.X
|
||||
hibernate.dialect=org.hibernate.dialect.DerbyDialect
|
||||
hibernate.show_sql=false
|
||||
hibernate.hbm2ddl.auto=create
|
||||
hibernate.cache.use_second_level_cache=false
|
||||
hibernate.cache.use_query_cache=false
|
|
@ -1,11 +0,0 @@
|
|||
####### H2
|
||||
#################### DataSource Configuration ##########################
|
||||
jdbc.driverClassName=org.h2.Driver
|
||||
jdbc.url=jdbc:h2:mem:registration_02;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
|
||||
jdbc.user=sa
|
||||
jdbc.pass=
|
||||
init-db=false
|
||||
#################### Hibernate Configuration ##########################
|
||||
hibernate.dialect=org.hibernate.dialect.H2Dialect
|
||||
hibernate.show_sql=false
|
||||
hibernate.hbm2ddl.auto=create-drop
|
|
@ -1,5 +1,6 @@
|
|||
package org.baeldung;
|
||||
|
||||
import org.baeldung.custom.Application;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
|
|
|
@ -1,119 +0,0 @@
|
|||
package org.baeldung.acl;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.baeldung.acl.persistence.dao.NoticeMessageRepository;
|
||||
import org.baeldung.acl.persistence.entity.NoticeMessage;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.test.context.support.WithMockUser;
|
||||
import org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.TestExecutionListeners;
|
||||
import org.springframework.test.context.junit4.AbstractJUnit4SpringContextTests;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
import org.springframework.test.context.support.DependencyInjectionTestExecutionListener;
|
||||
import org.springframework.test.context.support.DirtiesContextTestExecutionListener;
|
||||
import org.springframework.test.context.transaction.TransactionalTestExecutionListener;
|
||||
import org.springframework.test.context.web.ServletTestExecutionListener;
|
||||
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@ContextConfiguration
|
||||
@TestExecutionListeners(listeners={ServletTestExecutionListener.class,
|
||||
DependencyInjectionTestExecutionListener.class,
|
||||
DirtiesContextTestExecutionListener.class,
|
||||
TransactionalTestExecutionListener.class,
|
||||
WithSecurityContextTestExecutionListener.class})
|
||||
public class SpringAclIntegrationTest extends AbstractJUnit4SpringContextTests{
|
||||
|
||||
private static Integer FIRST_MESSAGE_ID = 1;
|
||||
private static Integer SECOND_MESSAGE_ID = 2;
|
||||
private static Integer THIRD_MESSAGE_ID = 3;
|
||||
private static String EDITTED_CONTENT = "EDITED";
|
||||
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.acl.*")
|
||||
public static class SpringConfig {
|
||||
|
||||
}
|
||||
|
||||
@Autowired
|
||||
NoticeMessageRepository repo;
|
||||
|
||||
@Test
|
||||
@WithMockUser(username="manager")
|
||||
public void givenUsernameManager_whenFindAllMessage_thenReturnFirstMessage(){
|
||||
List<NoticeMessage> details = repo.findAll();
|
||||
assertNotNull(details);
|
||||
assertEquals(1,details.size());
|
||||
assertEquals(FIRST_MESSAGE_ID,details.get(0).getId());
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username="manager")
|
||||
public void givenUsernameManager_whenFindFirstMessageByIdAndUpdateFirstMessageContent_thenOK(){
|
||||
NoticeMessage firstMessage = repo.findById(FIRST_MESSAGE_ID);
|
||||
assertNotNull(firstMessage);
|
||||
assertEquals(FIRST_MESSAGE_ID,firstMessage.getId());
|
||||
|
||||
firstMessage.setContent(EDITTED_CONTENT);
|
||||
repo.save(firstMessage);
|
||||
|
||||
NoticeMessage editedFirstMessage = repo.findById(FIRST_MESSAGE_ID);
|
||||
assertNotNull(editedFirstMessage);
|
||||
assertEquals(FIRST_MESSAGE_ID,editedFirstMessage.getId());
|
||||
assertEquals(EDITTED_CONTENT,editedFirstMessage.getContent());
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username="hr")
|
||||
public void givenUsernameHr_whenFindMessageById2_thenOK(){
|
||||
NoticeMessage secondMessage = repo.findById(SECOND_MESSAGE_ID);
|
||||
assertNotNull(secondMessage);
|
||||
assertEquals(SECOND_MESSAGE_ID,secondMessage.getId());
|
||||
}
|
||||
|
||||
@Test(expected=AccessDeniedException.class)
|
||||
@WithMockUser(username="hr")
|
||||
public void givenUsernameHr_whenUpdateMessageWithId2_thenFail(){
|
||||
NoticeMessage secondMessage = new NoticeMessage();
|
||||
secondMessage.setId(SECOND_MESSAGE_ID);
|
||||
secondMessage.setContent(EDITTED_CONTENT);
|
||||
repo.save(secondMessage);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(roles={"EDITOR"})
|
||||
public void givenRoleEditor_whenFindAllMessage_thenReturnThreeMessage(){
|
||||
List<NoticeMessage> details = repo.findAll();
|
||||
assertNotNull(details);
|
||||
assertEquals(3,details.size());
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(roles={"EDITOR"})
|
||||
public void givenRoleEditor_whenUpdateThirdMessage_thenOK(){
|
||||
NoticeMessage thirdMessage = new NoticeMessage();
|
||||
thirdMessage.setId(THIRD_MESSAGE_ID);
|
||||
thirdMessage.setContent(EDITTED_CONTENT);
|
||||
repo.save(thirdMessage);
|
||||
}
|
||||
|
||||
@Test(expected=AccessDeniedException.class)
|
||||
@WithMockUser(roles={"EDITOR"})
|
||||
public void givenRoleEditor_whenFindFirstMessageByIdAndUpdateFirstMessageContent_thenFail(){
|
||||
NoticeMessage firstMessage = repo.findById(FIRST_MESSAGE_ID);
|
||||
assertNotNull(firstMessage);
|
||||
assertEquals(FIRST_MESSAGE_ID,firstMessage.getId());
|
||||
firstMessage.setContent(EDITTED_CONTENT);
|
||||
repo.save(firstMessage);
|
||||
}
|
||||
}
|
||||
|
|
@ -2,12 +2,14 @@ package org.baeldung.web;
|
|||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import org.baeldung.custom.persistence.model.Foo;
|
||||
|
||||
import io.restassured.RestAssured;
|
||||
import io.restassured.authentication.FormAuthConfig;
|
||||
import io.restassured.response.Response;
|
||||
import io.restassured.specification.RequestSpecification;
|
||||
|
||||
import org.baeldung.persistence.model.Foo;
|
||||
import org.junit.Test;
|
||||
import org.springframework.http.MediaType;
|
||||
|
||||
|
@ -16,20 +18,20 @@ public class ApplicationLiveTest {
|
|||
|
||||
@Test
|
||||
public void givenUserWithReadPrivilegeAndHasPermission_whenGetFooById_thenOK() {
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/spring-security-mvc-boot/foos/1");
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/foos/1");
|
||||
assertEquals(200, response.getStatusCode());
|
||||
assertTrue(response.asString().contains("id"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void givenUserWithNoWritePrivilegeAndHasPermission_whenPostFoo_thenForbidden() {
|
||||
final Response response = givenAuth("john", "123").contentType(MediaType.APPLICATION_JSON_VALUE).body(new Foo("sample")).post("http://localhost:8082/spring-security-mvc-boot/foos");
|
||||
final Response response = givenAuth("john", "123").contentType(MediaType.APPLICATION_JSON_VALUE).body(new Foo("sample")).post("http://localhost:8082/foos");
|
||||
assertEquals(403, response.getStatusCode());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void givenUserWithWritePrivilegeAndHasPermission_whenPostFoo_thenOk() {
|
||||
final Response response = givenAuth("tom", "111").and().body(new Foo("sample")).and().contentType(MediaType.APPLICATION_JSON_VALUE).post("http://localhost:8082/spring-security-mvc-boot/foos");
|
||||
final Response response = givenAuth("tom", "111").and().body(new Foo("sample")).and().contentType(MediaType.APPLICATION_JSON_VALUE).post("http://localhost:8082/foos");
|
||||
assertEquals(201, response.getStatusCode());
|
||||
assertTrue(response.asString().contains("id"));
|
||||
}
|
||||
|
@ -38,14 +40,14 @@ public class ApplicationLiveTest {
|
|||
|
||||
@Test
|
||||
public void givenUserMemberInOrganization_whenGetOrganization_thenOK() {
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/spring-security-mvc-boot/organizations/1");
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/organizations/1");
|
||||
assertEquals(200, response.getStatusCode());
|
||||
assertTrue(response.asString().contains("id"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void givenUserMemberNotInOrganization_whenGetOrganization_thenForbidden() {
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/spring-security-mvc-boot/organizations/2");
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/organizations/2");
|
||||
assertEquals(403, response.getStatusCode());
|
||||
}
|
||||
|
||||
|
@ -53,13 +55,13 @@ public class ApplicationLiveTest {
|
|||
|
||||
@Test
|
||||
public void givenDisabledSecurityExpression_whenGetFooByName_thenError() {
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/spring-security-mvc-boot/foos?name=sample");
|
||||
final Response response = givenAuth("john", "123").get("http://localhost:8082/foos?name=sample");
|
||||
assertEquals(500, response.getStatusCode());
|
||||
assertTrue(response.asString().contains("method hasAuthority() not allowed"));
|
||||
}
|
||||
|
||||
//
|
||||
private RequestSpecification givenAuth(String username, String password) {
|
||||
return RestAssured.given().log().uri().auth().form(username, password, new FormAuthConfig("/spring-security-mvc-boot/login","username","password"));
|
||||
return RestAssured.given().log().uri().auth().form(username, password, new FormAuthConfig("/login","username","password"));
|
||||
}
|
||||
}
|
|
@ -2,11 +2,11 @@ package org.baeldung.web;
|
|||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import org.baeldung.config.MvcConfig;
|
||||
import org.baeldung.config.PersistenceConfig;
|
||||
import org.baeldung.config.SecurityConfig;
|
||||
import org.baeldung.persistence.dao.UserRepository;
|
||||
import org.baeldung.persistence.model.User;
|
||||
import org.baeldung.custom.Application;
|
||||
import org.baeldung.custom.config.MvcConfig;
|
||||
import org.baeldung.custom.config.SecurityConfig;
|
||||
import org.baeldung.custom.persistence.dao.UserRepository;
|
||||
import org.baeldung.custom.persistence.model.User;
|
||||
import org.junit.After;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
@ -21,7 +21,7 @@ import org.springframework.test.context.web.WebAppConfiguration;
|
|||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@SpringBootTest(classes = {MvcConfig.class, SecurityConfig.class, PersistenceConfig.class})
|
||||
@SpringBootTest(classes = {Application.class})
|
||||
@WebAppConfiguration
|
||||
public class CustomUserDetailsServiceIntegrationTest {
|
||||
|
||||
|
|
Loading…
Reference in New Issue