Merge pull request #10575 from hmdrzsharifi/BAEL-4828

Bael-4828-This Combination of Host and Port Requires TLS

spring-security-modules/pom.xml

@@ -31,6 +31,7 @@
         <module>spring-security-web-angular/server</module>
         <module>spring-security-web-boot-1</module>
         <module>spring-security-web-boot-2</module>
+        <module>spring-security-web-boot-3</module>
         <module>spring-security-web-digest-auth</module>
         <module>spring-security-web-login</module>
         <module>spring-security-web-mvc-custom</module>

spring-security-modules/spring-security-web-boot-3/README.md

@@ -0,0 +1,11 @@
+## Spring Boot Security MVC
+
+This module contains articles about Spring Security with Spring MVC in Boot applications
+
+### The Course
+The "REST With Spring" Classes: http://github.learnspringsecurity.com
+
+### Relevant Articles:
+
+- [TLS Setup in Spring](https://www.baeldung.com/)
+- More articles: [[<-- prev]](/spring-security-modules/spring-security-web-boot-2)

spring-security-modules/spring-security-web-boot-3/pom.xml

@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>spring-security-web-boot-3</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <name>spring-security-web-boot-3</name>
+    <packaging>jar</packaging>
+    <description>Spring Security MVC Boot - 3</description>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>parent-boot-2</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>../../parent-boot-2</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>

spring-security-modules/spring-security-web-boot-3/src/main/java/com/baeldung/tls/HomeController.java

@@ -0,0 +1,16 @@
+package com.baeldung.tls;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class HomeController {
+
+    @GetMapping("/baeldung")
+    public ResponseEntity<String> welcome() {
+        return new ResponseEntity<>("tls/baeldung", HttpStatus.OK);
+    }
+
+}

spring-security-modules/spring-security-web-boot-3/src/main/java/com/baeldung/tls/SecurityConfig.java

@@ -0,0 +1,16 @@
+package com.baeldung.tls;
+
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+          .antMatchers("/**")
+          .permitAll();
+    }
+}

spring-security-modules/spring-security-web-boot-3/src/main/java/com/baeldung/tls/TLSEnabledApplication.java

@@ -0,0 +1,15 @@
+package com.baeldung.tls;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+public class TLSEnabledApplication {
+
+    public static void main(String... args) {
+        SpringApplication application = new SpringApplication(TLSEnabledApplication.class);
+        application.setAdditionalProfiles("tls");
+        application.run(args);
+    }
+}

spring-security-modules/spring-security-web-boot-3/src/main/resources/application-tls.properties

@@ -0,0 +1,23 @@
+
+server.port=8443
+
+# enable/disable https
+server.ssl.enabled=true
+# keystore format
+server.ssl.key-store-type=PKCS12
+# keystore location
+server.ssl.key-store=classpath:keystore/keystore.p12
+# keystore password
+server.ssl.key-store-password=changeit
+server.ssl.key-alias=baeldung
+# SSL protocol to use
+server.ssl.protocol=TLS
+# Enabled SSL protocols
+server.ssl.enabled-protocols=TLSv1.2
+
+#server.ssl.client-auth=need
+
+#trust store location
+#server.ssl.trust-store=classpath:keystore/truststore.p12
+#trust store password
+#server.ssl.trust-store-password=changeit

spring-security-modules/spring-security-web-boot-3/src/main/resources/keystore/baeldung.cer

@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIExzCCAq+gAwIBAgIEbh/WszANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwls
+b2NhbGhvc3QwHhcNMjEwMzIxMDgzMzU3WhcNMzEwMzE5MDgzMzU3WjAUMRIwEAYD
+VQQDEwlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCD
+QWvAEewDE+vFFqYPgXFJ94bMgPZT6qdb17DkWWbL2jV5QENbSYTLAPNQ1TGUgKhj
+t1LCHpooLwWIo6xvhK/qZYjh3YonSIe8Eo0fBCDoZpLO+Vp0us22NBgLOYH8hvAm
+zEvPXdSZo5Qkeaqjwd6kB/z083y8OL+Civ0ARXoLsn7CFslKfZp2o/aebH6i/T+3
+hWVqasIIMtfNUrxE/pnOnV8aSAt24jcm/VxbtheqIzmcOPlCXSP1RAmFez6tJsNu
+2dbUhaeOf95RCaM6a43soEvLvooGa/uqBPsRojg5WEFGf7Tc7pzB+BtALwRmHAqr
+hiYjVv329QGZ+g8dADBvvqvGpGysy+X0LxixvIP14KdCqG8uMYmw5cBTJHc23AHV
+iP+JsfDtdu+bzZeOZmhSsv4M3DZ1QPHEX+zCnotE+SeycqEr+3SaJELyjCB1twFT
+pCRCQGWFKYCRwhjQ1vGY7qhD6ZDn30a96xAlPS+T35pA01rNgORJi8j9sf3oiwEe
+oPQOecgFHdua5drHJ78j7MUz/Gvj02GnwKnBKbMYDGeBKJWm0ir4MxoU7HPaDwLj
+jofXgIz+CMXkp+9arVu5IsZwL2MKNZ4fiM+VWZg9R73CAVpKvs6dTlQXe++DCaOr
+XGiQeCPPpIC74vqWhAHuzPncGJndHlmXYGLhi0sk0wIDAQABoyEwHzAdBgNVHQ4E
+FgQUhW4a3uWREJoTxodyD5u7i7mCaacwDQYJKoZIhvcNAQELBQADggIBAD/Qfkot
+qklQr4r7eoHtyFCGozfZvsPwEediZORkycU/fCZozdVh95ebt2/N/jw7RlNhv+t+
+HahMoiXbLX2RUrqM/2X5U7BbxIpy3XjhcEYTJudqFfCxDQfxD1bFrWHygQzAanOb
+sPHkcEt3tu2suV2YsJpHry/1BMo83WAoTgw/3dFtJ7oEoi/LaI03v9Qlp0+hLfA5
+zwyuuRqFn24FRvdWHX5GqAweF+WUdmmlkiJiKu2RtQsPoN7ITvZQs9t4l0zZ8w2v
+QV0YdhWYLkS3g53oyOP8T5YlCFGuUOyo433hRyrzaxj3aFDkMbNrX9REB9v8Iz7X
+aFsmLDJsfT5Spovz68HCIMDW1Sl1WqVkNN2V3Rwt72bn7DEbKZzGW9RC5eXEW1Zw
+46XeYOVdEjzl/l623moWC5ZTlwPF1qRDaoZXT/1d1eAJE8ZBHm1YjwgDD5aFvylG
+0OT1qWD5gx3nOmAbBk1e3r8ESMo9k29/4hycUUUgtFuWtBwBaY/O/4YoLx59wbpL
+rFR/zjKIdYFj0AM2ABTgrG7v5pEhjLTnzjc+mZV7hJCBvB+bbC5vvfDg0K7lQUpJ
+ruIPvqKfJyuTwkKmoTF5jmG04jwUDtA5iGUB3U3QiQ8zcbTiVRptXLEQDYw/bzDk
+0fd4xTbok1ygI7wJ/KRyMvFXdbTKSvVu/tnM
+-----END CERTIFICATE-----