diff --git a/spring-security-mvc-persisted-remember-me/.gitignore b/spring-security-mvc-persisted-remember-me/.gitignore new file mode 100644 index 0000000000..108e0ccdf6 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/.gitignore @@ -0,0 +1,16 @@ +# Eclipse +.classpath +.project +.settings/ + +# Intellij +.idea/ +*.iml +*.iws + +# Mac +.DS_Store + +# Maven +log/ +target/ \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/README.md b/spring-security-mvc-persisted-remember-me/README.md new file mode 100644 index 0000000000..11f5417028 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/README.md @@ -0,0 +1,15 @@ +========= + +## Spring Security Persisted Remember Me Example Project + + +### Relevant Articles: +- [Spring Security Persisted Remember Me] +- [Spring Security Remember Me](http://www.baeldung.com/spring-security-remember-me) +- [Redirect to different pages after Login with Spring Security](http://www.baeldung.com/spring_redirect_after_login) + + +### Build the Project +``` +mvn clean install +``` diff --git a/spring-security-mvc-persisted-remember-me/pom.xml b/spring-security-mvc-persisted-remember-me/pom.xml new file mode 100644 index 0000000000..b131e3805a --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/pom.xml @@ -0,0 +1,300 @@ + + 4.0.0 + org.baeldung + spring-security-mvc-persisted-remember-me + 0.1-SNAPSHOT + + spring-security-mvc-persisted-remember-me + war + + + + + + + org.springframework.security + spring-security-web + ${org.springframework.security.version} + + + org.springframework.security + spring-security-config + ${org.springframework.security.version} + + + org.springframework.security + spring-security-taglibs + ${org.springframework.security.version} + + + org.springframework + spring-orm + ${org.springframework.version} + + + + + + org.springframework + spring-core + ${org.springframework.version} + + + commons-logging + commons-logging + + + + + org.springframework + spring-context + ${org.springframework.version} + + + org.springframework + spring-jdbc + ${org.springframework.version} + + + org.springframework + spring-beans + ${org.springframework.version} + + + org.springframework + spring-aop + ${org.springframework.version} + + + org.springframework + spring-tx + ${org.springframework.version} + + + org.springframework + spring-expression + ${org.springframework.version} + + + + org.springframework + spring-web + ${org.springframework.version} + + + org.springframework + spring-webmvc + ${org.springframework.version} + + + + + + javax.servlet + javax.servlet-api + 3.0.1 + provided + + + + javax.servlet + jstl + 1.2 + runtime + + + + + + com.h2database + h2 + 1.4.178 + + + + postgresql + postgresql + 9.1-901.jdbc4 + runtime + + + + + + com.google.guava + guava + ${guava.version} + + + + + + + + + + + + + + + org.slf4j + slf4j-api + ${org.slf4j.version} + + + ch.qos.logback + logback-classic + ${logback.version} + + + + org.slf4j + jcl-over-slf4j + ${org.slf4j.version} + + + + org.slf4j + log4j-over-slf4j + ${org.slf4j.version} + + + + + + junit + junit-dep + ${junit.version} + test + + + + org.hamcrest + hamcrest-core + ${org.hamcrest.version} + test + + + org.hamcrest + hamcrest-library + ${org.hamcrest.version} + test + + + + org.mockito + mockito-core + ${mockito.version} + test + + + + + + spring-security-mvc-persisted-remember-me + + + src/main/resources + true + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + ${maven-compiler-plugin.version} + + 1.7 + 1.7 + + + + + org.apache.maven.plugins + maven-war-plugin + ${maven-war-plugin.version} + + + + org.apache.maven.plugins + maven-surefire-plugin + ${maven-surefire-plugin.version} + + + + + + + + + + + + org.codehaus.cargo + cargo-maven2-plugin + ${cargo-maven2-plugin.version} + + true + + jetty8x + embedded + + + + + + + 8082 + + + + + + + + + + + + 4.0.5.RELEASE + 3.2.4.RELEASE + + + 4.3.5.Final + 5.1.30 + + + 1.7.6 + 1.1.1 + + + 5.1.1.Final + + + 17.0 + 3.3.2 + + + 1.3 + 4.11 + 1.9.5 + + 4.3.3 + 4.3.2 + + 2.3.1 + + + 3.1 + 2.4 + 2.17 + 2.6 + 1.4.8 + + + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java new file mode 100644 index 0000000000..2ce1812c92 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java @@ -0,0 +1,97 @@ +package org.baeldung.security; + +import java.io.IOException; +import java.util.Collection; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.web.DefaultRedirectStrategy; +import org.springframework.security.web.RedirectStrategy; +import org.springframework.security.web.WebAttributes; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.springframework.stereotype.Component; + +@Component(value="mySimpleUrlAuthenticationSuccessHandler") +public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler { + + private final Log logger = LogFactory.getLog(this.getClass()); + + private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); + + protected MySimpleUrlAuthenticationSuccessHandler() { + super(); + } + + // API + + @Override + public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException { + handle(request, response, authentication); + clearAuthenticationAttributes(request); + } + + // IMPL + + protected void handle(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException { + final String targetUrl = determineTargetUrl(authentication); + + if (response.isCommitted()) { + logger.debug("Response has already been committed. Unable to redirect to " + targetUrl); + return; + } + + redirectStrategy.sendRedirect(request, response, targetUrl); + } + + protected String determineTargetUrl(final Authentication authentication) { + boolean isUser = false; + boolean isAdmin = false; + final Collection authorities = authentication.getAuthorities(); + for (final GrantedAuthority grantedAuthority : authorities) { + if (grantedAuthority.getAuthority().equals("ROLE_USER")) { + isUser = true; + break; + } else if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) { + isAdmin = true; + break; + } + } + + if (isUser) { + return "/homepage.html"; + } else if (isAdmin) { + return "/console.html"; + } else { + throw new IllegalStateException(); + } + } + + /** + * Removes temporary authentication-related data which may have been stored in the session + * during the authentication process. + */ + protected final void clearAuthenticationAttributes(final HttpServletRequest request) { + final HttpSession session = request.getSession(false); + + if (session == null) { + return; + } + + session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION); + } + + public void setRedirectStrategy(final RedirectStrategy redirectStrategy) { + this.redirectStrategy = redirectStrategy; + } + + protected RedirectStrategy getRedirectStrategy() { + return redirectStrategy; + } + +} diff --git a/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/SecurityWebApplicationInitializer.java b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/SecurityWebApplicationInitializer.java new file mode 100644 index 0000000000..c4c4b0bb98 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/security/SecurityWebApplicationInitializer.java @@ -0,0 +1,11 @@ +package org.baeldung.security; + +import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer; + +/** + * Registers the springSecurityFilterChain Filter for every URL in the application. + * + */ +public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer{ + +} diff --git a/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/service/MyUserDetailsService.java b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/service/MyUserDetailsService.java new file mode 100644 index 0000000000..5e9abc2dea --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/service/MyUserDetailsService.java @@ -0,0 +1,62 @@ +package org.baeldung.service; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +/** + * User Details Service - hard coded to two users for the example. + */ +@Service +public class MyUserDetailsService implements UserDetailsService { + + private final Log logger = LogFactory.getLog(this.getClass()); + + private Map availableUsers = new HashMap(); + + public MyUserDetailsService() { + + availableUsers.put("user", + createUser("user", "password", Arrays.asList("ROLE_USER"))); + availableUsers.put("admin", + createUser("admin", "password", Arrays.asList("ROLE_ADMIN"))); + } + + @Override + public UserDetails loadUserByUsername(String username) + throws UsernameNotFoundException { + + logger.info("Load user by username " + username); + + UserDetails user = availableUsers.get(username); + if (user == null) { + throw new UsernameNotFoundException("Username not found"); + } else { + return availableUsers.get(username); + } + + } + + private User createUser(String username, String password, List roles) { + + logger.info("Create user " + username); + + List authorities = new ArrayList(); + for (String role : roles) { + authorities.add(new SimpleGrantedAuthority(role)); + } + return new User(username, password, true, true, true, true, authorities); + } +} diff --git a/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/DatabaseConfig.java b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/DatabaseConfig.java new file mode 100644 index 0000000000..4fbcca7886 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/DatabaseConfig.java @@ -0,0 +1,35 @@ +package org.baeldung.spring; + +import javax.sql.DataSource; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; +import org.springframework.core.env.Environment; +import org.springframework.jdbc.datasource.DriverManagerDataSource; +import org.springframework.transaction.annotation.EnableTransactionManagement; + +import com.google.common.base.Preconditions; + +/** + * Spring Database Configuration. + */ +@Configuration +@EnableTransactionManagement +@PropertySource({ "classpath:persistence-h2.properties" }) +public class DatabaseConfig { + + @Autowired + private Environment env; + + @Bean + public DataSource dataSource() { + final DriverManagerDataSource dataSource = new DriverManagerDataSource(); + dataSource.setDriverClassName(Preconditions.checkNotNull(env.getProperty("jdbc.driverClassName"))); + dataSource.setUrl(Preconditions.checkNotNull(env.getProperty("jdbc.url"))); + dataSource.setUsername(Preconditions.checkNotNull(env.getProperty("jdbc.user"))); + dataSource.setPassword(Preconditions.checkNotNull(env.getProperty("jdbc.pass"))); + return dataSource; + } +} diff --git a/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/MvcConfig.java b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/MvcConfig.java new file mode 100644 index 0000000000..d4e0c55004 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/MvcConfig.java @@ -0,0 +1,42 @@ +package org.baeldung.spring; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.ViewResolver; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; +import org.springframework.web.servlet.view.InternalResourceViewResolver; +import org.springframework.web.servlet.view.JstlView; + +/** + * Spring Web Configuration. + */ +@EnableWebMvc +@ComponentScan("org.baeldung") +@Configuration +public class MvcConfig extends WebMvcConfigurerAdapter { + + public MvcConfig() { + super(); + } + + @Override + public void addViewControllers(final ViewControllerRegistry registry) { + super.addViewControllers(registry); + registry.addViewController("/anonymous.html"); + registry.addViewController("/login.html"); + registry.addViewController("/homepage.html"); + registry.addViewController("/console.html"); + } + + @Bean + public ViewResolver viewResolver() { + final InternalResourceViewResolver bean = new InternalResourceViewResolver(); + bean.setViewClass(JstlView.class); + bean.setPrefix("/WEB-INF/view/"); + bean.setSuffix(".jsp"); + return bean; + } +} \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/SecurityConfig.java b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/SecurityConfig.java new file mode 100644 index 0000000000..ec1ad9831a --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/java/org/baeldung/spring/SecurityConfig.java @@ -0,0 +1,20 @@ +package org.baeldung.spring; + +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.ImportResource; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +/** + * Spring Security Configuration. + */ +@Configuration +@EnableWebSecurity +@ImportResource({ "classpath:webSecurityConfig.xml" }) +public class SecurityConfig extends WebSecurityConfigurerAdapter { + + public SecurityConfig() { + super(); + } + +} diff --git a/spring-security-mvc-persisted-remember-me/src/main/resources/logback.xml b/spring-security-mvc-persisted-remember-me/src/main/resources/logback.xml new file mode 100644 index 0000000000..1146dade63 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/resources/logback.xml @@ -0,0 +1,20 @@ + + + + + web - %date [%thread] %-5level %logger{36} - %message%n + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/resources/persistence-h2.properties b/spring-security-mvc-persisted-remember-me/src/main/resources/persistence-h2.properties new file mode 100644 index 0000000000..5d872b89d5 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/resources/persistence-h2.properties @@ -0,0 +1,11 @@ +# jdbc.X +jdbc.driverClassName=org.h2.Driver +jdbc.url=jdbc:h2:tcp://localhost/~/test + +jdbc.user=sa +jdbc.pass= + +# hibernate.X +hibernate.dialect=org.hibernate.dialect.H2Dialect +hibernate.show_sql=false +hibernate.hbm2ddl.auto=create-drop diff --git a/spring-security-mvc-persisted-remember-me/src/main/resources/persistence-postgres.properties b/spring-security-mvc-persisted-remember-me/src/main/resources/persistence-postgres.properties new file mode 100644 index 0000000000..798661e51e --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/resources/persistence-postgres.properties @@ -0,0 +1,11 @@ +# jdbc.X +jdbc.driverClassName=org.postgresql.Driver +jdbc.url=jdbc:postgresql://localhost:5432 + +jdbc.user=postgres +jdbc.pass= + +# hibernate.X +hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect +hibernate.show_sql=false +hibernate.hbm2ddl.auto=create-drop diff --git a/spring-security-mvc-persisted-remember-me/src/main/resources/webSecurityConfig.xml b/spring-security-mvc-persisted-remember-me/src/main/resources/webSecurityConfig.xml new file mode 100644 index 0000000000..04f84f2e77 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/resources/webSecurityConfig.xml @@ -0,0 +1,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/mvc-servlet.xml b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/mvc-servlet.xml new file mode 100644 index 0000000000..a675fc6d95 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/mvc-servlet.xml @@ -0,0 +1,6 @@ + + + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/anonymous.jsp b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/anonymous.jsp new file mode 100644 index 0000000000..d4e9c0289b --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/anonymous.jsp @@ -0,0 +1,10 @@ +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> + + + + +

Anonymous page

+ + ">To Login + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/console.jsp b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/console.jsp new file mode 100644 index 0000000000..d18b59a10c --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/console.jsp @@ -0,0 +1,22 @@ +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> +<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %> + + + + +

This is the landing page for the admin

+ + + This text is only visible to a user +
+ + + + This text is only visible to an admin +
+ + + ">Logout + + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/homepage.jsp b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/homepage.jsp new file mode 100644 index 0000000000..afd2c6da59 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/homepage.jsp @@ -0,0 +1,22 @@ +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> +<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%> + + + + +

This is the homepage for the user

+ + + This text is only visible to a user +
+ + + + This text is only visible to an admin +
+ + + ">Logout + + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/login.jsp b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/login.jsp new file mode 100644 index 0000000000..0eb857c62a --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/view/login.jsp @@ -0,0 +1,30 @@ + + + + +

Login

+ +
+ + + + + + + + + + + + + + + + + +
User:
Password:
Remember Me:
+ +
+ + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/web.xml b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 0000000000..aa52205420 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,55 @@ + + + + Spring MVC Custom Application + + + 1 + + + + + contextClass + + org.springframework.web.context.support.AnnotationConfigWebApplicationContext + + + + contextConfigLocation + org.baeldung.spring + + + + org.springframework.web.context.ContextLoaderListener + + + + + mvc + org.springframework.web.servlet.DispatcherServlet + 1 + + + mvc + / + + + + + + + + + \ No newline at end of file diff --git a/spring-security-mvc-persisted-remember-me/src/test/resources/.gitignore b/spring-security-mvc-persisted-remember-me/src/test/resources/.gitignore new file mode 100644 index 0000000000..83c05e60c8 --- /dev/null +++ b/spring-security-mvc-persisted-remember-me/src/test/resources/.gitignore @@ -0,0 +1,13 @@ +*.class + +#folders# +/target +/neoDb* +/data +/src/main/webapp/WEB-INF/classes +*/META-INF/* + +# Packaged files # +*.jar +*.war +*.ear \ No newline at end of file