From 75593037fcd0c14ff41ab4d04ae999da9794e9e5 Mon Sep 17 00:00:00 2001 From: Andrew Tobilko Date: Mon, 26 Sep 2016 17:24:09 +0300 Subject: [PATCH 1/4] filter hierarchy --- .../security/filter/CustomHttpFilter.java | 32 +++++++++++++++++++ .../security/filter/FilterConfiguration.java | 28 ++++++++++++++++ .../security/filter/GenericCustomFilter.java | 16 ++++++++++ .../filter/GenericCustomHttpFilter.java | 22 +++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java create mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java create mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java create mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java new file mode 100644 index 0000000000..00a17fbb39 --- /dev/null +++ b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java @@ -0,0 +1,32 @@ +package org.baeldung.security.filter; + +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; +import org.springframework.stereotype.Component; + +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +@Component +@Order(Ordered.LOWEST_PRECEDENCE) +public class CustomHttpFilter extends GenericCustomHttpFilter { + + @Override + public void init(FilterConfig config) throws ServletException { + System.out.println(config.getInitParameter("first-init-param") + + config.getInitParameter("second-init-param")); + } + + @Override + public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain + chain) throws IOException, ServletException { + System.out.println("CustomHttpFilter is in action [the request is going to the server]."); + chain.doFilter(request, response); + System.out.println("CustomHttpFilter is in action [the request has come from the server]."); + } + +} \ No newline at end of file diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java new file mode 100644 index 0000000000..12447a29af --- /dev/null +++ b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java @@ -0,0 +1,28 @@ +package org.baeldung.security.filter; + +import org.springframework.boot.context.embedded.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.util.HashMap; + +import static java.util.Collections.singletonList; + +@Configuration +public class FilterConfiguration { + + @Bean + public FilterRegistrationBean getCustomFilterRegistrationBean() { + FilterRegistrationBean registration = new FilterRegistrationBean(); + registration.setFilter(new CustomHttpFilter()); + + registration.setInitParameters(new HashMap() {{ + put("first-init-param", "Hello from "); + put("second-init-param", "Filter!"); + }}); + registration.setUrlPatterns(singletonList("/user/registration")); + + return registration; + } + +} \ No newline at end of file diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java new file mode 100644 index 0000000000..e808b1aa0c --- /dev/null +++ b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java @@ -0,0 +1,16 @@ +package org.baeldung.security.filter; + + +import javax.servlet.Filter; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; + +public abstract class GenericCustomFilter implements Filter { + + @Override + public void init(FilterConfig filterConfig) throws ServletException {} + + @Override + public void destroy() {} + +} \ No newline at end of file diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java new file mode 100644 index 0000000000..6fb024c377 --- /dev/null +++ b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java @@ -0,0 +1,22 @@ +package org.baeldung.security.filter; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +public abstract class GenericCustomHttpFilter extends GenericCustomFilter { + + @Override + public void doFilter(ServletRequest request, ServletResponse response, + FilterChain chain) throws IOException, ServletException { + doFilter((HttpServletRequest) request, (HttpServletResponse) response, chain); + } + + public abstract void doFilter(HttpServletRequest request, HttpServletResponse response, + FilterChain chain) throws IOException, ServletException; + +} From 31d72d7cfa41ee51b0d5995892eb4fcbdf9ab523 Mon Sep 17 00:00:00 2001 From: Andrew Tobilko Date: Mon, 26 Sep 2016 17:26:45 +0300 Subject: [PATCH 2/4] README --- spring-security-rest-basic-auth/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/spring-security-rest-basic-auth/README.md b/spring-security-rest-basic-auth/README.md index 3bd46bdd2a..f3afa116f0 100644 --- a/spring-security-rest-basic-auth/README.md +++ b/spring-security-rest-basic-auth/README.md @@ -8,4 +8,5 @@ The "Learn Spring Security" Classes: http://github.learnspringsecurity.com ### Relevant Articles: - [RestTemplate with Basic Authentication in Spring](http://www.baeldung.com/2012/04/16/how-to-use-resttemplate-with-basic-authentication-in-spring-3-1) - [HttpClient Timeout](http://www.baeldung.com/httpclient-timeout) +- [Writing a Custom Filter in Spring Security](http://www.baeldung.com/writing-custom-filter-spring-security) - [HttpClient with SSL](http://www.baeldung.com/httpclient-ssl) From 05ba4f173e364de476f6d3067586b31accee795b Mon Sep 17 00:00:00 2001 From: Andrew Tobilko Date: Tue, 25 Oct 2016 02:06:22 +0300 Subject: [PATCH 3/4] Spring Security filter --samples [xml and java configurations] --- .../baeldung/security/filter/CustomFilter.java | 18 ++++++++++++++++++ .../CustomWebSecurityConfigurerAdapter.java | 17 +++++++++++++++++ .../src/main/resources/webSecurityConfig.xml | 3 +++ 3 files changed, 38 insertions(+) create mode 100644 spring-security-basic-auth/src/main/java/org/baeldung/security/filter/CustomFilter.java create mode 100644 spring-security-basic-auth/src/main/java/org/baeldung/security/filter/configuration/CustomWebSecurityConfigurerAdapter.java diff --git a/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/CustomFilter.java b/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/CustomFilter.java new file mode 100644 index 0000000000..8d2b919cb0 --- /dev/null +++ b/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/CustomFilter.java @@ -0,0 +1,18 @@ +package org.baeldung.security.filter; + +import org.springframework.web.filter.GenericFilterBean; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import java.io.IOException; + +public class CustomFilter extends GenericFilterBean { + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { + chain.doFilter(request, response); + } + +} diff --git a/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/configuration/CustomWebSecurityConfigurerAdapter.java b/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/configuration/CustomWebSecurityConfigurerAdapter.java new file mode 100644 index 0000000000..468c99cb2a --- /dev/null +++ b/spring-security-basic-auth/src/main/java/org/baeldung/security/filter/configuration/CustomWebSecurityConfigurerAdapter.java @@ -0,0 +1,17 @@ +package org.baeldung.security.filter.configuration; + +import org.baeldung.security.filter.CustomFilter; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; + +@Configuration +public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.addFilterAfter(new CustomFilter(), BasicAuthenticationFilter.class); + } + +} diff --git a/spring-security-basic-auth/src/main/resources/webSecurityConfig.xml b/spring-security-basic-auth/src/main/resources/webSecurityConfig.xml index 48302e8e93..f840d3014e 100644 --- a/spring-security-basic-auth/src/main/resources/webSecurityConfig.xml +++ b/spring-security-basic-auth/src/main/resources/webSecurityConfig.xml @@ -12,6 +12,7 @@ + @@ -22,4 +23,6 @@ + + \ No newline at end of file From be290bf9b876e7512f3ca4cbd4bb8d6d8f78308a Mon Sep 17 00:00:00 2001 From: Andrew Tobilko Date: Tue, 25 Oct 2016 02:16:14 +0300 Subject: [PATCH 4/4] removed the previous version --- spring-security-rest-basic-auth/README.md | 1 - .../security/filter/CustomHttpFilter.java | 32 ------------------- .../security/filter/FilterConfiguration.java | 28 ---------------- .../security/filter/GenericCustomFilter.java | 16 ---------- .../filter/GenericCustomHttpFilter.java | 22 ------------- 5 files changed, 99 deletions(-) delete mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java delete mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java delete mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java delete mode 100644 spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java diff --git a/spring-security-rest-basic-auth/README.md b/spring-security-rest-basic-auth/README.md index f3afa116f0..3bd46bdd2a 100644 --- a/spring-security-rest-basic-auth/README.md +++ b/spring-security-rest-basic-auth/README.md @@ -8,5 +8,4 @@ The "Learn Spring Security" Classes: http://github.learnspringsecurity.com ### Relevant Articles: - [RestTemplate with Basic Authentication in Spring](http://www.baeldung.com/2012/04/16/how-to-use-resttemplate-with-basic-authentication-in-spring-3-1) - [HttpClient Timeout](http://www.baeldung.com/httpclient-timeout) -- [Writing a Custom Filter in Spring Security](http://www.baeldung.com/writing-custom-filter-spring-security) - [HttpClient with SSL](http://www.baeldung.com/httpclient-ssl) diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java deleted file mode 100644 index 00a17fbb39..0000000000 --- a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/CustomHttpFilter.java +++ /dev/null @@ -1,32 +0,0 @@ -package org.baeldung.security.filter; - -import org.springframework.core.Ordered; -import org.springframework.core.annotation.Order; -import org.springframework.stereotype.Component; - -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -@Component -@Order(Ordered.LOWEST_PRECEDENCE) -public class CustomHttpFilter extends GenericCustomHttpFilter { - - @Override - public void init(FilterConfig config) throws ServletException { - System.out.println(config.getInitParameter("first-init-param") + - config.getInitParameter("second-init-param")); - } - - @Override - public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain - chain) throws IOException, ServletException { - System.out.println("CustomHttpFilter is in action [the request is going to the server]."); - chain.doFilter(request, response); - System.out.println("CustomHttpFilter is in action [the request has come from the server]."); - } - -} \ No newline at end of file diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java deleted file mode 100644 index 12447a29af..0000000000 --- a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/FilterConfiguration.java +++ /dev/null @@ -1,28 +0,0 @@ -package org.baeldung.security.filter; - -import org.springframework.boot.context.embedded.FilterRegistrationBean; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -import java.util.HashMap; - -import static java.util.Collections.singletonList; - -@Configuration -public class FilterConfiguration { - - @Bean - public FilterRegistrationBean getCustomFilterRegistrationBean() { - FilterRegistrationBean registration = new FilterRegistrationBean(); - registration.setFilter(new CustomHttpFilter()); - - registration.setInitParameters(new HashMap() {{ - put("first-init-param", "Hello from "); - put("second-init-param", "Filter!"); - }}); - registration.setUrlPatterns(singletonList("/user/registration")); - - return registration; - } - -} \ No newline at end of file diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java deleted file mode 100644 index e808b1aa0c..0000000000 --- a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomFilter.java +++ /dev/null @@ -1,16 +0,0 @@ -package org.baeldung.security.filter; - - -import javax.servlet.Filter; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; - -public abstract class GenericCustomFilter implements Filter { - - @Override - public void init(FilterConfig filterConfig) throws ServletException {} - - @Override - public void destroy() {} - -} \ No newline at end of file diff --git a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java b/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java deleted file mode 100644 index 6fb024c377..0000000000 --- a/spring-security-rest-basic-auth/src/main/java/org/baeldung/security/filter/GenericCustomHttpFilter.java +++ /dev/null @@ -1,22 +0,0 @@ -package org.baeldung.security.filter; - -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -public abstract class GenericCustomHttpFilter extends GenericCustomFilter { - - @Override - public void doFilter(ServletRequest request, ServletResponse response, - FilterChain chain) throws IOException, ServletException { - doFilter((HttpServletRequest) request, (HttpServletResponse) response, chain); - } - - public abstract void doFilter(HttpServletRequest request, HttpServletResponse response, - FilterChain chain) throws IOException, ServletException; - -}