From 91a244e8e9406c993aad2c192e4dfa220b2f19d3 Mon Sep 17 00:00:00 2001 From: eugenp Date: Thu, 25 Jul 2013 01:03:26 +0300 Subject: [PATCH] further rest template work --- .../{ => client}/spring/ClientConfig.java | 2 +- .../security/AuthenticationFacade.java | 21 --------- .../CustomAuthenticationProvider.java | 45 ------------------- .../security/IAuthenticationFacade.java | 9 ---- .../web/controller/FooController.java | 4 +- .../web/controller/SecurityController1.java | 39 ---------------- .../web/controller/SecurityController2.java | 25 ----------- .../web/controller/SecurityController3.java | 27 ----------- .../web/controller/SecurityController4.java | 28 ------------ .../web/controller/SecurityController5.java | 30 ------------- .../src/main/resources/webSecurityConfig.xml | 8 +++- .../org/baeldung/client/ClientLiveTest.java | 16 ++++++- 12 files changed, 24 insertions(+), 230 deletions(-) rename spring-security-rest-template/src/main/java/org/baeldung/{ => client}/spring/ClientConfig.java (88%) delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/security/AuthenticationFacade.java delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/security/CustomAuthenticationProvider.java delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/security/IAuthenticationFacade.java delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController1.java delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController2.java delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController3.java delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController4.java delete mode 100644 spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController5.java diff --git a/spring-security-rest-template/src/main/java/org/baeldung/spring/ClientConfig.java b/spring-security-rest-template/src/main/java/org/baeldung/client/spring/ClientConfig.java similarity index 88% rename from spring-security-rest-template/src/main/java/org/baeldung/spring/ClientConfig.java rename to spring-security-rest-template/src/main/java/org/baeldung/client/spring/ClientConfig.java index a0c90b51ae..73e602855c 100644 --- a/spring-security-rest-template/src/main/java/org/baeldung/spring/ClientConfig.java +++ b/spring-security-rest-template/src/main/java/org/baeldung/client/spring/ClientConfig.java @@ -1,4 +1,4 @@ -package org.baeldung.spring; +package org.baeldung.client.spring; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; diff --git a/spring-security-rest-template/src/main/java/org/baeldung/security/AuthenticationFacade.java b/spring-security-rest-template/src/main/java/org/baeldung/security/AuthenticationFacade.java deleted file mode 100644 index 5a3c77b070..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/security/AuthenticationFacade.java +++ /dev/null @@ -1,21 +0,0 @@ -package org.baeldung.security; - -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.stereotype.Component; - -@Component -public class AuthenticationFacade implements IAuthenticationFacade { - - public AuthenticationFacade() { - super(); - } - - // API - - @Override - public final Authentication getAuthentication() { - return SecurityContextHolder.getContext().getAuthentication(); - } - -} diff --git a/spring-security-rest-template/src/main/java/org/baeldung/security/CustomAuthenticationProvider.java b/spring-security-rest-template/src/main/java/org/baeldung/security/CustomAuthenticationProvider.java deleted file mode 100644 index 4b9b3e8ee9..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/security/CustomAuthenticationProvider.java +++ /dev/null @@ -1,45 +0,0 @@ -package org.baeldung.security; - -import java.util.ArrayList; -import java.util.List; - -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.stereotype.Component; - -@Component -public class CustomAuthenticationProvider implements AuthenticationProvider { - - public CustomAuthenticationProvider() { - super(); - } - - // API - - @Override - public Authentication authenticate(final Authentication authentication) throws AuthenticationException { - final String name = authentication.getName(); - final String password = authentication.getCredentials().toString(); - if (name.equals("admin") && password.equals("system")) { - final List grantedAuths = new ArrayList<>(); - grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER")); - final UserDetails principal = new User(name, password, grantedAuths); - final Authentication auth = new UsernamePasswordAuthenticationToken(principal, password, grantedAuths); - return auth; - } else { - return null; - } - } - - @Override - public boolean supports(final Class authentication) { - return authentication.equals(UsernamePasswordAuthenticationToken.class); - } - -} diff --git a/spring-security-rest-template/src/main/java/org/baeldung/security/IAuthenticationFacade.java b/spring-security-rest-template/src/main/java/org/baeldung/security/IAuthenticationFacade.java deleted file mode 100644 index d1223e41cf..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/security/IAuthenticationFacade.java +++ /dev/null @@ -1,9 +0,0 @@ -package org.baeldung.security; - -import org.springframework.security.core.Authentication; - -public interface IAuthenticationFacade { - - Authentication getAuthentication(); - -} \ No newline at end of file diff --git a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/FooController.java b/spring-security-rest-template/src/main/java/org/baeldung/web/controller/FooController.java index ff5a00fd95..b50edb2dcf 100644 --- a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/FooController.java +++ b/spring-security-rest-template/src/main/java/org/baeldung/web/controller/FooController.java @@ -3,6 +3,7 @@ package org.baeldung.web.controller; import org.baeldung.web.dto.Foo; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationEventPublisher; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; @@ -10,7 +11,7 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; @Controller -@RequestMapping(value = "/foo") +@RequestMapping(value = "/foos") public class FooController { @Autowired @@ -24,6 +25,7 @@ public class FooController { @RequestMapping(value = "/{id}", method = RequestMethod.GET) @ResponseBody + @PreAuthorize("hasRole('ROLE_USER')") public Foo findOne(@PathVariable("id") final Long id) { return new Foo(); } diff --git a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController1.java b/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController1.java deleted file mode 100644 index d06f15af93..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController1.java +++ /dev/null @@ -1,39 +0,0 @@ -package org.baeldung.web.controller; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationEventPublisher; -import org.springframework.security.authentication.AnonymousAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -@Controller -public class SecurityController1 { - - @Autowired - private ApplicationEventPublisher eventPublisher; - - public SecurityController1() { - super(); - } - - // API - - @RequestMapping(value = "/username1", method = RequestMethod.GET) - @ResponseBody - public String currentUserName() { - final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - if (!(authentication instanceof AnonymousAuthenticationToken)) { - final String currentPrincipalName = authentication.getName(); - System.out.println("Authentication: " + authentication); - System.out.println("Principal: " + authentication.getPrincipal()); - return currentPrincipalName; - } - - return null; - } - -} diff --git a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController2.java b/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController2.java deleted file mode 100644 index ac02738d0c..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController2.java +++ /dev/null @@ -1,25 +0,0 @@ -package org.baeldung.web.controller; - -import java.security.Principal; - -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -@Controller -public class SecurityController2 { - - public SecurityController2() { - super(); - } - - // API - - @RequestMapping(value = "/username2", method = RequestMethod.GET) - @ResponseBody - public String currentUserNameSimple(final Principal principal) { - return principal.getName(); - } - -} diff --git a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController3.java b/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController3.java deleted file mode 100644 index fb207b43dd..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController3.java +++ /dev/null @@ -1,27 +0,0 @@ -package org.baeldung.web.controller; - -import org.springframework.security.core.Authentication; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -@Controller -public class SecurityController3 { - - public SecurityController3() { - super(); - } - - // API - - @RequestMapping(value = "/username3", method = RequestMethod.GET) - @ResponseBody - public String currentUserNameSimple(final Authentication authentication) { - UserDetails userDetails = (UserDetails) authentication.getPrincipal(); - System.out.println("Retrieved user with authorities: " + userDetails.getAuthorities()); - return authentication.getName(); - } - -} diff --git a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController4.java b/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController4.java deleted file mode 100644 index 0434cc5fdc..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController4.java +++ /dev/null @@ -1,28 +0,0 @@ -package org.baeldung.web.controller; - -import java.security.Principal; - -import javax.servlet.http.HttpServletRequest; - -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -@Controller -public class SecurityController4 { - - public SecurityController4() { - super(); - } - - // API - - @RequestMapping(value = "/username4", method = RequestMethod.GET) - @ResponseBody - public String currentUserNameSimple(final HttpServletRequest request) { - final Principal principal = request.getUserPrincipal(); - return principal.getName(); - } - -} diff --git a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController5.java b/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController5.java deleted file mode 100644 index e1a0c35cc6..0000000000 --- a/spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController5.java +++ /dev/null @@ -1,30 +0,0 @@ -package org.baeldung.web.controller; - -import org.baeldung.security.IAuthenticationFacade; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.core.Authentication; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -@Controller -public class SecurityController5 { - - @Autowired - private IAuthenticationFacade authenticationFacade; - - public SecurityController5() { - super(); - } - - // API - - @RequestMapping(value = "/username5", method = RequestMethod.GET) - @ResponseBody - public String currentUserNameSimple() { - final Authentication authentication = authenticationFacade.getAuthentication(); - return authentication.getName(); - } - -} diff --git a/spring-security-rest-template/src/main/resources/webSecurityConfig.xml b/spring-security-rest-template/src/main/resources/webSecurityConfig.xml index 3766574f34..14b432aaef 100644 --- a/spring-security-rest-template/src/main/resources/webSecurityConfig.xml +++ b/spring-security-rest-template/src/main/resources/webSecurityConfig.xml @@ -8,13 +8,17 @@ - + - + + + + + \ No newline at end of file diff --git a/spring-security-rest-template/src/test/java/org/baeldung/client/ClientLiveTest.java b/spring-security-rest-template/src/test/java/org/baeldung/client/ClientLiveTest.java index be215bf959..c880ddc854 100644 --- a/spring-security-rest-template/src/test/java/org/baeldung/client/ClientLiveTest.java +++ b/spring-security-rest-template/src/test/java/org/baeldung/client/ClientLiveTest.java @@ -1,9 +1,16 @@ package org.baeldung.client; -import org.baeldung.spring.ClientConfig; +import org.apache.http.auth.AuthScope; +import org.apache.http.auth.UsernamePasswordCredentials; +import org.apache.http.impl.client.DefaultHttpClient; +import org.baeldung.client.spring.ClientConfig; +import org.baeldung.web.dto.Foo; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpMethod; +import org.springframework.http.ResponseEntity; +import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.support.AnnotationConfigContextLoader; @@ -20,7 +27,12 @@ public class ClientLiveTest { @Test public final void whenSecuredRestApiIsConsumed_then200OK() { - System.out.println(); + final HttpComponentsClientHttpRequestFactory requestFactory = (HttpComponentsClientHttpRequestFactory) restTemplate.getRequestFactory(); + final DefaultHttpClient httpClient = (DefaultHttpClient) requestFactory.getHttpClient(); + httpClient.getCredentialsProvider().setCredentials(new AuthScope("localhost", 8080, AuthScope.ANY_REALM), new UsernamePasswordCredentials("user", "userPass")); + + final ResponseEntity responseEntity = restTemplate.exchange("http://localhost:8080/spring-security-rest-template/api/foos/1", HttpMethod.GET, null, Foo.class); + System.out.println(responseEntity.getStatusCode()); } }