further rest template work

spring-security-rest-template/src/main/java/org/baeldung/client/spring/ClientConfig.java

@@ -1,4 +1,4 @@
-package org.baeldung.spring;
+package org.baeldung.client.spring;
 
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;

spring-security-rest-template/src/main/java/org/baeldung/security/AuthenticationFacade.java

@@ -1,21 +0,0 @@
-package org.baeldung.security;
-
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
-
-@Component
-public class AuthenticationFacade implements IAuthenticationFacade {
-
-    public AuthenticationFacade() {
-        super();
-    }
-
-    // API
-
-    @Override
-    public final Authentication getAuthentication() {
-        return SecurityContextHolder.getContext().getAuthentication();
-    }
-
-}

spring-security-rest-template/src/main/java/org/baeldung/security/CustomAuthenticationProvider.java

@@ -1,45 +0,0 @@
-package org.baeldung.security;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.stereotype.Component;
-
-@Component
-public class CustomAuthenticationProvider implements AuthenticationProvider {
-
-    public CustomAuthenticationProvider() {
-        super();
-    }
-
-    // API
-
-    @Override
-    public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
-        final String name = authentication.getName();
-        final String password = authentication.getCredentials().toString();
-        if (name.equals("admin") && password.equals("system")) {
-            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
-            grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
-            final UserDetails principal = new User(name, password, grantedAuths);
-            final Authentication auth = new UsernamePasswordAuthenticationToken(principal, password, grantedAuths);
-            return auth;
-        } else {
-            return null;
-        }
-    }
-
-    @Override
-    public boolean supports(final Class<?> authentication) {
-        return authentication.equals(UsernamePasswordAuthenticationToken.class);
-    }
-
-}

spring-security-rest-template/src/main/java/org/baeldung/security/IAuthenticationFacade.java

@@ -1,9 +0,0 @@
-package org.baeldung.security;
-
-import org.springframework.security.core.Authentication;
-
-public interface IAuthenticationFacade {
-
-    Authentication getAuthentication();
-
-}

spring-security-rest-template/src/main/java/org/baeldung/web/controller/FooController.java

@@ -3,6 +3,7 @@ package org.baeldung.web.controller;
 import org.baeldung.web.dto.Foo;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -10,7 +11,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
 
 @Controller
-@RequestMapping(value = "/foo")
+@RequestMapping(value = "/foos")
 public class FooController {
 
     @Autowired
@@ -24,6 +25,7 @@ public class FooController {
 
     @RequestMapping(value = "/{id}", method = RequestMethod.GET)
     @ResponseBody
+    @PreAuthorize("hasRole('ROLE_USER')")
     public Foo findOne(@PathVariable("id") final Long id) {
         return new Foo();
     }

spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController1.java

@@ -1,39 +0,0 @@
-package org.baeldung.web.controller;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationEventPublisher;
-import org.springframework.security.authentication.AnonymousAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-
-@Controller
-public class SecurityController1 {
-
-    @Autowired
-    private ApplicationEventPublisher eventPublisher;
-
-    public SecurityController1() {
-        super();
-    }
-
-    // API
-
-    @RequestMapping(value = "/username1", method = RequestMethod.GET)
-    @ResponseBody
-    public String currentUserName() {
-        final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        if (!(authentication instanceof AnonymousAuthenticationToken)) {
-            final String currentPrincipalName = authentication.getName();
-            System.out.println("Authentication: " + authentication);
-            System.out.println("Principal: " + authentication.getPrincipal());
-            return currentPrincipalName;
-        }
-
-        return null;
-    }
-
-}

spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController2.java

@@ -1,25 +0,0 @@
-package org.baeldung.web.controller;
-
-import java.security.Principal;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-
-@Controller
-public class SecurityController2 {
-
-    public SecurityController2() {
-        super();
-    }
-
-    // API
-
-    @RequestMapping(value = "/username2", method = RequestMethod.GET)
-    @ResponseBody
-    public String currentUserNameSimple(final Principal principal) {
-        return principal.getName();
-    }
-
-}

spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController3.java

@@ -1,27 +0,0 @@
-package org.baeldung.web.controller;
-
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-
-@Controller
-public class SecurityController3 {
-
-    public SecurityController3() {
-        super();
-    }
-
-    // API
-
-    @RequestMapping(value = "/username3", method = RequestMethod.GET)
-    @ResponseBody
-    public String currentUserNameSimple(final Authentication authentication) {
-        UserDetails userDetails = (UserDetails) authentication.getPrincipal();
-        System.out.println("Retrieved user with authorities: " + userDetails.getAuthorities());
-        return authentication.getName();
-    }
-
-}

spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController4.java

@@ -1,28 +0,0 @@
-package org.baeldung.web.controller;
-
-import java.security.Principal;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-
-@Controller
-public class SecurityController4 {
-
-    public SecurityController4() {
-        super();
-    }
-
-    // API
-
-    @RequestMapping(value = "/username4", method = RequestMethod.GET)
-    @ResponseBody
-    public String currentUserNameSimple(final HttpServletRequest request) {
-        final Principal principal = request.getUserPrincipal();
-        return principal.getName();
-    }
-
-}

spring-security-rest-template/src/main/java/org/baeldung/web/controller/SecurityController5.java

@@ -1,30 +0,0 @@
-package org.baeldung.web.controller;
-
-import org.baeldung.security.IAuthenticationFacade;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-
-@Controller
-public class SecurityController5 {
-
-    @Autowired
-    private IAuthenticationFacade authenticationFacade;
-
-    public SecurityController5() {
-        super();
-    }
-
-    // API
-
-    @RequestMapping(value = "/username5", method = RequestMethod.GET)
-    @ResponseBody
-    public String currentUserNameSimple() {
-        final Authentication authentication = authenticationFacade.getAuthentication();
-        return authentication.getName();
-    }
-
-}

spring-security-rest-template/src/main/resources/webSecurityConfig.xml

@@ -14,7 +14,11 @@
     </http>
 
     <authentication-manager>
-        <authentication-provider ref="customAuthenticationProvider" />
+        <authentication-provider>
+            <user-service>
+                <user name="user" password="userPass" authorities="ROLE_USER" />
+            </user-service>
+        </authentication-provider>
     </authentication-manager>
 
 </beans:beans>

spring-security-rest-template/src/test/java/org/baeldung/client/ClientLiveTest.java

@@ -1,9 +1,16 @@
 package org.baeldung.client;
 
-import org.baeldung.spring.ClientConfig;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.baeldung.client.spring.ClientConfig;
+import org.baeldung.web.dto.Foo;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.support.AnnotationConfigContextLoader;
@@ -20,7 +27,12 @@ public class ClientLiveTest {
 
     @Test
     public final void whenSecuredRestApiIsConsumed_then200OK() {
-        System.out.println();
+        final HttpComponentsClientHttpRequestFactory requestFactory = (HttpComponentsClientHttpRequestFactory) restTemplate.getRequestFactory();
+        final DefaultHttpClient httpClient = (DefaultHttpClient) requestFactory.getHttpClient();
+        httpClient.getCredentialsProvider().setCredentials(new AuthScope("localhost", 8080, AuthScope.ANY_REALM), new UsernamePasswordCredentials("user", "userPass"));
+
+        final ResponseEntity<Foo> responseEntity = restTemplate.exchange("http://localhost:8080/spring-security-rest-template/api/foos/1", HttpMethod.GET, null, Foo.class);
+        System.out.println(responseEntity.getStatusCode());
     }
 
 }