finish moving example code to spring-5-security module

This commit is contained in:
Chris Oberle 2018-01-16 18:26:43 -05:00
parent a5f6f5e035
commit 99887d2f1b
16 changed files with 374 additions and 736 deletions

View File

@ -1,110 +1,114 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>com.baeldung</groupId> <groupId>com.baeldung</groupId>
<artifactId>spring-5-security</artifactId> <artifactId>spring-5-security</artifactId>
<version>0.0.1-SNAPSHOT</version> <version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging> <packaging>jar</packaging>
<name>spring-5-security</name> <name>spring-5-security</name>
<description>spring 5 security sample project</description> <description>spring 5 security sample project</description>
<parent> <parent>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId> <artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.0.M7</version> <version>2.0.0.M7</version>
<relativePath /> <!-- lookup parent from repository --> <relativePath /> <!-- lookup parent from repository -->
</parent> </parent>
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId> <artifactId>spring-boot-starter-security</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId> <artifactId>spring-boot-starter-web</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId> <artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.thymeleaf.extras</groupId> <groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId> <artifactId>thymeleaf-extras-springsecurity4</artifactId>
</dependency> </dependency>
<!-- oauth2 --> <!-- oauth2 -->
<dependency> <dependency>
<groupId>org.springframework.security</groupId> <groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId> <artifactId>spring-security-oauth2-client</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.security</groupId> <groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId> <artifactId>spring-security-oauth2-jose</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework</groupId>
<artifactId>spring-boot-starter-test</artifactId> <artifactId>spring-test</artifactId>
<scope>test</scope> </dependency>
</dependency> <dependency>
<dependency> <groupId>org.springframework.boot</groupId>
<groupId>org.springframework.security</groupId> <artifactId>spring-boot-starter-test</artifactId>
<artifactId>spring-security-test</artifactId> <scope>test</scope>
<scope>test</scope> </dependency>
</dependency> <dependency>
</dependencies> <groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<build> <scope>test</scope>
<plugins> </dependency>
<plugin> </dependencies>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId> <build>
</plugin> <plugins>
<plugin>
<plugin> <groupId>org.springframework.boot</groupId>
<groupId>org.apache.maven.plugins</groupId> <artifactId>spring-boot-maven-plugin</artifactId>
<artifactId>maven-surefire-plugin</artifactId> </plugin>
<configuration>
<forkCount>3</forkCount> <plugin>
<reuseForks>true</reuseForks> <groupId>org.apache.maven.plugins</groupId>
<parallel>methods</parallel> <artifactId>maven-surefire-plugin</artifactId>
<useUnlimitedThreads>true</useUnlimitedThreads> <configuration>
<excludes> <forkCount>3</forkCount>
<exclude>**/*IntegrationTest.java</exclude> <reuseForks>true</reuseForks>
<exclude>**/*LiveTest.java</exclude> <parallel>methods</parallel>
</excludes> <useUnlimitedThreads>true</useUnlimitedThreads>
</configuration> <excludes>
</plugin> <exclude>**/*IntegrationTest.java</exclude>
</plugins> <exclude>**/*LiveTest.java</exclude>
</build> </excludes>
</configuration>
<repositories> </plugin>
<repository> </plugins>
<id>spring-milestones</id> </build>
<name>Spring Milestones</name>
<url>https://repo.spring.io/milestone</url> <repositories>
<snapshots> <repository>
<enabled>false</enabled> <id>spring-milestones</id>
</snapshots> <name>Spring Milestones</name>
</repository> <url>https://repo.spring.io/milestone</url>
</repositories> <snapshots>
<pluginRepositories> <enabled>false</enabled>
<pluginRepository> </snapshots>
<id>spring-milestones</id> </repository>
<name>Spring Milestones</name> </repositories>
<url>https://repo.spring.io/milestone</url> <pluginRepositories>
<snapshots> <pluginRepository>
<enabled>false</enabled> <id>spring-milestones</id>
</snapshots> <name>Spring Milestones</name>
</pluginRepository> <url>https://repo.spring.io/milestone</url>
</pluginRepositories> <snapshots>
<enabled>false</enabled>
<properties> </snapshots>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </pluginRepository>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> </pluginRepositories>
<java.version>1.8</java.version>
</properties> <properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
</properties>
</project> </project>

View File

@ -15,7 +15,7 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationFa
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@EnableWebSecurity @EnableWebSecurity
@PropertySource("application-extrafields.properties") @PropertySource("classpath:/application-extrafields.properties")
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired @Autowired

View File

@ -11,47 +11,44 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collection; import java.util.Collection;
import org.junit.jupiter.api.BeforeEach; import org.junit.Before;
import org.junit.jupiter.api.DisplayName; import org.junit.Test;
import org.junit.jupiter.api.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.mock.web.MockHttpSession; import org.springframework.mock.web.MockHttpSession;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository; import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit.jupiter.web.SpringJUnitWebConfig; import org.springframework.test.context.junit.jupiter.web.SpringJUnitWebConfig;
import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult; import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder; import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.WebApplicationContext;
import com.baeldung.SpringSecurity5ExtraLoginFieldsApplication;
@WebAppConfiguration
@SpringJUnitWebConfig
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@ContextConfiguration(classes = SpringSecurity5ExtraLoginFieldsApplication.class) @SpringJUnitWebConfig
@SpringBootTest(classes = SpringExtraLoginFieldsApplication.class)
public class SecurityExtraFieldsTest { public class SecurityExtraFieldsTest {
@Autowired @Autowired
private FilterChainProxy springSecurityFilterChain; private FilterChainProxy springSecurityFilterChain;
@Autowired
private WebApplicationContext wac;
private MockMvc mockMvc; private MockMvc mockMvc;
@BeforeEach @Before
public void setup(WebApplicationContext wac) { public void setup() {
this.mockMvc = MockMvcBuilders.webAppContextSetup(wac) this.mockMvc = MockMvcBuilders.webAppContextSetup(wac)
.apply(springSecurity(springSecurityFilterChain)).build(); .apply(springSecurity(springSecurityFilterChain)).build();
} }
@DisplayName("Access of root path redirects to index")
@Test @Test
public void givenRootPathAccess_thenRedirectToIndex() throws Exception { public void givenRootPathAccess_thenRedirectToIndex() throws Exception {
this.mockMvc.perform(get("/")) this.mockMvc.perform(get("/"))
@ -59,7 +56,6 @@ public class SecurityExtraFieldsTest {
.andExpect(redirectedUrlPattern("/index*")); .andExpect(redirectedUrlPattern("/index*"));
} }
@DisplayName("Unauthenticated access of secured resource redirects to login page")
@Test @Test
public void givenSecuredResource_whenAccessUnauthenticated_thenRequiresAuthentication() throws Exception { public void givenSecuredResource_whenAccessUnauthenticated_thenRequiresAuthentication() throws Exception {
this.mockMvc.perform(get("/user/index")) this.mockMvc.perform(get("/user/index"))
@ -67,7 +63,6 @@ public class SecurityExtraFieldsTest {
.andExpect(redirectedUrlPattern("**/login")); .andExpect(redirectedUrlPattern("**/login"));
} }
@DisplayName("Succesfull auth on login page redirects and extra field exists")
@Test @Test
public void givenAccessSecuredResource_whenAuthenticated_thenAuthHasExtraFields() throws Exception { public void givenAccessSecuredResource_whenAuthenticated_thenAuthHasExtraFields() throws Exception {
MockHttpServletRequestBuilder securedResourceAccess = get("/user/index"); MockHttpServletRequestBuilder securedResourceAccess = get("/user/index");

View File

@ -1,262 +1,250 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>com.baeldung</groupId> <groupId>com.baeldung</groupId>
<artifactId>spring-5</artifactId> <artifactId>spring-5</artifactId>
<version>0.0.1-SNAPSHOT</version> <version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging> <packaging>jar</packaging>
<name>spring-5</name> <name>spring-5</name>
<description>spring 5 sample project about new features</description> <description>spring 5 sample project about new features</description>
<parent> <parent>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId> <artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.0.M7</version> <version>2.0.0.M7</version>
<relativePath /> <!-- lookup parent from repository --> <relativePath /> <!-- lookup parent from repository -->
</parent> </parent>
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId> <artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId> <artifactId>spring-boot-starter-security</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId> <artifactId>spring-boot-starter-validation</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId> <artifactId>spring-boot-starter-web</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId> <artifactId>spring-boot-starter-webflux</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId> <artifactId>spring-boot-starter-hateoas</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.thymeleaf.extras</groupId> <groupId>org.projectreactor</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId> <artifactId>reactor-spring</artifactId>
</dependency> <version>${reactor-spring.version}</version>
<dependency> </dependency>
<groupId>org.springframework.boot</groupId> <dependency>
<artifactId>spring-boot-starter-webflux</artifactId> <groupId>javax.json.bind</groupId>
</dependency> <artifactId>javax.json.bind-api</artifactId>
<dependency> <version>${jsonb-api.version}</version>
<groupId>org.springframework.boot</groupId> </dependency>
<artifactId>spring-boot-starter-hateoas</artifactId> <!-- Dependencies for Yasson -->
</dependency> <!-- <dependency> -->
<dependency> <!-- <groupId>org.eclipse</groupId> -->
<groupId>org.projectreactor</groupId> <!-- <artifactId>yasson</artifactId> -->
<artifactId>reactor-spring</artifactId> <!-- <version>1.0</version> -->
<version>${reactor-spring.version}</version> <!-- </dependency> -->
</dependency> <!-- <dependency> -->
<dependency> <!-- <groupId>org.glassfish</groupId> -->
<groupId>javax.json.bind</groupId> <!-- <artifactId>javax.json</artifactId> -->
<artifactId>javax.json.bind-api</artifactId> <!-- <version>1.1.2</version> -->
<version>${jsonb-api.version}</version> <!-- </dependency> -->
</dependency> <!-- Dependencies for Johnzon -->
<!-- Dependencies for Yasson --> <dependency>
<!-- <dependency> --> <groupId>org.apache.geronimo.specs</groupId>
<!-- <groupId>org.eclipse</groupId> --> <artifactId>geronimo-json_1.1_spec</artifactId>
<!-- <artifactId>yasson</artifactId> --> <version>${geronimo-json_1.1_spec.version}</version>
<!-- <version>1.0</version> --> </dependency>
<!-- </dependency> --> <dependency>
<!-- <dependency> --> <groupId>org.apache.johnzon</groupId>
<!-- <groupId>org.glassfish</groupId> --> <artifactId>johnzon-jsonb</artifactId>
<!-- <artifactId>javax.json</artifactId> --> <version>${johnzon.version}</version>
<!-- <version>1.1.2</version> --> </dependency>
<!-- </dependency> --> <!-- utils -->
<!-- Dependencies for Johnzon --> <dependency>
<dependency> <groupId>org.apache.commons</groupId>
<groupId>org.apache.geronimo.specs</groupId> <artifactId>commons-lang3</artifactId>
<artifactId>geronimo-json_1.1_spec</artifactId> </dependency>
<version>${geronimo-json_1.1_spec.version}</version>
</dependency> <!-- runtime and test scoped -->
<dependency>
<groupId>org.apache.johnzon</groupId> <dependency>
<artifactId>johnzon-jsonb</artifactId> <groupId>org.springframework.boot</groupId>
<version>${johnzon.version}</version> <artifactId>spring-boot-devtools</artifactId>
</dependency> <scope>runtime</scope>
<!-- utils --> </dependency>
<dependency> <dependency>
<groupId>org.apache.commons</groupId> <groupId>com.h2database</groupId>
<artifactId>commons-lang3</artifactId> <artifactId>h2</artifactId>
</dependency> <scope>runtime</scope>
</dependency>
<!-- runtime and test scoped -->
<dependency>
<dependency> <groupId>org.springframework</groupId>
<groupId>org.springframework.boot</groupId> <artifactId>spring-test</artifactId>
<artifactId>spring-boot-devtools</artifactId> </dependency>
<scope>runtime</scope> <dependency>
</dependency> <groupId>org.springframework.boot</groupId>
<dependency> <artifactId>spring-boot-starter-test</artifactId>
<groupId>com.h2database</groupId> <scope>test</scope>
<artifactId>h2</artifactId> </dependency>
<scope>runtime</scope> <dependency>
</dependency> <groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<dependency> <scope>test</scope>
<groupId>org.springframework</groupId> </dependency>
<artifactId>spring-test</artifactId>
</dependency> <dependency>
<dependency> <groupId>org.apache.commons</groupId>
<groupId>org.springframework.boot</groupId> <artifactId>commons-collections4</artifactId>
<artifactId>spring-boot-starter-test</artifactId> <version>4.1</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.security</groupId> <dependency>
<artifactId>spring-security-test</artifactId> <groupId>org.junit.jupiter</groupId>
<scope>test</scope> <artifactId>junit-jupiter-api</artifactId>
</dependency> <version>${junit.jupiter.version}</version>
</dependency>
<dependency> <dependency>
<groupId>org.apache.commons</groupId> <groupId>org.junit.jupiter</groupId>
<artifactId>commons-collections4</artifactId> <artifactId>junit-jupiter-engine</artifactId>
<version>4.1</version> <version>${junit.jupiter.version}</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<dependency> <groupId>org.junit.platform</groupId>
<groupId>org.junit.jupiter</groupId> <artifactId>junit-platform-surefire-provider</artifactId>
<artifactId>junit-jupiter-api</artifactId> <version>${junit.platform.version}</version>
<version>${junit.jupiter.version}</version> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.platform</groupId>
<artifactId>junit-jupiter-engine</artifactId> <artifactId>junit-platform-runner</artifactId>
<version>${junit.jupiter.version}</version> <version>${junit.platform.version}</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <!-- restdocs -->
<groupId>org.junit.platform</groupId> <dependency>
<artifactId>junit-platform-surefire-provider</artifactId> <groupId>org.springframework.restdocs</groupId>
<version>${junit.platform.version}</version> <artifactId>spring-restdocs-mockmvc</artifactId>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.platform</groupId> <groupId>org.springframework.restdocs</groupId>
<artifactId>junit-platform-runner</artifactId> <artifactId>spring-restdocs-webtestclient</artifactId>
<version>${junit.platform.version}</version> <scope>test</scope>
<scope>test</scope> </dependency>
</dependency> <dependency>
<!-- restdocs --> <groupId>org.springframework.restdocs</groupId>
<dependency> <artifactId>spring-restdocs-restassured</artifactId>
<groupId>org.springframework.restdocs</groupId> <scope>test</scope>
<artifactId>spring-restdocs-mockmvc</artifactId> </dependency>
<scope>test</scope>
</dependency>
<dependency> </dependencies>
<groupId>org.springframework.restdocs</groupId>
<artifactId>spring-restdocs-webtestclient</artifactId> <build>
<scope>test</scope> <plugins>
</dependency> <plugin>
<dependency> <groupId>org.springframework.boot</groupId>
<groupId>org.springframework.restdocs</groupId> <artifactId>spring-boot-maven-plugin</artifactId>
<artifactId>spring-restdocs-restassured</artifactId> <configuration>
<scope>test</scope> <mainClass>com.baeldung.Spring5Application</mainClass>
</dependency> <layout>JAR</layout>
</configuration>
</plugin>
</dependencies>
<plugin>
<build> <groupId>org.apache.maven.plugins</groupId>
<plugins> <artifactId>maven-surefire-plugin</artifactId>
<plugin> <configuration>
<groupId>org.springframework.boot</groupId> <forkCount>3</forkCount>
<artifactId>spring-boot-maven-plugin</artifactId> <reuseForks>true</reuseForks>
<configuration> <parallel>methods</parallel>
<mainClass>com.baeldung.Spring5Application</mainClass> <useUnlimitedThreads>true</useUnlimitedThreads>
<layout>JAR</layout> <excludes>
</configuration> <exclude>**/*IntegrationTest.java</exclude>
</plugin> <exclude>**/*LiveTest.java</exclude>
</excludes>
<plugin> </configuration>
<groupId>org.apache.maven.plugins</groupId> </plugin>
<artifactId>maven-surefire-plugin</artifactId> <plugin>
<configuration> <groupId>org.asciidoctor</groupId>
<forkCount>3</forkCount> <artifactId>asciidoctor-maven-plugin</artifactId>
<reuseForks>true</reuseForks> <version>${asciidoctor-plugin.version}</version>
<parallel>methods</parallel> <executions>
<useUnlimitedThreads>true</useUnlimitedThreads> <execution>
<excludes> <id>generate-docs</id>
<exclude>**/*IntegrationTest.java</exclude> <phase>package</phase>
<exclude>**/*LiveTest.java</exclude> <goals>
</excludes> <goal>process-asciidoc</goal>
</configuration> </goals>
</plugin> <configuration>
<plugin> <backend>html</backend>
<groupId>org.asciidoctor</groupId> <doctype>book</doctype>
<artifactId>asciidoctor-maven-plugin</artifactId> <attributes>
<version>${asciidoctor-plugin.version}</version> <snippets>${snippetsDirectory}</snippets>
<executions> </attributes>
<execution> <sourceDirectory>src/docs/asciidocs</sourceDirectory>
<id>generate-docs</id> <outputDirectory>target/generated-docs</outputDirectory>
<phase>package</phase> </configuration>
<goals> </execution>
<goal>process-asciidoc</goal> </executions>
</goals> </plugin>
<configuration> </plugins>
<backend>html</backend> </build>
<doctype>book</doctype>
<attributes> <repositories>
<snippets>${snippetsDirectory}</snippets> <repository>
</attributes> <id>spring-milestones</id>
<sourceDirectory>src/docs/asciidocs</sourceDirectory> <name>Spring Milestones</name>
<outputDirectory>target/generated-docs</outputDirectory> <url>https://repo.spring.io/milestone</url>
</configuration> <snapshots>
</execution> <enabled>false</enabled>
</executions> </snapshots>
</plugin> </repository>
</plugins> </repositories>
</build> <pluginRepositories>
<pluginRepository>
<repositories> <id>spring-milestones</id>
<repository> <name>Spring Milestones</name>
<id>spring-milestones</id> <url>https://repo.spring.io/milestone</url>
<name>Spring Milestones</name> <snapshots>
<url>https://repo.spring.io/milestone</url> <enabled>false</enabled>
<snapshots> </snapshots>
<enabled>false</enabled> </pluginRepository>
</snapshots> </pluginRepositories>
</repository>
</repositories> <properties>
<pluginRepositories> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<pluginRepository> <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<id>spring-milestones</id> <java.version>1.8</java.version>
<name>Spring Milestones</name> <junit.platform.version>1.0.0</junit.platform.version>
<url>https://repo.spring.io/milestone</url> <junit.jupiter.version>5.0.0</junit.jupiter.version>
<snapshots> <maven-surefire-plugin.version>2.20</maven-surefire-plugin.version>
<enabled>false</enabled> <spring.version>5.0.2.RELEASE</spring.version>
</snapshots> <reactor-spring.version>1.0.1.RELEASE</reactor-spring.version>
</pluginRepository> <johnzon.version>1.1.3</johnzon.version>
</pluginRepositories> <jsonb-api.version>1.0</jsonb-api.version>
<geronimo-json_1.1_spec.version>1.0</geronimo-json_1.1_spec.version>
<properties> <asciidoctor-plugin.version>1.5.6</asciidoctor-plugin.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <snippetsDirectory>${project.build.directory}/generated-snippets</snippetsDirectory>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> </properties>
<java.version>1.8</java.version>
<junit.platform.version>1.0.0</junit.platform.version> </project>
<junit.jupiter.version>5.0.0</junit.jupiter.version>
<maven-surefire-plugin.version>2.20</maven-surefire-plugin.version>
<spring.version>5.0.2.RELEASE</spring.version>
<reactor-spring.version>1.0.1.RELEASE</reactor-spring.version>
<johnzon.version>1.1.3</johnzon.version>
<jsonb-api.version>1.0</jsonb-api.version>
<geronimo-json_1.1_spec.version>1.0</geronimo-json_1.1_spec.version>
<asciidoctor-plugin.version>1.5.6</asciidoctor-plugin.version>
<snippetsDirectory>${project.build.directory}/generated-snippets</snippetsDirectory>
</properties>
</project>

View File

@ -1,15 +0,0 @@
package com.baeldung;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.ComponentScan;
@ComponentScan(basePackages = {"com.baeldung.securityextrafields"})
@SpringBootApplication
public class SpringSecurity5ExtraLoginFieldsApplication {
public static void main(String[] args) {
SpringApplication.run(SpringSecurity5ExtraLoginFieldsApplication.class, args);
}
}

View File

@ -1,54 +0,0 @@
package com.baeldung.securityextrafields;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
public static final String SPRING_SECURITY_FORM_DOMAIN_KEY = "domain";
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException {
if (!request.getMethod()
.equals("POST")) {
throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
}
UsernamePasswordAuthenticationToken authRequest = getAuthRequest(request);
setDetails(request, authRequest);
return this.getAuthenticationManager()
.authenticate(authRequest);
}
private UsernamePasswordAuthenticationToken getAuthRequest(HttpServletRequest request) {
String username = obtainUsername(request);
String password = obtainPassword(request);
String domain = obtainDomain(request);
if (username == null) {
username = "";
}
if (password == null) {
password = "";
}
if (domain == null) {
domain = "";
}
String usernameDomain = String.format("%s%s%s", username.trim(),
String.valueOf(Character.LINE_SEPARATOR), domain);
return new UsernamePasswordAuthenticationToken(usernameDomain, password);
}
private String obtainDomain(HttpServletRequest request) {
return request.getParameter(SPRING_SECURITY_FORM_DOMAIN_KEY);
}
}

View File

@ -1,32 +0,0 @@
package com.baeldung.securityextrafields;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service("userDetailsService")
public class CustomUserDetailsService implements UserDetailsService {
private final UserRepository userRepository;
public CustomUserDetailsService(UserRepository userRepository) {
this.userRepository = userRepository;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
String[] usernameAndDomain = StringUtils.split(username, String.valueOf(Character.LINE_SEPARATOR));
if (usernameAndDomain == null || usernameAndDomain.length != 2) {
throw new UsernameNotFoundException("Username and domain must be provided");
}
User user = userRepository.findUser(usernameAndDomain[0], usernameAndDomain[1]);
if (user == null) {
throw new UsernameNotFoundException(
String.format("Username not found for domain, username=%s, domain=%s",
usernameAndDomain[0], usernameAndDomain[1]));
}
return user;
}
}

View File

@ -1,26 +0,0 @@
package com.baeldung.securityextrafields;
import java.util.ArrayList;
import java.util.Collection;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Repository;
@Repository("userRepository")
public class CustomUserRepository implements UserRepository {
@Override
public User findUser(String username, String domain) {
if (StringUtils.isAnyBlank(username, domain)) {
return null;
} else {
Collection<? extends GrantedAuthority> authorities = new ArrayList<>();
User user = new User(username, domain,
"$2a$10$U3GhSMpsMSOE8Kqsbn58/edxDBKlVuYMh7qk/7ErApYFjJzi2VG5K", true,
true, true, true, authorities);
return user;
}
}
}

View File

@ -1,63 +0,0 @@
package com.baeldung.securityextrafields;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.addFilterBefore(authenticationFilter(), UsernamePasswordAuthenticationFilter.class)
.authorizeRequests()
.antMatchers("/css/**", "/index").permitAll()
.antMatchers("/user/**").authenticated()
.and()
.formLogin().loginPage("/login")
.and()
.logout()
.logoutUrl("/logout");
}
public CustomAuthenticationFilter authenticationFilter() throws Exception {
CustomAuthenticationFilter filter = new CustomAuthenticationFilter();
filter.setAuthenticationManager(authenticationManagerBean());
filter.setAuthenticationFailureHandler(failureHandler());
return filter;
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authProvider());
}
public AuthenticationProvider authProvider() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(userDetailsService);
provider.setPasswordEncoder(passwordEncoder());
return provider;
}
public SimpleUrlAuthenticationFailureHandler failureHandler() {
return new SimpleUrlAuthenticationFailureHandler("/login?error=true");
}
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

View File

@ -1,23 +0,0 @@
package com.baeldung.securityextrafields;
import java.util.Collection;
import org.springframework.security.core.GrantedAuthority;
public class User extends org.springframework.security.core.userdetails.User {
private static final long serialVersionUID = 1L;
private final String domain;
public User(String username, String domain, String password, boolean enabled,
boolean accountNonExpired, boolean credentialsNonExpired,
boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
this.domain = domain;
}
public String getDomain() {
return domain;
}
}

View File

@ -1,7 +0,0 @@
package com.baeldung.securityextrafields;
public interface UserRepository {
public User findUser(String username, String domain);
}

View File

@ -1,51 +0,0 @@
package com.baeldung.securityextrafields;
import java.util.Optional;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class WebController {
@RequestMapping("/")
public String root() {
return "redirect:/index";
}
@RequestMapping("/index")
public String index(Model model) {
getDomain().ifPresent(d -> {
model.addAttribute("domain", d);
});
return "index";
}
@RequestMapping("/user/index")
public String userIndex(Model model) {
getDomain().ifPresent(d -> {
model.addAttribute("domain", d);
});
return "user/index";
}
@RequestMapping("/login")
public String login() {
return "login";
}
private Optional<String> getDomain() {
Authentication auth = SecurityContextHolder.getContext()
.getAuthentication();
String domain = null;
if (auth != null && !auth.getClass().equals(AnonymousAuthenticationToken.class)) {
User user = (User) auth.getPrincipal();
domain = user.getDomain();
}
return Optional.ofNullable(domain);
}
}

View File

@ -1,18 +0,0 @@
body {
font-family: sans;
font-size: 1em;
}
p.error {
font-weight: bold;
color: red;
}
div.logout {
float: right;
}
.formfield {
margin: 0.5em;
padding: 0.3em;
}

View File

@ -1,24 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<title>Spring Security - Login With Extra Fields</title>
<meta charset="utf-8" />
<link rel="stylesheet" href="/css/main.css" th:href="@{/css/main.css}" />
</head>
<body>
<div th:fragment="logout" class="logout" sec:authorize="isAuthenticated()">
Logged in user: <span sec:authentication="name"></span> |
domain: <span th:text="${domain}">Some Domain</span>
<div>
<form action="#" th:action="@{/logout}" method="post">
<input type="submit" value="Logout" />
</form>
</div>
</div>
<h1>Hello Spring Security</h1>
<p>This is an unsecured page, but you can access the secured pages after authenticating.</p>
<ul>
<li>Go to the <a href="/user/index" th:href="@{/user/index}">secured pages</a></li>
</ul>
</body>
</html>

View File

@ -1,23 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<title>Login page</title>
<meta charset="utf-8" />
<link rel="stylesheet" href="/css/main.css" th:href="@{/css/main.css}" />
</head>
<body>
<h1>Login page</h1>
<p>Example: user / domain / password</p>
<p th:if="${param.error}" class="error">Invalid user, password, or domain</p>
<form th:action="@{/login}" method="post">
<label for="username">Username</label>:
<input class="formfield" type="text" id="username" name="username" autofocus="autofocus" /> <br />
<label for="domain">Domain</label>:
<input class="formfield" type="text" id="domain" name="domain" /> <br />
<label for="password">Password</label>:
<input class="formfield" type="password" id="password" name="password" /> <br />
<input type="submit" value="Log in" />
</form>
<p><a href="/index" th:href="@{/index}">Back to home page</a></p>
</body>
</html>

View File

@ -1,13 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<title>Spring Security - Login With Extra Fields</title>
<meta charset="utf-8" />
<link rel="stylesheet" href="/css/main.css" th:href="@{/css/main.css}" />
</head>
<body>
<div th:replace="index::logout"></div>
<h1>This is a secured page!</h1>
<p><a href="/index" th:href="@{/index}">Back to home page</a></p>
</body>
</html>