iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add java configuration

Browse Source
This commit is contained in:
DOHA 2016-04-03 19:13:25 +02:00
parent 2f9524ae8e
commit 9b262c9381
6 changed files with 142 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
spring-security-mvc-login/src/main/java/org/baeldung/spring/SecSecurityConfig.java
View File

@ -1,14 +1,59 @@
package org.baeldung.spring; package org.baeldung.spring;
import org.baeldung.security.CustomLogoutSuccessHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
@Configuration @Configuration
@ImportResource({ "classpath:webSecurityConfig.xml" }) // @ImportResource({ "classpath:webSecurityConfig.xml" })
public class SecSecurityConfig { @EnableWebSecurity
public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
public SecSecurityConfig() { public SecSecurityConfig() {
super(); super();
} }
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
// @formatter:off
auth.inMemoryAuthentication()
.withUser("user1").password("user1Pass").roles("USER")
.and()
.withUser("user2").password("user2Pass").roles("USER");
// @formatter:on
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/anonymous*").anonymous()
.antMatchers("/login*").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login.html")
.loginProcessingUrl("/perform_login")
.defaultSuccessUrl("/homepage.html",true)
.failureUrl("/login.html?error=true")
.and()
.logout()
.logoutUrl("/perform_logout")
.deleteCookies("JSESSIONID")
.logoutSuccessHandler(logoutSuccessHandler());
// @formatter:on
}
@Bean
public LogoutSuccessHandler logoutSuccessHandler() {
return new CustomLogoutSuccessHandler();
}
} }

9
spring-security-mvc-login/src/main/webapp/WEB-INF/web.xml
View File

@ -1,9 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation=" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
http://java.sun.com/xml/ns/javaee xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0" version="3.1">
>
<display-name>Spring MVC Application</display-name> <display-name>Spring MVC Application</display-name>

2
spring-security-mvc-session/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java
View File

@ -21,7 +21,7 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
protected MySimpleUrlAuthenticationSuccessHandler() { public MySimpleUrlAuthenticationSuccessHandler() {
super(); super();
} }

58
spring-security-mvc-session/src/main/java/org/baeldung/spring/SecSecurityConfig.java
View File

@ -1,14 +1,66 @@
package org.baeldung.spring; package org.baeldung.spring;
import org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.session.HttpSessionEventPublisher;
@Configuration @Configuration
@ImportResource({ "classpath:webSecurityConfig.xml" }) // @ImportResource({ "classpath:webSecurityConfig.xml" })
public class SecSecurityConfig { @EnableWebSecurity
public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
public SecSecurityConfig() { public SecSecurityConfig() {
super(); super();
} }
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
// @formatter:off
auth.inMemoryAuthentication()
.withUser("user1").password("user1Pass").roles("USER")
.and()
.withUser("admin1").password("admin1Pass").roles("ADMIN");
// @formatter:on
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/anonymous*").anonymous()
.antMatchers("/login*").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login.html")
.loginProcessingUrl("/login")
.successHandler(successHandler())
.failureUrl("/login.html?error=true")
.and()
.logout().deleteCookies("JSESSIONID")
.and()
.rememberMe().key("uniqueAndSecret").tokenValiditySeconds(86400)
.and()
.sessionManagement().invalidSessionUrl("/invalidSession.html").maximumSessions(2).expiredUrl("/sessionExpired.html");
// @formatter:on
}
private AuthenticationSuccessHandler successHandler() {
return new MySimpleUrlAuthenticationSuccessHandler();
}
@Bean
public HttpSessionEventPublisher httpSessionEventPublisher() {
return new HttpSessionEventPublisher();
}
} }

13
spring-security-mvc-session/src/main/webapp/WEB-INF/web.xml
View File

@ -1,9 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation=" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
http://java.sun.com/xml/ns/javaee xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0" version="3.1">
>
<display-name>Spring MVC Session Application</display-name> <display-name>Spring MVC Session Application</display-name>
@ -13,9 +12,9 @@
<listener> <listener>
<listener-class>org.baeldung.web.SessionListenerWithMetrics</listener-class> <listener-class>org.baeldung.web.SessionListenerWithMetrics</listener-class>
</listener> </listener>
<listener> <!-- <listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class> <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener> </listener> -->
<!-- Spring root --> <!-- Spring root -->
<context-param> <context-param>

31
spring-security-rest-custom/src/main/java/org/baeldung/config/parent/SecurityConfig.java
View File

@ -1,16 +1,41 @@
package org.baeldung.config.parent; package org.baeldung.config.parent;
import org.baeldung.security.CustomAuthenticationProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration @Configuration
@ImportResource({ "classpath:webSecurityConfig.xml" }) // @ImportResource({ "classpath:webSecurityConfig.xml" })
@EnableWebSecurity
@ComponentScan("org.baeldung.security") @ComponentScan("org.baeldung.security")
public class SecurityConfig { public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomAuthenticationProvider authProvider;
public SecurityConfig() { public SecurityConfig() {
super(); super();
} }
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authProvider);
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeRequests().anyRequest().authenticated()
.and()
.httpBasic();
// @formatter:on
}
} }