[BAEL-14942] - Create code for the Spring Security - Run-as authentication article

spring-security-rest-custom/src/main/java/org/baeldung/config/child/MethodSecurityConfig.java

@@ -0,0 +1,37 @@
+package org.baeldung.config.child;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.intercept.RunAsImplAuthenticationProvider;
+import org.springframework.security.access.intercept.RunAsManager;
+import org.springframework.security.access.intercept.RunAsManagerImpl;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
+
+
+@Configuration
+@EnableGlobalMethodSecurity(securedEnabled = true)
+public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
+
+    @Override
+    protected RunAsManager runAsManager() {
+        RunAsManagerImpl runAsManager = new RunAsManagerImpl();
+        runAsManager.setKey("MyRunAsKey");
+        return runAsManager;
+    }
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.authenticationProvider(runAsAuthenticationProvider());
+    }
+
+    @Bean
+    public AuthenticationProvider runAsAuthenticationProvider() {
+        RunAsImplAuthenticationProvider authProvider = new RunAsImplAuthenticationProvider();
+        authProvider.setKey("MyRunAsKey");
+        return authProvider;
+    }
+}

spring-security-rest-custom/src/main/java/org/baeldung/service/RunAsService.java

@@ -0,0 +1,17 @@
+package org.baeldung.service;
+
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Service;
+
+@Service
+public class RunAsService {
+
+    @Secured({ "ROLE_RUN_AS_REPORTER" })
+    public Authentication getCurrentUser() {
+        Authentication authentication = 
+                SecurityContextHolder.getContext().getAuthentication();
+        return authentication;
+    }
+}

spring-security-rest-custom/src/main/java/org/baeldung/web/controller/RunAsController.java

@@ -0,0 +1,23 @@
+package org.baeldung.web.controller;
+
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+
+@Controller
+@RequestMapping("/runas")
+public class RunAsController {
+
+    @Secured({ "ROLE_USER", "RUN_AS_REPORTER" })
+    @RequestMapping
+    @ResponseBody
+    public String tryRunAs() {
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        return "Current User Authorities inside this RunAS method only " + 
+        auth.getAuthorities().toString();
+    }
+}

spring-security-rest-custom/src/main/java/org/baeldung/web/controller/ViewController.java

@@ -10,4 +10,9 @@ public class ViewController {
     public String index() {
         return "index";
     }
+    
+    @RequestMapping({ "/runashome" })
+    public String run() {
+        return "runas";
+    }
 }

spring-security-rest-custom/src/main/webapp/WEB-INF/templates/runas.html

@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html xmlns:th="https://www.thymeleaf.org"
+	xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
+<body>
+	Current user authorities:
+	<span sec:authentication="principal.authorities">user</span>
+	<br />
+	<span id="temp"></span>
+	<a href="#" onclick="tryRunAs()">Generate Report As Super User</a>
+
+	<script
+		src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
+	<script type="text/javascript">
+	
+		function tryRunAs(){
+			var context = window.location.pathname.substring(0, window.location.pathname.indexOf("/", 2));
+		    $.get( context + "/runas" , function( data ) {
+		         $("#temp").html(data);
+		    });
+		}
+	</script>
+</body>
+</html>