iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

JAVA-29311: migrate spring-security-web-login-2 to parent-boot-3. (#15913)

This commit is contained in:
Harry9656 2024-02-19 17:39:32 +01:00 committed by GitHub
parent c48af54d80
commit b4bbf68734
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 24 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
spring-security-modules/spring-security-web-login-2/pom.xml
View File

@ -10,8 +10,9 @@
<parent>
<groupId>com.baeldung</groupId>
<artifactId>spring-security-modules</artifactId>
<artifactId>parent-boot-3</artifactId>
<version>0.0.1-SNAPSHOT</version>
<relativePath>../../parent-boot-3</relativePath>
</parent>
<dependencies>
@ -29,7 +30,7 @@
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
<artifactId>thymeleaf-extras-springsecurity6</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
@ -56,4 +57,7 @@
</plugins>
</build>
<properties>
<start-class>com.baeldung.manuallogout.ManualLogoutApplication</start-class>
</properties>
</project>

6
spring-security-modules/spring-security-web-login-2/src/main/java/com/baeldung/logoutredirects/securityconfig/SpringSecurityConfig.java
View File

@ -1,20 +1,20 @@
package com.baeldung.logoutredirects.securityconfig;
import javax.servlet.http.HttpServletResponse;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import jakarta.servlet.http.HttpServletResponse;
@Configuration
@EnableWebSecurity
public class SpringSecurityConfig {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeRequests(authz -> authz.mvcMatchers("/login")
http.authorizeHttpRequests(authz -> authz.requestMatchers("/login")
.permitAll()
.anyRequest()
.authenticated())

24
spring-security-modules/spring-security-web-login-2/src/main/java/com/baeldung/manuallogout/SimpleSecurityConfiguration.java
View File

@ -5,9 +5,6 @@ import static org.springframework.security.web.header.writers.ClearSiteDataHeade
import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.EXECUTION_CONTEXTS;
import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.STORAGE;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
@ -20,11 +17,14 @@ import org.springframework.security.web.authentication.logout.HeaderWriterLogout
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.Cookie;
@Configuration
@EnableWebSecurity
public class SimpleSecurityConfiguration {
private static Logger logger = LoggerFactory.getLogger(SimpleSecurityConfiguration.class);
private static final Logger logger = LoggerFactory.getLogger(SimpleSecurityConfiguration.class);
@Order(4)
@Configuration
@ -32,8 +32,8 @@ public class SimpleSecurityConfiguration {
@Bean
public SecurityFilterChain filterChainLogoutOnRequest(HttpSecurity http) throws Exception {
http.antMatcher("/request/**")
.authorizeRequests(authz -> authz.anyRequest()
http.securityMatcher("/request/**")
.authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll())
.logout(logout -> logout.logoutUrl("/request/logout")
.addLogoutHandler((request, response, auth) -> {
@ -53,8 +53,8 @@ public class SimpleSecurityConfiguration {
@Bean
public SecurityFilterChain filterChainDefaultLogout(HttpSecurity http) throws Exception {
http.antMatcher("/basic/**")
.authorizeRequests(authz -> authz.anyRequest()
http.securityMatcher("/basic/**")
.authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll())
.logout(logout -> logout.logoutUrl("/basic/basiclogout"));
return http.build();
@ -67,8 +67,8 @@ public class SimpleSecurityConfiguration {
@Bean
public SecurityFilterChain filterChainAllCookieClearing(HttpSecurity http) throws Exception {
http.antMatcher("/cookies/**")
.authorizeRequests(authz -> authz.anyRequest()
http.securityMatcher("/cookies/**")
.authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll())
.logout(logout -> logout.logoutUrl("/cookies/cookielogout")
.addLogoutHandler(new SecurityContextLogoutHandler())
@ -92,8 +92,8 @@ public class SimpleSecurityConfiguration {
@Bean
public SecurityFilterChain filterChainClearSiteDataHeader(HttpSecurity http) throws Exception {
http.antMatcher("/csd/**")
.authorizeRequests(authz -> authz.anyRequest()
http.securityMatcher("/csd/**")
.authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll())
.logout(logout -> logout.logoutUrl("/csd/csdlogout")
.addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE))));

6
spring-security-modules/spring-security-web-login-2/src/test/java/com/baeldung/manuallogout/ManualLogoutIntegrationTest.java
View File

@ -9,9 +9,6 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpSession;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@ -22,6 +19,9 @@ import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpSession;
@RunWith(SpringRunner.class)
@WebMvcTest(SimpleSecurityConfiguration.class)
public class ManualLogoutIntegrationTest {