JAVA-29311: migrate spring-security-web-login-2 to parent-boot-3. (#15913)

This commit is contained in:
Harry9656 2024-02-19 17:39:32 +01:00 committed by GitHub
parent c48af54d80
commit b4bbf68734
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 24 additions and 20 deletions

View File

@ -10,8 +10,9 @@
<parent> <parent>
<groupId>com.baeldung</groupId> <groupId>com.baeldung</groupId>
<artifactId>spring-security-modules</artifactId> <artifactId>parent-boot-3</artifactId>
<version>0.0.1-SNAPSHOT</version> <version>0.0.1-SNAPSHOT</version>
<relativePath>../../parent-boot-3</relativePath>
</parent> </parent>
<dependencies> <dependencies>
@ -29,7 +30,7 @@
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.thymeleaf.extras</groupId> <groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId> <artifactId>thymeleaf-extras-springsecurity6</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework</groupId> <groupId>org.springframework</groupId>
@ -56,4 +57,7 @@
</plugins> </plugins>
</build> </build>
<properties>
<start-class>com.baeldung.manuallogout.ManualLogoutApplication</start-class>
</properties>
</project> </project>

View File

@ -1,20 +1,20 @@
package com.baeldung.logoutredirects.securityconfig; package com.baeldung.logoutredirects.securityconfig;
import javax.servlet.http.HttpServletResponse;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import jakarta.servlet.http.HttpServletResponse;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class SpringSecurityConfig { public class SpringSecurityConfig {
@Bean @Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeRequests(authz -> authz.mvcMatchers("/login") http.authorizeHttpRequests(authz -> authz.requestMatchers("/login")
.permitAll() .permitAll()
.anyRequest() .anyRequest()
.authenticated()) .authenticated())

View File

@ -5,9 +5,6 @@ import static org.springframework.security.web.header.writers.ClearSiteDataHeade
import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.EXECUTION_CONTEXTS; import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.EXECUTION_CONTEXTS;
import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.STORAGE; import static org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive.STORAGE;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
@ -20,11 +17,14 @@ import org.springframework.security.web.authentication.logout.HeaderWriterLogout
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter; import org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.Cookie;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class SimpleSecurityConfiguration { public class SimpleSecurityConfiguration {
private static Logger logger = LoggerFactory.getLogger(SimpleSecurityConfiguration.class); private static final Logger logger = LoggerFactory.getLogger(SimpleSecurityConfiguration.class);
@Order(4) @Order(4)
@Configuration @Configuration
@ -32,8 +32,8 @@ public class SimpleSecurityConfiguration {
@Bean @Bean
public SecurityFilterChain filterChainLogoutOnRequest(HttpSecurity http) throws Exception { public SecurityFilterChain filterChainLogoutOnRequest(HttpSecurity http) throws Exception {
http.antMatcher("/request/**") http.securityMatcher("/request/**")
.authorizeRequests(authz -> authz.anyRequest() .authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll()) .permitAll())
.logout(logout -> logout.logoutUrl("/request/logout") .logout(logout -> logout.logoutUrl("/request/logout")
.addLogoutHandler((request, response, auth) -> { .addLogoutHandler((request, response, auth) -> {
@ -53,8 +53,8 @@ public class SimpleSecurityConfiguration {
@Bean @Bean
public SecurityFilterChain filterChainDefaultLogout(HttpSecurity http) throws Exception { public SecurityFilterChain filterChainDefaultLogout(HttpSecurity http) throws Exception {
http.antMatcher("/basic/**") http.securityMatcher("/basic/**")
.authorizeRequests(authz -> authz.anyRequest() .authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll()) .permitAll())
.logout(logout -> logout.logoutUrl("/basic/basiclogout")); .logout(logout -> logout.logoutUrl("/basic/basiclogout"));
return http.build(); return http.build();
@ -67,8 +67,8 @@ public class SimpleSecurityConfiguration {
@Bean @Bean
public SecurityFilterChain filterChainAllCookieClearing(HttpSecurity http) throws Exception { public SecurityFilterChain filterChainAllCookieClearing(HttpSecurity http) throws Exception {
http.antMatcher("/cookies/**") http.securityMatcher("/cookies/**")
.authorizeRequests(authz -> authz.anyRequest() .authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll()) .permitAll())
.logout(logout -> logout.logoutUrl("/cookies/cookielogout") .logout(logout -> logout.logoutUrl("/cookies/cookielogout")
.addLogoutHandler(new SecurityContextLogoutHandler()) .addLogoutHandler(new SecurityContextLogoutHandler())
@ -92,8 +92,8 @@ public class SimpleSecurityConfiguration {
@Bean @Bean
public SecurityFilterChain filterChainClearSiteDataHeader(HttpSecurity http) throws Exception { public SecurityFilterChain filterChainClearSiteDataHeader(HttpSecurity http) throws Exception {
http.antMatcher("/csd/**") http.securityMatcher("/csd/**")
.authorizeRequests(authz -> authz.anyRequest() .authorizeHttpRequests(authz -> authz.anyRequest()
.permitAll()) .permitAll())
.logout(logout -> logout.logoutUrl("/csd/csdlogout") .logout(logout -> logout.logoutUrl("/csd/csdlogout")
.addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE)))); .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE))));

View File

@ -9,9 +9,6 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpSession;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -22,6 +19,9 @@ import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpSession;
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@WebMvcTest(SimpleSecurityConfiguration.class) @WebMvcTest(SimpleSecurityConfiguration.class)
public class ManualLogoutIntegrationTest { public class ManualLogoutIntegrationTest {