From b840f15629bca4ac3c8817699fa9e77c7d83c3ae Mon Sep 17 00:00:00 2001 From: Grzegorz Piwowarek Date: Sat, 3 Jun 2017 18:49:32 +0200 Subject: [PATCH] Merge rest-digest (#1985) * Merge modules * Merge rest-digest --- pom.xml | 1 - spring-security-mvc-digest-auth/README.md | 2 + spring-security-mvc-digest-auth/pom.xml | 45 +++ ...ntsClientHttpRequestFactoryDigestAuth.java | 4 +- .../org/baeldung/spring/ClientConfig.java | 44 +++ .../baeldung/client/RawClientLiveTest.java | 34 +- spring-security-rest-digest-auth/.gitignore | 13 - spring-security-rest-digest-auth/README.md | 9 - spring-security-rest-digest-auth/pom.xml | 299 ------------------ .../ClientPreemptiveDigestAuthentication.java | 75 ----- .../baeldung/client/spring/ClientConfig.java | 66 ---- ...uestAwareAuthenticationSuccessHandler.java | 48 --- .../RestAuthenticationEntryPoint.java | 23 -- .../baeldung/spring/SecSecurityConfig.java | 16 - .../java/org/baeldung/spring/WebConfig.java | 31 -- .../web/controller/BarController.java | 31 -- .../web/controller/FooController.java | 33 -- .../main/java/org/baeldung/web/dto/Bar.java | 14 - .../main/java/org/baeldung/web/dto/Foo.java | 14 - .../src/main/resources/logback.xml | 19 -- .../src/main/resources/webSecurityConfig.xml | 34 -- .../src/main/webapp/WEB-INF/api-servlet.xml | 6 - .../src/main/webapp/WEB-INF/web.xml | 52 --- .../client/ClientNoSpringLiveTest.java | 64 ---- .../client/ClientWithSpringLiveTest.java | 32 -- .../java/org/baeldung/test/LiveTestSuite.java | 18 -- .../src/test/resources/.gitignore | 13 - 27 files changed, 109 insertions(+), 931 deletions(-) rename {spring-security-rest-digest-auth => spring-security-mvc-digest-auth}/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryDigestAuth.java (100%) create mode 100644 spring-security-mvc-digest-auth/src/main/java/org/baeldung/spring/ClientConfig.java rename {spring-security-rest-digest-auth => spring-security-mvc-digest-auth}/src/test/java/org/baeldung/client/RawClientLiveTest.java (50%) delete mode 100644 spring-security-rest-digest-auth/.gitignore delete mode 100644 spring-security-rest-digest-auth/README.md delete mode 100644 spring-security-rest-digest-auth/pom.xml delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/client/ClientPreemptiveDigestAuthentication.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/client/spring/ClientConfig.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/security/MySavedRequestAwareAuthenticationSuccessHandler.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/security/RestAuthenticationEntryPoint.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/SecSecurityConfig.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/WebConfig.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/BarController.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/FooController.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Bar.java delete mode 100644 spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Foo.java delete mode 100644 spring-security-rest-digest-auth/src/main/resources/logback.xml delete mode 100644 spring-security-rest-digest-auth/src/main/resources/webSecurityConfig.xml delete mode 100644 spring-security-rest-digest-auth/src/main/webapp/WEB-INF/api-servlet.xml delete mode 100644 spring-security-rest-digest-auth/src/main/webapp/WEB-INF/web.xml delete mode 100644 spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientNoSpringLiveTest.java delete mode 100644 spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientWithSpringLiveTest.java delete mode 100644 spring-security-rest-digest-auth/src/test/java/org/baeldung/test/LiveTestSuite.java delete mode 100644 spring-security-rest-digest-auth/src/test/resources/.gitignore diff --git a/pom.xml b/pom.xml index d205127210..3640713ddd 100644 --- a/pom.xml +++ b/pom.xml @@ -192,7 +192,6 @@ spring-security-mvc-session spring-security-rest-basic-auth spring-security-rest-custom - spring-security-rest-digest-auth spring-security-rest-full spring-security-rest spring-security-x509 diff --git a/spring-security-mvc-digest-auth/README.md b/spring-security-mvc-digest-auth/README.md index 8b79b6b113..be0bf0a675 100644 --- a/spring-security-mvc-digest-auth/README.md +++ b/spring-security-mvc-digest-auth/README.md @@ -7,3 +7,5 @@ The "Learn Spring Security" Classes: http://github.learnspringsecurity.com ### Relevant Article: - [Spring Security Digest Authentication](http://www.baeldung.com/spring-security-digest-authentication) +- [RestTemplate with Digest Authentication](http://www.baeldung.com/resttemplate-digest-authentication) + diff --git a/spring-security-mvc-digest-auth/pom.xml b/spring-security-mvc-digest-auth/pom.xml index 50fd0fa479..202d98da54 100644 --- a/spring-security-mvc-digest-auth/pom.xml +++ b/spring-security-mvc-digest-auth/pom.xml @@ -84,6 +84,18 @@ ${org.springframework.version} + + org.springframework + spring-oxm + ${org.springframework.version} + + + + org.springframework + spring-web + ${org.springframework.version} + + @@ -108,6 +120,39 @@ ${guava.version} + + org.apache.httpcomponents + httpcore + ${httpcore.version} + + + commons-logging + commons-logging + + + + + + org.apache.httpcomponents + httpclient + ${httpclient.version} + + + commons-logging + commons-logging + + + + + + + org.springframework + spring-test + ${org.springframework.version} + test + + + diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryDigestAuth.java b/spring-security-mvc-digest-auth/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryDigestAuth.java similarity index 100% rename from spring-security-rest-digest-auth/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryDigestAuth.java rename to spring-security-mvc-digest-auth/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryDigestAuth.java index 49487da545..1e6f213305 100644 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryDigestAuth.java +++ b/spring-security-mvc-digest-auth/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryDigestAuth.java @@ -1,7 +1,5 @@ package org.baeldung.client; -import java.net.URI; - import org.apache.http.HttpHost; import org.apache.http.client.AuthCache; import org.apache.http.client.HttpClient; @@ -13,6 +11,8 @@ import org.apache.http.protocol.HttpContext; import org.springframework.http.HttpMethod; import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import java.net.URI; + public class HttpComponentsClientHttpRequestFactoryDigestAuth extends HttpComponentsClientHttpRequestFactory { HttpHost host; diff --git a/spring-security-mvc-digest-auth/src/main/java/org/baeldung/spring/ClientConfig.java b/spring-security-mvc-digest-auth/src/main/java/org/baeldung/spring/ClientConfig.java new file mode 100644 index 0000000000..f305321f13 --- /dev/null +++ b/spring-security-mvc-digest-auth/src/main/java/org/baeldung/spring/ClientConfig.java @@ -0,0 +1,44 @@ +package org.baeldung.spring; + +import org.apache.http.HttpHost; +import org.apache.http.auth.AuthScope; +import org.apache.http.auth.UsernamePasswordCredentials; +import org.apache.http.client.CredentialsProvider; +import org.apache.http.impl.client.BasicCredentialsProvider; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.baeldung.client.HttpComponentsClientHttpRequestFactoryDigestAuth; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import org.springframework.web.client.RestTemplate; + +@Configuration +public class ClientConfig { + private static final String DEFAULT_USER = "user1"; + private static final String DEFAULT_PASS = "user1Pass"; + + public ClientConfig() { + super(); + } + + @Bean + public RestTemplate restTemplate() { + HttpHost host = new HttpHost("localhost", 8080, "http"); + CloseableHttpClient client = HttpClientBuilder.create(). + setDefaultCredentialsProvider(provider()).useSystemProperties().build(); + HttpComponentsClientHttpRequestFactory requestFactory = + new HttpComponentsClientHttpRequestFactoryDigestAuth(host, client); + + return new RestTemplate(requestFactory); + } + + private CredentialsProvider provider() { + CredentialsProvider provider = new BasicCredentialsProvider(); + UsernamePasswordCredentials credentials = + new UsernamePasswordCredentials("user1", "user1Pass"); + provider.setCredentials(AuthScope.ANY, credentials); + return provider; + } + +} \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java b/spring-security-mvc-digest-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java similarity index 50% rename from spring-security-rest-digest-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java rename to spring-security-mvc-digest-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java index 83e888e793..90c2a29968 100644 --- a/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java +++ b/spring-security-mvc-digest-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java @@ -1,49 +1,47 @@ package org.baeldung.client; -import java.io.IOException; -import java.util.Timer; -import java.util.TimerTask; - import org.apache.http.HttpResponse; -import org.apache.http.client.ClientProtocolException; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; -import org.baeldung.client.spring.ClientConfig; +import org.baeldung.spring.ClientConfig; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.support.AnnotationConfigContextLoader; +import java.io.IOException; +import java.util.Timer; +import java.util.TimerTask; + @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(classes = { ClientConfig.class }, loader = AnnotationConfigContextLoader.class) +@ContextConfiguration(classes = {ClientConfig.class}, loader = AnnotationConfigContextLoader.class) public class RawClientLiveTest { // tests @Test - public final void whenSecuredRestApiIsConsumed_then200OK() throws ClientProtocolException, IOException { - final CloseableHttpClient httpClient = HttpClientBuilder.create().build(); + public void whenSecuredRestApiIsConsumed_then200OK() throws IOException { + CloseableHttpClient httpClient = HttpClientBuilder.create().build(); - final int timeout = 20; // seconds - final RequestConfig requestConfig = RequestConfig.custom().setConnectionRequestTimeout(timeout).setConnectTimeout(timeout).setSocketTimeout(timeout).build(); - final HttpGet getMethod = new HttpGet("http://localhost:8082/spring-security-rest-basic-auth/api/bars/1"); + int timeout = 20; // seconds + RequestConfig requestConfig = RequestConfig.custom().setConnectionRequestTimeout(timeout) + .setConnectTimeout(timeout).setSocketTimeout(timeout).build(); + HttpGet getMethod = new HttpGet("http://localhost:8082/spring-security-rest-basic-auth/api/bars/1"); getMethod.setConfig(requestConfig); - final int hardTimeout = 5; // seconds - final TimerTask task = new TimerTask() { + int hardTimeout = 5; // seconds + TimerTask task = new TimerTask() { @Override public void run() { - if (getMethod != null) { - getMethod.abort(); - } + getMethod.abort(); } }; new Timer(true).schedule(task, hardTimeout * 1000); - final HttpResponse response = httpClient.execute(getMethod); + HttpResponse response = httpClient.execute(getMethod); System.out.println("HTTP Status of response: " + response.getStatusLine().getStatusCode()); } diff --git a/spring-security-rest-digest-auth/.gitignore b/spring-security-rest-digest-auth/.gitignore deleted file mode 100644 index 83c05e60c8..0000000000 --- a/spring-security-rest-digest-auth/.gitignore +++ /dev/null @@ -1,13 +0,0 @@ -*.class - -#folders# -/target -/neoDb* -/data -/src/main/webapp/WEB-INF/classes -*/META-INF/* - -# Packaged files # -*.jar -*.war -*.ear \ No newline at end of file diff --git a/spring-security-rest-digest-auth/README.md b/spring-security-rest-digest-auth/README.md deleted file mode 100644 index 3328bcb2e3..0000000000 --- a/spring-security-rest-digest-auth/README.md +++ /dev/null @@ -1,9 +0,0 @@ -========= - -## REST API with Digest Authentication - Example Project - -###The Course -The "Learn Spring Security" Classes: http://github.learnspringsecurity.com - -### Relevant Articles: -- [RestTemplate with Digest Authentication](http://www.baeldung.com/resttemplate-digest-authentication) diff --git a/spring-security-rest-digest-auth/pom.xml b/spring-security-rest-digest-auth/pom.xml deleted file mode 100644 index 2e1fe1ea35..0000000000 --- a/spring-security-rest-digest-auth/pom.xml +++ /dev/null @@ -1,299 +0,0 @@ - - 4.0.0 - com.baeldung - spring-security-rest-digest-auth - 0.1-SNAPSHOT - - spring-security-rest-digest-auth - war - - - com.baeldung - parent-modules - 1.0.0-SNAPSHOT - - - - - - - - org.springframework.security - spring-security-web - ${org.springframework.security.version} - - - org.springframework.security - spring-security-config - ${org.springframework.security.version} - - - - - - org.springframework - spring-core - ${org.springframework.version} - - - commons-logging - commons-logging - - - - - org.springframework - spring-context - ${org.springframework.version} - - - org.springframework - spring-jdbc - ${org.springframework.version} - - - org.springframework - spring-beans - ${org.springframework.version} - - - org.springframework - spring-aop - ${org.springframework.version} - - - org.springframework - spring-tx - ${org.springframework.version} - - - org.springframework - spring-expression - ${org.springframework.version} - - - - org.springframework - spring-web - ${org.springframework.version} - - - org.springframework - spring-webmvc - ${org.springframework.version} - - - - org.springframework - spring-oxm - ${org.springframework.version} - - - - org.springframework - spring-web - ${org.springframework.version} - - - - - - com.fasterxml.jackson.core - jackson-databind - ${jackson.version} - - - - - - org.apache.httpcomponents - httpcore - ${httpcore.version} - - - commons-logging - commons-logging - - - - - - org.apache.httpcomponents - httpclient - ${httpclient.version} - - - commons-logging - commons-logging - - - - - - - - javax.servlet - javax.servlet-api - ${javax.servlet.version} - provided - - - - javax.servlet - jstl - ${jstl.version} - runtime - - - - - - com.google.guava - guava - ${guava.version} - - - - - - org.springframework - spring-test - ${org.springframework.version} - test - - - - - - spring-security-rest-digest-auth - - - src/main/resources - true - - - - - - - org.apache.maven.plugins - maven-war-plugin - ${maven-war-plugin.version} - - - - org.codehaus.cargo - cargo-maven2-plugin - ${cargo-maven2-plugin.version} - - true - - jetty8x - embedded - - - - - - - 8082 - - - - - - - - - - - - live - - - - org.codehaus.cargo - cargo-maven2-plugin - - - start-server - pre-integration-test - - start - - - - stop-server - post-integration-test - - stop - - - - - - - org.apache.maven.plugins - maven-surefire-plugin - - - integration-test - - test - - - - none - - - **/*LiveTest.java - - - cargo - - - - - - - - - - - - - - 4.3.4.RELEASE - 4.2.0.RELEASE - - - 5.2.5.Final - 5.1.40 - - - 4.4.5 - 4.5.2 - - - 2.8.5 - - - 5.3.3.Final - 3.1.0 - 1.2 - - - 19.0 - 3.5 - - - 2.9.0 - - - 2.6 - 1.6.1 - - - - \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/ClientPreemptiveDigestAuthentication.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/ClientPreemptiveDigestAuthentication.java deleted file mode 100644 index de94a6e393..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/ClientPreemptiveDigestAuthentication.java +++ /dev/null @@ -1,75 +0,0 @@ -package org.baeldung.client; - -import org.apache.http.HttpEntity; -import org.apache.http.HttpHost; -import org.apache.http.HttpResponse; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.http.client.AuthCache; -import org.apache.http.client.CredentialsProvider; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.protocol.HttpClientContext; -import org.apache.http.impl.auth.DigestScheme; -import org.apache.http.impl.client.BasicAuthCache; -import org.apache.http.impl.client.BasicCredentialsProvider; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.protocol.BasicHttpContext; -import org.apache.http.util.EntityUtils; - -/** - * An example of HttpClient can be customized to authenticate - * preemptively using DIGEST scheme. - * - * Generally, preemptive authentication can be considered less - * secure than a response to an authentication challenge - * and therefore discouraged. - */ -public class ClientPreemptiveDigestAuthentication { - - public static void main(final String[] args) throws Exception { - final HttpHost targetHost = new HttpHost("localhost", 8080, "http"); - - final CredentialsProvider credsProvider = new BasicCredentialsProvider(); - credsProvider.setCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()), new UsernamePasswordCredentials("user1", "user1Pass")); - - final CloseableHttpClient httpclient = HttpClients.custom().setDefaultCredentialsProvider(credsProvider).build(); - try { - - // Create AuthCache instance - final AuthCache authCache = new BasicAuthCache(); - // Generate DIGEST scheme object, initialize it and add it to the local auth cache - final DigestScheme digestAuth = new DigestScheme(); - // Suppose we already know the realm name - digestAuth.overrideParamter("realm", "Custom Realm Name"); - - // digestAuth.overrideParamter("nonce", "whatever"); - authCache.put(targetHost, digestAuth); - - // Add AuthCache to the execution context - final BasicHttpContext localcontext = new BasicHttpContext(); - localcontext.setAttribute(HttpClientContext.AUTH_CACHE, authCache); - - final HttpGet httpget = new HttpGet("http://localhost:8080/spring-security-rest-digest-auth/api/foos/1"); - - System.out.println("executing request: " + httpget.getRequestLine()); - System.out.println("to target: " + targetHost); - - for (int i = 0; i < 3; i++) { - final HttpResponse response = httpclient.execute(targetHost, httpget, localcontext); - final HttpEntity entity = response.getEntity(); - - System.out.println("----------------------------------------"); - System.out.println(response.getStatusLine()); - if (entity != null) { - System.out.println("Response content length: " + entity.getContentLength()); - } - EntityUtils.consume(entity); - } - } finally { - // When HttpClient instance is no longer needed, shut down the connection manager to ensure immediate deallocation of all system resources - httpclient.close(); - } - } - -} diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/spring/ClientConfig.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/spring/ClientConfig.java deleted file mode 100644 index 9a3b177500..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/client/spring/ClientConfig.java +++ /dev/null @@ -1,66 +0,0 @@ -package org.baeldung.client.spring; - -import org.apache.http.HttpHost; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.http.client.CredentialsProvider; -import org.apache.http.client.HttpClient; -import org.apache.http.impl.client.BasicCredentialsProvider; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClientBuilder; -import org.baeldung.client.HttpComponentsClientHttpRequestFactoryDigestAuth; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; -import org.springframework.web.client.RestTemplate; - -@Configuration -public class ClientConfig { - private static final String DEFAULT_USER = "user1"; - private static final String DEFAULT_PASS = "user1Pass"; - - public ClientConfig() { - super(); - } - - // beans - - @Bean - public RestTemplate restTemplate() { - final HttpHost host = new HttpHost("localhost", 8080, "http"); - final CloseableHttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(provider()).useSystemProperties().build(); - - final HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactoryDigestAuth(host, client); - final RestTemplate restTemplate = new RestTemplate(requestFactory); - - final int timeout = 5; - configureTimeouts(requestFactory, timeout); - - return restTemplate; - } - - // util - - private final void configureTimeouts(final HttpComponentsClientHttpRequestFactory requestFactory, final int timeout) { - final HttpClient httpClient = requestFactory.getHttpClient(); - // - note: timeout via raw String parameters - // httpClient.getParams().setParameter("http.connection.timeout", timeout * 1000); - // httpClient.getParams().setParameter("http.socket.timeout", timeout * 1000); - - // httpClient.getParams().setParameter("http.connection-manager.timeout", new Long(timeout * 1000)); - // httpClient.getParams().setParameter("http.protocol.head-body-timeout", timeout * 1000); - - // - note: timeout via the API - // final HttpParams httpParams = httpClient.getParams(); - // HttpConnectionParams.setConnectionTimeout(httpParams, timeout * 1000); // http.connection.timeout - // HttpConnectionParams.setSoTimeout(httpParams, timeout * 1000); // http.socket.timeout - } - - private final CredentialsProvider provider() { - final CredentialsProvider provider = new BasicCredentialsProvider(); - final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(DEFAULT_USER, DEFAULT_PASS); - provider.setCredentials(AuthScope.ANY, credentials); - return provider; - } - -} \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/security/MySavedRequestAwareAuthenticationSuccessHandler.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/security/MySavedRequestAwareAuthenticationSuccessHandler.java deleted file mode 100644 index 698052fa2b..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/security/MySavedRequestAwareAuthenticationSuccessHandler.java +++ /dev/null @@ -1,48 +0,0 @@ -package org.baeldung.security; - -import java.io.IOException; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.springframework.security.core.Authentication; -import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; -import org.springframework.security.web.savedrequest.HttpSessionRequestCache; -import org.springframework.security.web.savedrequest.RequestCache; -import org.springframework.security.web.savedrequest.SavedRequest; -import org.springframework.util.StringUtils; - -public class MySavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { - - private RequestCache requestCache = new HttpSessionRequestCache(); - - @Override - public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws ServletException, IOException { - final SavedRequest savedRequest = requestCache.getRequest(request, response); - - if (savedRequest == null) { - super.onAuthenticationSuccess(request, response, authentication); - - return; - } - final String targetUrlParameter = getTargetUrlParameter(); - if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) { - requestCache.removeRequest(request, response); - super.onAuthenticationSuccess(request, response, authentication); - - return; - } - - clearAuthenticationAttributes(request); - - // Use the DefaultSavedRequest URL - // final String targetUrl = savedRequest.getRedirectUrl(); - // logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl); - // getRedirectStrategy().sendRedirect(request, response, targetUrl); - } - - public void setRequestCache(final RequestCache requestCache) { - this.requestCache = requestCache; - } -} diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/security/RestAuthenticationEntryPoint.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/security/RestAuthenticationEntryPoint.java deleted file mode 100644 index 77aa32ff97..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/security/RestAuthenticationEntryPoint.java +++ /dev/null @@ -1,23 +0,0 @@ -package org.baeldung.security; - -import java.io.IOException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.AuthenticationEntryPoint; -import org.springframework.stereotype.Component; - -/** - * The Entry Point will not redirect to any sort of Login - it will return the 401 - */ -@Component -public final class RestAuthenticationEntryPoint implements AuthenticationEntryPoint { - - @Override - public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException { - response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"); - } - -} \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/SecSecurityConfig.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/SecSecurityConfig.java deleted file mode 100644 index 4ce80dab9f..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/SecSecurityConfig.java +++ /dev/null @@ -1,16 +0,0 @@ -package org.baeldung.spring; - -import org.springframework.context.annotation.ComponentScan; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.ImportResource; - -@Configuration -@ImportResource({ "classpath:webSecurityConfig.xml" }) -@ComponentScan("org.baeldung.security") -public class SecSecurityConfig { - - public SecSecurityConfig() { - super(); - } - -} diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/WebConfig.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/WebConfig.java deleted file mode 100644 index 8c3d677af6..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/spring/WebConfig.java +++ /dev/null @@ -1,31 +0,0 @@ -package org.baeldung.spring; - -import java.util.List; - -import org.springframework.context.annotation.ComponentScan; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.converter.HttpMessageConverter; -import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; -import org.springframework.web.servlet.config.annotation.EnableWebMvc; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; - -@Configuration -@EnableWebMvc -@ComponentScan("org.baeldung.web") -public class WebConfig extends WebMvcConfigurerAdapter { - - public WebConfig() { - super(); - } - - // beans - - @Override - public void configureMessageConverters(final List> converters) { - super.configureMessageConverters(converters); - converters.add(new MappingJackson2HttpMessageConverter()); - } - - // - -} \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/BarController.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/BarController.java deleted file mode 100644 index 2bc314baa2..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/BarController.java +++ /dev/null @@ -1,31 +0,0 @@ -package org.baeldung.web.controller; - -import org.baeldung.web.dto.Bar; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationEventPublisher; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -@Controller -@RequestMapping(value = "/bars") -public class BarController { - - @Autowired - private ApplicationEventPublisher eventPublisher; - - public BarController() { - super(); - } - - // API - - @RequestMapping(value = "/{id}", method = RequestMethod.GET) - @ResponseBody - public Bar findOne(@PathVariable("id") final Long id) { - return new Bar(); - } - -} diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/FooController.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/FooController.java deleted file mode 100644 index b50edb2dcf..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/controller/FooController.java +++ /dev/null @@ -1,33 +0,0 @@ -package org.baeldung.web.controller; - -import org.baeldung.web.dto.Foo; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationEventPublisher; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - -@Controller -@RequestMapping(value = "/foos") -public class FooController { - - @Autowired - private ApplicationEventPublisher eventPublisher; - - public FooController() { - super(); - } - - // API - - @RequestMapping(value = "/{id}", method = RequestMethod.GET) - @ResponseBody - @PreAuthorize("hasRole('ROLE_USER')") - public Foo findOne(@PathVariable("id") final Long id) { - return new Foo(); - } - -} diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Bar.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Bar.java deleted file mode 100644 index d33e39a823..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Bar.java +++ /dev/null @@ -1,14 +0,0 @@ -package org.baeldung.web.dto; - -import java.io.Serializable; - -import javax.xml.bind.annotation.XmlRootElement; - -@XmlRootElement -public class Bar implements Serializable { - - public Bar() { - super(); - } - -} diff --git a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Foo.java b/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Foo.java deleted file mode 100644 index 09c1dac933..0000000000 --- a/spring-security-rest-digest-auth/src/main/java/org/baeldung/web/dto/Foo.java +++ /dev/null @@ -1,14 +0,0 @@ -package org.baeldung.web.dto; - -import java.io.Serializable; - -import javax.xml.bind.annotation.XmlRootElement; - -@XmlRootElement -public class Foo implements Serializable { - - public Foo() { - super(); - } - -} diff --git a/spring-security-rest-digest-auth/src/main/resources/logback.xml b/spring-security-rest-digest-auth/src/main/resources/logback.xml deleted file mode 100644 index ec0dc2469a..0000000000 --- a/spring-security-rest-digest-auth/src/main/resources/logback.xml +++ /dev/null @@ -1,19 +0,0 @@ - - - - - web - %date [%thread] %-5level %logger{36} - %message%n - - - - - - - - - - - - - - \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/main/resources/webSecurityConfig.xml b/spring-security-rest-digest-auth/src/main/resources/webSecurityConfig.xml deleted file mode 100644 index 42a59abff0..0000000000 --- a/spring-security-rest-digest-auth/src/main/resources/webSecurityConfig.xml +++ /dev/null @@ -1,34 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/main/webapp/WEB-INF/api-servlet.xml b/spring-security-rest-digest-auth/src/main/webapp/WEB-INF/api-servlet.xml deleted file mode 100644 index 4ba9642448..0000000000 --- a/spring-security-rest-digest-auth/src/main/webapp/WEB-INF/api-servlet.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/main/webapp/WEB-INF/web.xml b/spring-security-rest-digest-auth/src/main/webapp/WEB-INF/web.xml deleted file mode 100644 index 4e05c9f015..0000000000 --- a/spring-security-rest-digest-auth/src/main/webapp/WEB-INF/web.xml +++ /dev/null @@ -1,52 +0,0 @@ - - - - Spring Security Custom Application - - - - contextClass - - org.springframework.web.context.support.AnnotationConfigWebApplicationContext - - - - contextConfigLocation - org.baeldung.spring - - - - org.springframework.web.context.ContextLoaderListener - - - - - api - org.springframework.web.servlet.DispatcherServlet - 1 - - - api - /api/* - - - - - - springSecurityFilterChain - org.springframework.web.filter.DelegatingFilterProxy - - - springSecurityFilterChain - /* - - - - - - - \ No newline at end of file diff --git a/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientNoSpringLiveTest.java b/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientNoSpringLiveTest.java deleted file mode 100644 index cbf6a12ff7..0000000000 --- a/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientNoSpringLiveTest.java +++ /dev/null @@ -1,64 +0,0 @@ -package org.baeldung.client; - -import org.apache.http.HttpHost; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.http.client.CredentialsProvider; -import org.apache.http.impl.client.BasicCredentialsProvider; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClientBuilder; -import org.baeldung.web.dto.Foo; -import org.junit.Test; -import org.springframework.http.HttpMethod; -import org.springframework.http.ResponseEntity; -import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; -import org.springframework.web.client.RestTemplate; - -public class ClientNoSpringLiveTest { - private static final String DEFAULT_USER = "user1"; - private static final String DEFAULT_PASS = "user1Pass"; - - // tests - no Spring - - @Test - public final void givenUsingCustomHttpRequestFactory_whenSecuredRestApiIsConsumed_then200OK() { - final HttpHost host = new HttpHost("localhost", 8082, "http"); - - final CredentialsProvider credentialsProvider = provider(); - final CloseableHttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(credentialsProvider).useSystemProperties().build(); - final HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactoryDigestAuth(host, client); - final RestTemplate restTemplate = new RestTemplate(requestFactory); - - // credentialsProvider.setCredentials(new AuthScope("localhost", 8082, AuthScope.ANY_REALM), new UsernamePasswordCredentials("user1", "user1Pass")); - - final String uri = "http://localhost:8082/spring-security-rest-digest-auth/api/foos/1"; - final ResponseEntity responseEntity = restTemplate.exchange(uri, HttpMethod.GET, null, Foo.class); - - System.out.println(responseEntity.getStatusCode()); - } - - @Test - public final void givenUsingStandardRequestFactory_whenSecuredRestApiIsConsumed_then200OK() { - final CredentialsProvider credentialsProvider = provider(); - final CloseableHttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(credentialsProvider).useSystemProperties().build(); - final HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(client); - final RestTemplate restTemplate = new RestTemplate(requestFactory); - - // credentialsProvider.setCredentials(new AuthScope("localhost", 8080, AuthScope.ANY_REALM), new UsernamePasswordCredentials("user1", "user1Pass")); - - final String uri = "http://localhost:8082/spring-security-rest-digest-auth/api/foos/1"; - final ResponseEntity responseEntity = restTemplate.exchange(uri, HttpMethod.GET, null, Foo.class); - - System.out.println(responseEntity.getStatusCode()); - } - - // UTIL - - private final CredentialsProvider provider() { - final CredentialsProvider provider = new BasicCredentialsProvider(); - final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(DEFAULT_USER, DEFAULT_PASS); - provider.setCredentials(AuthScope.ANY, credentials); - return provider; - } - -} diff --git a/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientWithSpringLiveTest.java b/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientWithSpringLiveTest.java deleted file mode 100644 index d673b2633b..0000000000 --- a/spring-security-rest-digest-auth/src/test/java/org/baeldung/client/ClientWithSpringLiveTest.java +++ /dev/null @@ -1,32 +0,0 @@ -package org.baeldung.client; - -import org.baeldung.client.spring.ClientConfig; -import org.baeldung.web.dto.Foo; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpMethod; -import org.springframework.http.ResponseEntity; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.test.context.support.AnnotationConfigContextLoader; -import org.springframework.web.client.RestTemplate; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(classes = { ClientConfig.class }, loader = AnnotationConfigContextLoader.class) -public class ClientWithSpringLiveTest { - - @Autowired - private RestTemplate restTemplate; - - // tests - no Spring - - @Test - public final void whenSecuredRestApiIsConsumed_then200OK() { - final String uri = "http://localhost:8082/spring-security-rest-digest-auth/api/foos/1"; - final ResponseEntity responseEntity = restTemplate.exchange(uri, HttpMethod.GET, null, Foo.class); - - System.out.println(responseEntity.getStatusCode()); - } - -} diff --git a/spring-security-rest-digest-auth/src/test/java/org/baeldung/test/LiveTestSuite.java b/spring-security-rest-digest-auth/src/test/java/org/baeldung/test/LiveTestSuite.java deleted file mode 100644 index 9e141a87cd..0000000000 --- a/spring-security-rest-digest-auth/src/test/java/org/baeldung/test/LiveTestSuite.java +++ /dev/null @@ -1,18 +0,0 @@ -package org.baeldung.test; - -import org.baeldung.client.ClientNoSpringLiveTest; -import org.baeldung.client.ClientWithSpringLiveTest; -import org.baeldung.client.RawClientLiveTest; -import org.junit.runner.RunWith; -import org.junit.runners.Suite; - -@RunWith(Suite.class) -@Suite.SuiteClasses({ -// @formatter:off - RawClientLiveTest.class - ,ClientWithSpringLiveTest.class - ,ClientNoSpringLiveTest.class -}) // -public class LiveTestSuite { - -} diff --git a/spring-security-rest-digest-auth/src/test/resources/.gitignore b/spring-security-rest-digest-auth/src/test/resources/.gitignore deleted file mode 100644 index 83c05e60c8..0000000000 --- a/spring-security-rest-digest-auth/src/test/resources/.gitignore +++ /dev/null @@ -1,13 +0,0 @@ -*.class - -#folders# -/target -/neoDb* -/data -/src/main/webapp/WEB-INF/classes -*/META-INF/* - -# Packaged files # -*.jar -*.war -*.ear \ No newline at end of file