JAVA-29309 Upgrade spring-security-web-digest-auth (#15757)
* JAVA-29309 Upgrade spring-security-web-digest-auth * JAVA-29309 Remove commented line --------- Co-authored-by: timis1 <noreplay@yahoo.com>
This commit is contained in:
timis1
GitHub
parent
7280037213
commit
bda3903057
|
|
@ -10,9 +10,9 @@
|
|||
|
||||
<parent>
|
||||
<groupId>com.baeldung</groupId>
|
||||
<artifactId>parent-spring-5</artifactId>
|
||||
<artifactId>parent-spring-6</artifactId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
<relativePath>../../parent-spring-5</relativePath>
|
||||
<relativePath>../../parent-spring-6</relativePath>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
|
|
@ -86,16 +86,15 @@
|
|||
</dependency>
|
||||
<!-- web -->
|
||||
<dependency>
|
||||
<groupId>javax.servlet</groupId>
|
||||
<artifactId>javax.servlet-api</artifactId>
|
||||
<version>${javax.servlet-api.version}</version>
|
||||
<groupId>jakarta.servlet</groupId>
|
||||
<artifactId>jakarta.servlet-api</artifactId>
|
||||
<version>${jakarta.servlet-api.version}</version>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.servlet</groupId>
|
||||
<artifactId>jstl</artifactId>
|
||||
<version>${jstl.version}</version>
|
||||
<scope>runtime</scope>
|
||||
<groupId>jakarta.servlet.jsp.jstl</groupId>
|
||||
<artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
|
||||
<version>${jakarta.jstl-api.version}</version>
|
||||
</dependency>
|
||||
<!-- util -->
|
||||
<dependency>
|
||||
|
|
@ -104,9 +103,9 @@
|
|||
<version>${guava.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpcore</artifactId>
|
||||
<version>${httpcore.version}</version>
|
||||
<groupId>org.apache.httpcomponents.core5</groupId>
|
||||
<artifactId>httpcore5</artifactId>
|
||||
<version>${httpcore5.version}</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<artifactId>commons-logging</artifactId>
|
||||
|
|
@ -115,9 +114,9 @@
|
|||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
<version>${httpclient.version}</version>
|
||||
<groupId>org.apache.httpcomponents.client5</groupId>
|
||||
<artifactId>httpclient5</artifactId>
|
||||
<version>${httpclient5.version}</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<artifactId>commons-logging</artifactId>
|
||||
|
|
@ -172,10 +171,12 @@
|
|||
|
||||
<properties>
|
||||
<!-- Spring -->
|
||||
<org.springframework.security.version>4.2.6.RELEASE</org.springframework.security.version>
|
||||
<org.springframework.security.version>6.1.5</org.springframework.security.version>
|
||||
<!-- util -->
|
||||
<httpcore.version>4.4.5</httpcore.version>
|
||||
<httpclient.version>4.5.2</httpclient.version>
|
||||
<httpcore5.version>5.2.4</httpcore5.version>
|
||||
<httpclient5.version>5.3</httpclient5.version>
|
||||
<jakarta.servlet-api.version>6.1.0-M1</jakarta.servlet-api.version>
|
||||
<jakarta.jstl-api.version>3.0.0</jakarta.jstl-api.version>
|
||||
<!-- Maven plugins -->
|
||||
<cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>
|
||||
</properties>
|
||||
|
|
|
|||
|
|
@ -3,9 +3,8 @@ package com.baeldung.basic;
|
|||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
|
||||
|
|
@ -15,7 +14,7 @@ import org.springframework.stereotype.Component;
|
|||
public class MyBasicAuthenticationEntryPoint extends BasicAuthenticationEntryPoint {
|
||||
|
||||
@Override
|
||||
public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException, ServletException {
|
||||
public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException {
|
||||
response.addHeader("WWW-Authenticate", "Basic realm=\"" + getRealmName() + "\"");
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
final PrintWriter writer = response.getWriter();
|
||||
|
|
@ -23,7 +22,7 @@ public class MyBasicAuthenticationEntryPoint extends BasicAuthenticationEntryPoi
|
|||
}
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
public void afterPropertiesSet() {
|
||||
setRealmName("Baeldung");
|
||||
super.afterPropertiesSet();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +1,14 @@
|
|||
package com.baeldung.client;
|
||||
|
||||
import org.apache.http.HttpHost;
|
||||
import org.apache.http.client.AuthCache;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.protocol.HttpClientContext;
|
||||
import org.apache.http.impl.auth.DigestScheme;
|
||||
import org.apache.http.impl.client.BasicAuthCache;
|
||||
import org.apache.http.protocol.BasicHttpContext;
|
||||
import org.apache.http.protocol.HttpContext;
|
||||
import org.apache.hc.client5.http.auth.AuthCache;
|
||||
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
|
||||
import org.apache.hc.client5.http.classic.HttpClient;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicAuthCache;
|
||||
import org.apache.hc.client5.http.impl.auth.DigestScheme;
|
||||
import org.apache.hc.client5.http.protocol.HttpClientContext;
|
||||
import org.apache.hc.core5.http.HttpHost;
|
||||
import org.apache.hc.core5.http.protocol.BasicHttpContext;
|
||||
import org.apache.hc.core5.http.protocol.HttpContext;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
||||
|
||||
|
|
@ -21,8 +22,6 @@ public class HttpComponentsClientHttpRequestFactoryDigestAuth extends HttpCompon
|
|||
this.host = host;
|
||||
}
|
||||
|
||||
//
|
||||
|
||||
@Override
|
||||
protected HttpContext createHttpContext(final HttpMethod httpMethod, final URI uri) {
|
||||
return createHttpContext();
|
||||
|
|
@ -34,7 +33,8 @@ public class HttpComponentsClientHttpRequestFactoryDigestAuth extends HttpCompon
|
|||
// Generate DIGEST scheme object, initialize it and add it to the local auth cache
|
||||
final DigestScheme digestAuth = new DigestScheme();
|
||||
// If we already know the realm name
|
||||
digestAuth.overrideParamter("realm", "Custom Realm Name");
|
||||
digestAuth.initPreemptive(new UsernamePasswordCredentials("user1", "user1Pass".toCharArray()),
|
||||
"", "Custom Realm Name");
|
||||
|
||||
// digestAuth.overrideParamter("nonce", "MTM3NTU2OTU4MDAwNzoyYWI5YTQ5MTlhNzc5N2UxMGM5M2Y5M2ViOTc4ZmVhNg==");
|
||||
authCache.put(host, digestAuth);
|
||||
|
|
|
|||
|
|
@ -1,18 +1,19 @@
|
|||
package com.baeldung.spring;
|
||||
|
||||
import org.apache.http.HttpHost;
|
||||
import org.apache.http.auth.AuthScope;
|
||||
import org.apache.http.auth.UsernamePasswordCredentials;
|
||||
import org.apache.http.client.CredentialsProvider;
|
||||
import org.apache.http.impl.client.BasicCredentialsProvider;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import com.baeldung.client.HttpComponentsClientHttpRequestFactoryDigestAuth;
|
||||
import org.apache.hc.client5.http.auth.AuthScope;
|
||||
import org.apache.hc.client5.http.auth.CredentialsProvider;
|
||||
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
|
||||
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
|
||||
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
|
||||
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
|
||||
import org.apache.hc.core5.http.HttpHost;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import com.baeldung.client.HttpComponentsClientHttpRequestFactoryDigestAuth;
|
||||
|
||||
@Configuration
|
||||
public class ClientConfig {
|
||||
private static final String DEFAULT_USER = "user1";
|
||||
|
|
@ -24,7 +25,7 @@ public class ClientConfig {
|
|||
|
||||
@Bean
|
||||
public RestTemplate restTemplate() {
|
||||
HttpHost host = new HttpHost("localhost", 8080, "http");
|
||||
HttpHost host = new HttpHost("http", "localhost", 8080);
|
||||
CloseableHttpClient client = HttpClientBuilder.create().
|
||||
setDefaultCredentialsProvider(provider()).useSystemProperties().build();
|
||||
HttpComponentsClientHttpRequestFactory requestFactory =
|
||||
|
|
@ -34,10 +35,11 @@ public class ClientConfig {
|
|||
}
|
||||
|
||||
private CredentialsProvider provider() {
|
||||
CredentialsProvider provider = new BasicCredentialsProvider();
|
||||
UsernamePasswordCredentials credentials =
|
||||
new UsernamePasswordCredentials("user1", "user1Pass");
|
||||
provider.setCredentials(AuthScope.ANY, credentials);
|
||||
BasicCredentialsProvider provider = new BasicCredentialsProvider();
|
||||
UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(DEFAULT_USER, DEFAULT_PASS.toCharArray());
|
||||
//defining null and -1 it applies to any host and any port
|
||||
final AuthScope authScope = new AuthScope(null, -1);
|
||||
provider.setCredentials(authScope, credentials);
|
||||
return provider;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5,13 +5,13 @@ import org.springframework.context.annotation.Configuration;
|
|||
import org.springframework.web.servlet.ViewResolver;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
import org.springframework.web.servlet.view.InternalResourceViewResolver;
|
||||
import org.springframework.web.servlet.view.JstlView;
|
||||
|
||||
@Configuration
|
||||
@EnableWebMvc
|
||||
public class MvcConfig extends WebMvcConfigurerAdapter {
|
||||
public class MvcConfig implements WebMvcConfigurer {
|
||||
|
||||
public MvcConfig() {
|
||||
super();
|
||||
|
|
@ -21,8 +21,6 @@ public class MvcConfig extends WebMvcConfigurerAdapter {
|
|||
|
||||
@Override
|
||||
public void addViewControllers(final ViewControllerRegistry registry) {
|
||||
super.addViewControllers(registry);
|
||||
|
||||
registry.addViewController("/homepage.html");
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,11 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
|
||||
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd"
|
||||
>
|
||||
<beans:beans xmlns="http://www.springframework.org/schema/security"
|
||||
xmlns:beans="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
||||
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||||
http://www.springframework.org/schema/security
|
||||
https://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
<beans:bean id="digestFilter" class="org.springframework.security.web.authentication.www.DigestAuthenticationFilter">
|
||||
<beans:property name="userDetailsService" ref="userService"/>
|
||||
|
|
|
|||
|
|
@ -2,11 +2,12 @@ package com.baeldung.client;
|
|||
|
||||
import java.io.IOException;
|
||||
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.methods.HttpGet;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import com.baeldung.spring.ClientConfig;
|
||||
|
||||
import org.apache.hc.client5.http.classic.methods.HttpGet;
|
||||
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
|
||||
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
|
||||
import org.apache.hc.core5.http.HttpResponse;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
|
|
@ -24,7 +25,7 @@ public class RawClientLiveTest {
|
|||
CloseableHttpClient httpClient = HttpClientBuilder.create().build();
|
||||
HttpGet getMethod = new HttpGet("http://localhost:8082/spring-security-rest-basic-auth/api/bars/1");
|
||||
HttpResponse response = httpClient.execute(getMethod);
|
||||
System.out.println("HTTP Status of response: " + response.getStatusLine().getStatusCode());
|
||||
System.out.println("HTTP Status of response: " + response.getCode());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue