iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

move multiple login project (#1140)

This commit is contained in:
lor6 2017-02-09 11:56:34 +02:00 committed by Eugen
parent b18f2a58c8
commit bfb364769c
13 changed files with 375 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
spring-security-custom-permission/pom.xml
View File

@ -128,6 +128,12 @@
<artifactId>spring-security-taglibs</artifactId>
<version>${spring-security-taglibs.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring-security-core.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet.jsp.jstl</groupId>
@ -280,11 +286,15 @@
<start-class>org.baeldung.Application</start-class>
<!--If you want to run the example with the voters comment the tag above and uncomment the one below-->
<!--<start-class>org.baeldung.voter.VoterApplication</start-class>-->
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<!--If you want to run the example with the multiple logins, comment the tag above and uncomment the one below-->
<!--<start-class>org.baeldung.multiplelogin.MultipleLoginApplication</start-class>-->
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
<derby.version>10.13.1.1</derby.version>
<taglibs-standard.version>1.1.2</taglibs-standard.version>
<spring-security-taglibs.version>4.2.0.RELEASE</spring-security-taglibs.version>
<spring-security-core.version>4.2.0.RELEASE</spring-security-core.version>
<jstl.version>1.2</jstl.version>
<rest-assured.version>2.4.0</rest-assured.version>
<cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>

2
spring-security-custom-permission/src/main/java/org/baeldung/Application.java
View File

@ -9,7 +9,7 @@ import org.springframework.context.annotation.FilterType;
@Configuration
@EnableAutoConfiguration
@ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"))
@ComponentScan(excludeFilters = {@ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"), @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.multiplelogin.*")})
public class Application extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);

22
spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java Normal file
View File

@ -0,0 +1,22 @@
package org.baeldung.multiplelogin;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.context.web.SpringBootServletInitializer;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
@SpringBootApplication
@ComponentScan("org.baeldung.multiplelogin")
public class MultipleLoginApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(MultipleLoginApplication.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(MultipleLoginApplication.class);
}
}

45
spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java Normal file
View File

@ -0,0 +1,45 @@
package org.baeldung.multiplelogin;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
import org.springframework.web.servlet.view.JstlView;
import org.springframework.context.annotation.ComponentScan;
@EnableWebMvc
@Configuration
@ComponentScan("org.baeldung.controller")
public class MultipleLoginMvcConfig extends WebMvcConfigurerAdapter {
public MultipleLoginMvcConfig() {
super();
}
// API
@Override
public void addViewControllers(final ViewControllerRegistry registry) {
super.addViewControllers(registry);
registry.addViewController("/anonymous.html");
registry.addViewController("/login.html");
registry.addViewController("/homepage.html");
registry.addViewController("/console.html");
}
@Bean
public ViewResolver viewResolver() {
final InternalResourceViewResolver bean = new InternalResourceViewResolver();
bean.setViewClass(JstlView.class);
bean.setPrefix("/WEB-INF/view/");
bean.setSuffix(".jsp");
return bean;
}
}

122
spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java Normal file
View File

@ -0,0 +1,122 @@
package org.baeldung.multiplelogin;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.TestingAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@Configuration
@EnableWebSecurity
public class MultipleLoginSecurityConfig {
@Bean
public UserDetailsService userDetailsService() throws Exception {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("user")
.password("userPass")
.roles("USER")
.build());
manager.createUser(User.withUsername("admin")
.password("adminPass")
.roles("ADMIN")
.build());
return manager;
}
@Configuration
@Order(1)
public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
public App1ConfigurationAdapter() {
super();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("admin")
.password("admin")
.roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/admin*")
.authorizeRequests()
.anyRequest()
.hasRole("ADMIN")
// log in
.and()
.formLogin()
.loginPage("/loginAdmin")
.loginProcessingUrl("/admin_login")
.failureUrl("/loginAdmin?error=loginError")
.defaultSuccessUrl("/adminPage")
// logout
.and()
.logout()
.logoutUrl("/admin_logout")
.logoutSuccessUrl("/protectedLinks")
.deleteCookies("JSESSIONID")
.and()
.exceptionHandling()
.accessDeniedPage("/403")
.and()
.csrf()
.disable();
}
}
@Configuration
@Order(2)
public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
public App2ConfigurationAdapter() {
super();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user")
.password("user")
.roles("USER");
}
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/user*")
.authorizeRequests()
.anyRequest()
.hasRole("USER")
// log in
.and()
.formLogin()
.loginPage("/loginUser")
.loginProcessingUrl("/user_login")
.failureUrl("/loginUser?error=loginError")
.defaultSuccessUrl("/userPage")
// logout
.and()
.logout()
.logoutUrl("/user_logout")
.logoutSuccessUrl("/protectedLinks")
.deleteCookies("JSESSIONID")
.and()
.exceptionHandling()
.accessDeniedPage("/403")
.and()
.csrf()
.disable();
}
}
}

38
spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java Normal file
View File

@ -0,0 +1,38 @@
package org.baeldung.multiplelogin;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class UsersController {
@RequestMapping("/protectedLinks")
public String getAnonymousPage() {
return "protectedLinks";
}
@RequestMapping("/userPage")
public String getUserPage() {
return "userPage";
}
@RequestMapping("/adminPage")
public String getAdminPage() {
return "adminPage";
}
@RequestMapping("/loginAdmin")
public String getAdminLoginPage() {
return "loginAdmin";
}
@RequestMapping("/loginUser")
public String getUserLoginPage() {
return "loginUser";
}
@RequestMapping("/403")
public String getAccessDeniedPage() {
return "403";
}
}

10
spring-security-custom-permission/src/main/resources/templates/403.html Normal file
View File

@ -0,0 +1,10 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title></title>
</head>
<body>
You do not have permission to view this page.
</body>
</html>

13
spring-security-custom-permission/src/main/resources/templates/adminPage.html Normal file
View File

@ -0,0 +1,13 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Insert title here</title>
</head>
<body>
Welcome admin! <a th:href="@{/admin_logout}" >Logout</a>
<br /><br />
<a th:href="@{/protectedLinks}" >Back to links</a>
</body>
</html>

27
spring-security-custom-permission/src/main/resources/templates/login.html Normal file
View File

@ -0,0 +1,27 @@
<html>
<head></head>
<body>
<h1>Login</h1>
<form name='f' action="login" method='POST'>
<table>
<tr>
<td>User:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="submit" /></td>
</tr>
</table>
</form>
</body>
</html>

31
spring-security-custom-permission/src/main/resources/templates/loginAdmin.html Normal file
View File

@ -0,0 +1,31 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Insert title here</title>
</head>
<body>
<p>Admin login page</p>
<form name="f" action="admin_login" method="POST">
<table>
<tr>
<td>User:</td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="submit" /></td>
</tr>
</table>
</form>
<p th:if="${param.error}">Login failed!</p>
</body>
</html>

30
spring-security-custom-permission/src/main/resources/templates/loginUser.html Normal file
View File

@ -0,0 +1,30 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Login</title>
</head>
<body>
<p>User login page</p>
<form name="f" action="user_login" method="POST">
<table>
<tr>
<td>User:</td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="submit" /></td>
</tr>
</table>
</form>
<p th:if="${param.error}">Login failed!</p>
</body>
</html>

13
spring-security-custom-permission/src/main/resources/templates/protectedLinks.html Normal file
View File

@ -0,0 +1,13 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Insert title here</title>
</head>
<body>
<a th:href="@{/userPage}">User page</a>
<br />
<a th:href="@{/adminPage}">Admin page</a>
</body>
</html>

12
spring-security-custom-permission/src/main/resources/templates/userPage.html Normal file
View File

@ -0,0 +1,12 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Insert title here</title>
</head>
<body>
Welcome user! <a th:href="@{/user_logout}" >Logout</a>
<br /><br />
<a th:href="@{/protectedLinks}" >Back to links</a>
</body>
</html>