Merge pull request #4999 from lor6/BAEL-2061

Bael 2061

pom.xml

@@ -442,6 +442,7 @@
 				<module>spring-4</module>
 				<module>spring-5</module>
 				<module>spring-5-reactive</module>
+				<module>spring-5-reactive-security</module>
 				<module>spring-5-reactive-client</module>
 				<module>spring-5-mvc</module>
 				<module>spring-5-security</module>
@@ -699,6 +700,7 @@
 				<module>spring-4</module>
 				<module>spring-5</module>
 				<module>spring-5-reactive</module>
+				<module>spring-5-reactive-security</module>
 				<module>spring-5-reactive-client</module>
 				<module>spring-5-mvc</module>
 				<module>spring-5-security</module>
@@ -980,6 +982,7 @@
 				<module>spark-java</module>
 				<module>spring-4</module>
 				<module>spring-5-reactive</module>
+				<module>spring-5-reactive-security</module>
 				<module>spring-5-reactive-client</module>
 				<module>spring-5-mvc</module>
 				<module>spring-5-security</module>

spring-5-reactive-security/.gitignore

@@ -0,0 +1,12 @@
+#folders#
+.idea
+/target
+/neoDb*
+/data
+/src/main/webapp/WEB-INF/classes
+*/META-INF/*
+
+# Packaged files #
+*.jar
+*.war
+*.ear

spring-5-reactive-security/README.md

@@ -0,0 +1,11 @@
+## Spring 5 Reactive Security Examples
+
+### The Course
+The "REST With Spring" Classes: http://bit.ly/restwithspring
+
+### Relevant Articles
+
+- [Spring Boot Actuator](http://www.baeldung.com/spring-boot-actuators)
+- [Spring Security 5 for Reactive Applications](http://www.baeldung.com/spring-security-5-reactive)
+- [Guide to Spring 5 WebFlux](http://www.baeldung.com/spring-webflux)
+

spring-5-reactive-security/pom.xml

@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.baeldung</groupId>
+    <artifactId>spring-5-reactive-security</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <packaging>jar</packaging>
+    <name>spring-5-reactive-security</name>
+    <description>spring 5 security sample project about new features</description>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>parent-boot-2</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>../parent-boot-2</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-validation</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-tomcat</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-webflux</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.projectreactor</groupId>
+            <artifactId>reactor-spring</artifactId>
+            <version>${reactor-spring.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>javax.json.bind</groupId>
+            <artifactId>javax.json.bind-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.geronimo.specs</groupId>
+            <artifactId>geronimo-json_1.1_spec</artifactId>
+            <version>${geronimo-json_1.1_spec.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.johnzon</groupId>
+            <artifactId>johnzon-jsonb</artifactId>
+        </dependency>
+        <!-- utils -->
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
+        </dependency>
+
+        <!-- runtime and test scoped -->
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-devtools</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-test</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-collections4</artifactId>
+            <version>${commons-collections4.version}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>io.reactivex.rxjava2</groupId>
+            <artifactId>rxjava</artifactId>
+            <version>${rxjava-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.projectreactor</groupId>
+            <artifactId>reactor-test</artifactId>
+            <version>${project-reactor-test}</version>
+            <scope>test</scope>
+        </dependency>
+	    <dependency>
+	        <groupId>org.springframework.boot</groupId>
+	        <artifactId>spring-boot-starter-security</artifactId>
+	    </dependency>
+	    <dependency>
+	        <groupId>org.springframework.security</groupId>
+	        <artifactId>spring-security-test</artifactId>
+	        <scope>test</scope>
+	    </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <mainClass>com.baeldung.webflux.EmployeeSpringApplication</mainClass>
+                    <layout>JAR</layout>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <properties>
+        <reactor-spring.version>1.0.1.RELEASE</reactor-spring.version>
+        <rxjava-version>2.1.12</rxjava-version>
+        <johnzon.version>1.1.3</johnzon.version>
+        <jsonb-api.version>1.0</jsonb-api.version>
+        <geronimo-json_1.1_spec.version>1.0</geronimo-json_1.1_spec.version>
+        <commons-collections4.version>4.1</commons-collections4.version>
+        <project-reactor-test>3.1.6.RELEASE</project-reactor-test>
+    </properties>
+
+</project>

spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/Spring5ReactiveApplication.java

@@ -0,0 +1,15 @@
+package com.baeldung.reactive.actuator;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
+
+@SpringBootApplication
+public class Spring5ReactiveApplication{
+
+    public static void main(String[] args) {
+        SpringApplication.run(Spring5ReactiveApplication.class, args);
+    }
+
+}

spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/WebSecurityConfig.java

@@ -22,7 +22,7 @@ public class WebSecurityConfig {
             .authorizeExchange()
                 .matchers(EndpointRequest.to(
                        FeaturesEndpoint.class
-                )).permitAll().and().csrf().disable().build();
+                )).permitAll().anyExchange().permitAll().and().csrf().disable().build();
     }
     
 }

spring-5-reactive-security/src/main/java/com/baeldung/reactive/security/SecurityConfig.java

@@ -8,6 +8,8 @@ import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
 import com.baeldung.reactive.actuator.FeaturesEndpoint;
@@ -35,19 +37,24 @@ public class SecurityConfig {
 
     @Bean
     public MapReactiveUserDetailsService userDetailsService() {
-        UserDetails user = User.withDefaultPasswordEncoder()
-            .username("user")
-            .password("password")
+        UserDetails user = User
+            .withUsername("user")
+            .password(passwordEncoder().encode("password"))
             .roles("USER")
             .build();
 
-        UserDetails admin = User.withDefaultPasswordEncoder()
-            .username("admin")
-            .password("password")
+        UserDetails admin = User
+            .withUsername("admin")
+            .password(passwordEncoder().encode("password"))
             .roles("ADMIN")
             .build();
 
         return new MapReactiveUserDetailsService(user, admin);
     }
     
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+    	return new BCryptPasswordEncoder();
+    }
+
 }

spring-5-reactive-security/src/main/java/com/baeldung/reactive/security/SpringSecurity5Application.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive;
+package com.baeldung.reactive.security;
 
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.AnnotationConfigApplicationContext;

spring-5-reactive-security/src/main/java/com/baeldung/webflux/Employee.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import lombok.AllArgsConstructor;
 import lombok.Data;

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeConfig.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import java.util.HashMap;
 import java.util.Map;

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeController.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeCreationEvent.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import lombok.AllArgsConstructor;
 import lombok.Data;

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeRepository.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import java.util.HashMap;
 import java.util.Map;

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeSpringApplication.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeWebClient.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import org.springframework.web.reactive.function.client.WebClient;
 

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeWebSecurityConfig.java

@@ -1,5 +1,6 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
@@ -7,6 +8,8 @@ import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
 @EnableWebFluxSecurity
@@ -14,9 +17,9 @@ public class EmployeeWebSecurityConfig {
 	
     @Bean
     public MapReactiveUserDetailsService userDetailsService() {
-        UserDetails user = User.withDefaultPasswordEncoder()
-            .username("admin")
-            .password("password")
+        UserDetails user = User
+            .withUsername("admin")
+            .password(passwordEncoder().encode("password"))
             .roles("ADMIN")
             .build();
         return new MapReactiveUserDetailsService(user);
@@ -35,4 +38,9 @@ public class EmployeeWebSecurityConfig {
             .httpBasic();
         return http.build();
     }
+    
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+    	return new BCryptPasswordEncoder();
+    }
 }

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeWebSocketClient.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import java.net.URI;
 

spring-5-reactive-security/src/main/java/com/baeldung/webflux/EmployeeWebSocketHandler.java

@@ -1,4 +1,4 @@
-package com.baeldung.reactive.webflux;
+package com.baeldung.webflux;
 
 import static java.time.LocalDateTime.now;
 import static java.util.UUID.randomUUID;

spring-5-reactive-security/src/main/resources/application.properties

@@ -0,0 +1,5 @@
+logging.level.root=INFO
+
+management.endpoints.web.exposure.include.=*
+
+info.app.name=Spring Boot 2 actuator Application

spring-5-reactive-security/src/main/resources/files/hello.txt

@@ -0,0 +1 @@
+hello

spring-5-reactive-security/src/main/resources/files/test/test.txt

@@ -0,0 +1 @@
+test

spring-5-reactive-security/src/main/resources/logback.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+            </pattern>
+        </encoder>
+    </appender>
+
+    <root level="INFO">
+        <appender-ref ref="STDOUT" />
+    </root>
+</configuration>

spring-5-reactive-security/src/main/resources/static/client-websocket.html

@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<title>Baeldung: Spring 5 Reactive Client WebSocket (Browser)</title>
+</head>
+<body>
+
+	<div class="events"></div>
+	<script>
+		var clientWebSocket = new WebSocket("ws://localhost:8080/event-emitter");
+		clientWebSocket.onopen = function() {
+			console.log("clientWebSocket.onopen", clientWebSocket);
+			console.log("clientWebSocket.readyState", "websocketstatus");
+			clientWebSocket.send("event-me-from-browser");
+		}
+		clientWebSocket.onclose = function(error) {
+			console.log("clientWebSocket.onclose", clientWebSocket, error);
+			events("Closing connection");
+		}
+		clientWebSocket.onerror = function(error) {
+			console.log("clientWebSocket.onerror", clientWebSocket, error);
+			events("An error occured");
+		}
+		clientWebSocket.onmessage = function(error) {
+			console.log("clientWebSocket.onmessage", clientWebSocket, error);
+			events(error.data);
+		}
+		function events(responseEvent) {
+			document.querySelector(".events").innerHTML += responseEvent + "<br>";
+		}
+	</script>
+</body>
+</html>

spring-5-reactive-security/src/main/webapp/WEB-INF/web.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
+         version="3.1">
+
+    <display-name>Spring Functional Application</display-name>
+
+    <servlet>
+        <servlet-name>functional</servlet-name>
+        <servlet-class>com.baeldung.functional.RootServlet</servlet-class>
+        <load-on-startup>1</load-on-startup>
+        <async-supported>true</async-supported>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>functional</servlet-name>
+        <url-pattern>/</url-pattern>
+    </servlet-mapping>
+
+
+</web-app>

spring-5-reactive-security/src/test/java/com/baeldung/reactive/actuator/ActuatorInfoIntegrationTest.java

@@ -9,8 +9,6 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.test.context.junit4.SpringRunner;
 
-import com.baeldung.reactive.Spring5ReactiveApplication;
-
 import java.io.IOException;
 
 import static org.junit.Assert.assertEquals;

spring-5-reactive-security/src/test/java/com/baeldung/reactive/webflux/EmployeeControllerIntegrationTest.java

@@ -15,7 +15,9 @@ import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.reactive.server.WebTestClient;
 
-import com.baeldung.reactive.Spring5ReactiveApplication;
+import com.baeldung.reactive.actuator.Spring5ReactiveApplication;
+import com.baeldung.webflux.Employee;
+import com.baeldung.webflux.EmployeeRepository;
 
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;

spring-5-reactive-security/src/test/java/com/baeldung/security/SecurityIntegrationTest.java

@@ -1,6 +1,5 @@
 package com.baeldung.security;
 
-import com.baeldung.reactive.SpringSecurity5Application;
 import org.junit.Before;
 import org.junit.Ignore;
 import org.junit.Test;
@@ -12,6 +11,8 @@ import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.reactive.server.WebTestClient;
 
+import com.baeldung.reactive.security.SpringSecurity5Application;
+
 @RunWith(SpringRunner.class)
 @ContextConfiguration(classes = SpringSecurity5Application.class)
 public class SecurityIntegrationTest {

spring-5-reactive/README.md

@@ -1,4 +1,4 @@
-## Spring REST Example Project
+## Spring 5 Reactive Project
 
 ### The Course
 The "REST With Spring" Classes: http://bit.ly/restwithspring
@@ -7,12 +7,9 @@ The "REST With Spring" Classes: http://bit.ly/restwithspring
 
 - [Introduction to the Functional Web Framework in Spring 5](http://www.baeldung.com/spring-5-functional-web)
 - [Spring 5 WebClient](http://www.baeldung.com/spring-5-webclient)
-- [Spring Boot Actuator](http://www.baeldung.com/spring-boot-actuators)
 - [Exploring the Spring 5 MVC URL Matching Improvements](http://www.baeldung.com/spring-5-mvc-url-matching)
-- [Spring Security 5 for Reactive Applications](http://www.baeldung.com/spring-security-5-reactive)
 - [Reactive WebSockets with Spring 5](http://www.baeldung.com/spring-5-reactive-websockets)
 - [Spring Webflux Filters](http://www.baeldung.com/spring-webflux-filters)
 - [How to Set a Header on a Response with Spring 5](http://www.baeldung.com/spring-response-header)
 - [Spring Webflux and CORS](http://www.baeldung.com/spring-webflux-cors)
 - [Handling Errors in Spring WebFlux](http://www.baeldung.com/spring-webflux-errors)
-- [Guide to Spring 5 WebFlux](http://www.baeldung.com/spring-webflux)

spring-5-reactive/pom.xml

@@ -39,10 +39,6 @@
             <groupId>javax.json.bind</groupId>
             <artifactId>javax.json.bind-api</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-actuator</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
@@ -86,10 +82,6 @@
             <version>${commons-collections4.version}</version>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>org.apache.commons</groupId>
-            <artifactId>commons-lang3</artifactId>
-        </dependency>
 
         <dependency>
             <groupId>io.reactivex.rxjava2</groupId>
@@ -102,15 +94,6 @@
             <version>${project-reactor-test}</version>
             <scope>test</scope>
         </dependency>
-	    <dependency>
-	        <groupId>org.springframework.boot</groupId>
-	        <artifactId>spring-boot-starter-security</artifactId>
-	    </dependency>
-	    <dependency>
-	        <groupId>org.springframework.security</groupId>
-	        <artifactId>spring-security-test</artifactId>
-	        <scope>test</scope>
-	    </dependency>
     </dependencies>
 
     <build>

spring-5-reactive/src/main/java/com/baeldung/functional/FunctionalSpringBootApplication.java

@@ -21,9 +21,6 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.http.server.reactive.HttpHandler;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.web.reactive.function.server.RouterFunction;
 import org.springframework.web.reactive.function.server.RouterFunctions;
 import org.springframework.web.reactive.function.server.ServerResponse;
@@ -68,18 +65,6 @@ public class FunctionalSpringBootApplication {
         return registrationBean;
     }
 
-    @Configuration
-    @EnableWebSecurity
-    @Profile("!https")
-    static class SecurityConfig extends WebSecurityConfigurerAdapter {
-        @Override
-        protected void configure(final HttpSecurity http) throws Exception {
-            http.authorizeRequests()
-                .anyRequest()
-                .permitAll();
-        }
-    }
-
     public static void main(String[] args) {
         SpringApplication.run(FunctionalSpringBootApplication.class, args);
     }

spring-5-reactive/src/main/resources/application.properties

@@ -1,5 +1,2 @@
 logging.level.root=INFO
 
-management.endpoints.web.exposure.include.=*
-
-info.app.name=Spring Boot 2 actuator Application