Bael 2262 : Removed the basic authentication from HTTPS Enabled Application (#5516)

* BAEL-1979 Added examples for SnakeYAML Library * BAEL-1979 Moved the snakeyaml related code to libraries module * BAEL-1979 Removed the System.out.println() statements and converted the assertTrue to assertEquals wherever possible. * BAEL-1979 Removed println statements, small formatting fix in pom.xml * BAEL-1466 Added a new module for apache-geode * BAEL-1466 Updated the Integration Tests. * BAEL-1466 Updated the Integration Tests. * BAEL-1466 Updated the Integration Tests. * BAEL-1466 Removed the Unnecessary code. * BAEL-2262 Added code for demonstration of HTTPS enabled Spring Boot Application * BAEL-2262 Removed the Basic Authentication from the HttpsEnabledApplication.
2018-10-22 21:08:39 +05:30 · 2018-10-22 21:08:39 +05:30 · c533462382
parent f83798f80c
commit c533462382
2 changed files with 7 additions and 38 deletions
--- a/spring-security-mvc-boot/src/main/java/org/baeldung/ssl/SecurityConfig.java
+++ b/spring-security-mvc-boot/src/main/java/org/baeldung/ssl/SecurityConfig.java
@ -1,36 +1,16 @@
 package org.baeldung.ssl;

-import org.springframework.context.annotation.Bean;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;

@EnableWebSecurity
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

-    @Override
-    public void configure(AuthenticationManagerBuilder auth) throws Exception {
-
-        auth.inMemoryAuthentication()
-            .withUser("memuser")
-            .password(passwordEncoder().encode("pass"))
-            .roles("USER");
-    }
-
    @Override
    protected void configure(HttpSecurity http) throws Exception {
-        http.httpBasic()
-            .and()
-            .authorizeRequests()
-            .antMatchers("/**")
-            .authenticated();
-    }
-
-    @Bean
-    public PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
+        http.authorizeRequests()
+                .antMatchers("/**")
+                .permitAll();
    }
 }
--- a/spring-security-mvc-boot/src/test/java/org/baeldung/web/HttpsApplicationIntegrationTest.java
+++ b/spring-security-mvc-boot/src/test/java/org/baeldung/web/HttpsApplicationIntegrationTest.java
@ -10,14 +10,15 @@ import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.core.io.Resource;
-import org.springframework.http.*;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.web.client.RestTemplate;

 import javax.net.ssl.SSLContext;
-import java.util.Base64;
+import java.util.Collections;

 import static org.junit.Assert.assertEquals;

@ -36,7 +37,7 @@ public class HttpsApplicationIntegrationTest {

    @Test
    public void whenGETanHTTPSResource_thenCorrectResponse() throws Exception {
-        ResponseEntity<String> response = restTemplate().exchange(WELCOME_URL, HttpMethod.GET, new HttpEntity<String>(withAuthorization("memuser", "pass")), String.class);
+        ResponseEntity<String> response = restTemplate().getForEntity(WELCOME_URL, String.class, Collections.emptyMap());

        assertEquals("<h1>Welcome to Secured Site</h1>", response.getBody());
        assertEquals(HttpStatus.OK, response.getStatusCode());
@ -52,16 +53,4 @@ public class HttpsApplicationIntegrationTest {
        HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
        return new RestTemplate(factory);
    }
-
-    HttpHeaders withAuthorization(String userName, String password) {
-        return new HttpHeaders() {
-            {
-                String auth = userName + ":" + password;
-                String authHeader = "Basic " + new String(Base64.getEncoder()
-                    .encode(auth.getBytes()));
-                set("Authorization", authHeader);
-            }
-        };
-    }
-
 }