Bael 2262 : Removed the basic authentication from HTTPS Enabled Application (#5516)
* BAEL-1979 Added examples for SnakeYAML Library * BAEL-1979 Moved the snakeyaml related code to libraries module * BAEL-1979 Removed the System.out.println() statements and converted the assertTrue to assertEquals wherever possible. * BAEL-1979 Removed println statements, small formatting fix in pom.xml * BAEL-1466 Added a new module for apache-geode * BAEL-1466 Updated the Integration Tests. * BAEL-1466 Updated the Integration Tests. * BAEL-1466 Updated the Integration Tests. * BAEL-1466 Removed the Unnecessary code. * BAEL-2262 Added code for demonstration of HTTPS enabled Spring Boot Application * BAEL-2262 Removed the Basic Authentication from the HttpsEnabledApplication.
This commit is contained in:
sandy03934
maibin
parent
f83798f80c
commit
c533462382
|
|
@ -1,36 +1,16 @@
|
||||||
package org.baeldung.ssl;
|
package org.baeldung.ssl;
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
||||||
|
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
@Override
|
|
||||||
public void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
||||||
|
|
||||||
auth.inMemoryAuthentication()
|
|
||||||
.withUser("memuser")
|
|
||||||
.password(passwordEncoder().encode("pass"))
|
|
||||||
.roles("USER");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http.httpBasic()
|
http.authorizeRequests()
|
||||||
.and()
|
.antMatchers("/**")
|
||||||
.authorizeRequests()
|
.permitAll();
|
||||||
.antMatchers("/**")
|
|
||||||
.authenticated();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
public PasswordEncoder passwordEncoder() {
|
|
||||||
return new BCryptPasswordEncoder();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -10,14 +10,15 @@ import org.junit.runner.RunWith;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.boot.test.context.SpringBootTest;
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
import org.springframework.core.io.Resource;
|
import org.springframework.core.io.Resource;
|
||||||
import org.springframework.http.*;
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
||||||
import org.springframework.test.context.ActiveProfiles;
|
import org.springframework.test.context.ActiveProfiles;
|
||||||
import org.springframework.test.context.junit4.SpringRunner;
|
import org.springframework.test.context.junit4.SpringRunner;
|
||||||
import org.springframework.web.client.RestTemplate;
|
import org.springframework.web.client.RestTemplate;
|
||||||
|
|
||||||
import javax.net.ssl.SSLContext;
|
import javax.net.ssl.SSLContext;
|
||||||
import java.util.Base64;
|
import java.util.Collections;
|
||||||
|
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
|
|
||||||
|
|
@ -36,7 +37,7 @@ public class HttpsApplicationIntegrationTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void whenGETanHTTPSResource_thenCorrectResponse() throws Exception {
|
public void whenGETanHTTPSResource_thenCorrectResponse() throws Exception {
|
||||||
ResponseEntity<String> response = restTemplate().exchange(WELCOME_URL, HttpMethod.GET, new HttpEntity<String>(withAuthorization("memuser", "pass")), String.class);
|
ResponseEntity<String> response = restTemplate().getForEntity(WELCOME_URL, String.class, Collections.emptyMap());
|
||||||
|
|
||||||
assertEquals("<h1>Welcome to Secured Site</h1>", response.getBody());
|
assertEquals("<h1>Welcome to Secured Site</h1>", response.getBody());
|
||||||
assertEquals(HttpStatus.OK, response.getStatusCode());
|
assertEquals(HttpStatus.OK, response.getStatusCode());
|
||||||
|
|
@ -52,16 +53,4 @@ public class HttpsApplicationIntegrationTest {
|
||||||
HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
|
HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
|
||||||
return new RestTemplate(factory);
|
return new RestTemplate(factory);
|
||||||
}
|
}
|
||||||
|
|
||||||
HttpHeaders withAuthorization(String userName, String password) {
|
|
||||||
return new HttpHeaders() {
|
|
||||||
{
|
|
||||||
String auth = userName + ":" + password;
|
|
||||||
String authHeader = "Basic " + new String(Base64.getEncoder()
|
|
||||||
.encode(auth.getBytes()));
|
|
||||||
set("Authorization", authHeader);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue