BAEL-2262 Demo Spring Boot App for HTTPS enabled. (#5513)

* BAEL-1979 Added examples for SnakeYAML Library

* BAEL-1979 Moved the snakeyaml related code to libraries module

* BAEL-1979 Removed the System.out.println() statements and converted the assertTrue to assertEquals wherever possible.

* BAEL-1979 Removed println statements, small formatting fix in pom.xml

* BAEL-1466 Added a new module for apache-geode

* BAEL-1466 Updated the Integration Tests.

* BAEL-1466 Updated the Integration Tests.

* BAEL-1466 Updated the Integration Tests.

* BAEL-1466 Removed the Unnecessary code.

* BAEL-2262 Added code for demonstration of HTTPS enabled Spring Boot Application

spring-security-mvc-boot/pom.xml

@@ -229,12 +229,16 @@
         <!--<start-class>org.baeldung.multiplelogin.MultipleLoginApplication</start-class> -->
         <!--If you want to run the example with the multiple http elements, 
             comment the tag above and uncomment the one below -->
-        <!--<start-class>org.baeldung.multipleentrypoints.MultipleEntryPointsApplication</start-class> -->
+        <!--<start-class>org.baeldung.multipleentrypoints.MultipleEntryPointsApplication</start-class>-->
+        <!--If you want to run the example with the Https enabled endpoints,
+            comment the tag above and uncomment the one below -->
+       <!-- <start-class>org.baeldung.ssl.HttpsEnabledApplication</start-class> -->
 
         <taglibs-standard.version>1.1.2</taglibs-standard.version>
         <jstl.version>1.2</jstl.version>
         <cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>
         <ehcache-core.version>2.6.11</ehcache-core.version>
+        <java.version>1.8</java.version>
     </properties>
 
 </project>

spring-security-mvc-boot/src/main/java/org/baeldung/ssl/HttpsEnabledApplication.java

@@ -0,0 +1,14 @@
+package org.baeldung.ssl;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class HttpsEnabledApplication {
+
+    public static void main(String... args) {
+        SpringApplication application = new SpringApplication(HttpsEnabledApplication.class);
+        application.setAdditionalProfiles("ssl");
+        application.run(args);
+    }
+}

spring-security-mvc-boot/src/main/java/org/baeldung/ssl/SecurityConfig.java

@@ -0,0 +1,36 @@
+package org.baeldung.ssl;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    public void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+        auth.inMemoryAuthentication()
+            .withUser("memuser")
+            .password(passwordEncoder().encode("pass"))
+            .roles("USER");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.httpBasic()
+            .and()
+            .authorizeRequests()
+            .antMatchers("/**")
+            .authenticated();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}

spring-security-mvc-boot/src/main/java/org/baeldung/ssl/WelcomeController.java

@@ -0,0 +1,15 @@
+package org.baeldung.ssl;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Controller
+public class WelcomeController {
+
+    @GetMapping("/welcome")
+    public String welcome() {
+        return "ssl/welcome";
+    }
+
+}

spring-security-mvc-boot/src/main/resources/application-ssl.properties

@@ -0,0 +1,20 @@
+
+http.port=8080
+
+server.port=8443
+
+security.require-ssl=true
+
+# The format used for the keystore
+server.ssl.key-store-type=PKCS12
+# The path to the keystore containing the certificate
+server.ssl.key-store=classpath:keystore/baeldung.p12
+# The password used to generate the certificate
+server.ssl.key-store-password=password
+# The alias mapped to the certificate
+server.ssl.key-alias=baeldung
+
+#trust store location
+trust.store=classpath:keystore/baeldung.p12
+#trust store password
+trust.store.password=password

spring-security-mvc-boot/src/main/resources/templates/ssl/welcome.html

@@ -0,0 +1 @@
+<h1>Welcome to Secured Site</h1>

spring-security-mvc-boot/src/test/java/org/baeldung/web/HttpsApplicationIntegrationTest.java

@@ -0,0 +1,67 @@
+package org.baeldung.web;
+
+import org.apache.http.client.HttpClient;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.ssl.SSLContextBuilder;
+import org.baeldung.ssl.HttpsEnabledApplication;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.core.io.Resource;
+import org.springframework.http.*;
+import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.web.client.RestTemplate;
+
+import javax.net.ssl.SSLContext;
+import java.util.Base64;
+
+import static org.junit.Assert.assertEquals;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(classes = HttpsEnabledApplication.class, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
+@ActiveProfiles("ssl")
+public class HttpsApplicationIntegrationTest {
+
+    private static final String WELCOME_URL = "https://localhost:8443/welcome";
+
+    @Value("${trust.store}")
+    private Resource trustStore;
+
+    @Value("${trust.store.password}")
+    private String trustStorePassword;
+
+    @Test
+    public void whenGETanHTTPSResource_thenCorrectResponse() throws Exception {
+        ResponseEntity<String> response = restTemplate().exchange(WELCOME_URL, HttpMethod.GET, new HttpEntity<String>(withAuthorization("memuser", "pass")), String.class);
+
+        assertEquals("<h1>Welcome to Secured Site</h1>", response.getBody());
+        assertEquals(HttpStatus.OK, response.getStatusCode());
+    }
+
+    RestTemplate restTemplate() throws Exception {
+        SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(trustStore.getURL(), trustStorePassword.toCharArray())
+            .build();
+        SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext);
+        HttpClient httpClient = HttpClients.custom()
+            .setSSLSocketFactory(socketFactory)
+            .build();
+        HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
+        return new RestTemplate(factory);
+    }
+
+    HttpHeaders withAuthorization(String userName, String password) {
+        return new HttpHeaders() {
+            {
+                String auth = userName + ":" + password;
+                String authHeader = "Basic " + new String(Base64.getEncoder()
+                    .encode(auth.getBytes()));
+                set("Authorization", authHeader);
+            }
+        };
+    }
+
+}