BAEL-2262 Demo Spring Boot App for HTTPS enabled. (#5513)

* BAEL-1979 Added examples for SnakeYAML Library

* BAEL-1979 Moved the snakeyaml related code to libraries module

* BAEL-1979 Removed the System.out.println() statements and converted the assertTrue to assertEquals wherever possible.

* BAEL-1979 Removed println statements, small formatting fix in pom.xml

* BAEL-1466 Added a new module for apache-geode

* BAEL-1466 Updated the Integration Tests.

* BAEL-1466 Updated the Integration Tests.

* BAEL-1466 Updated the Integration Tests.

* BAEL-1466 Removed the Unnecessary code.

* BAEL-2262 Added code for demonstration of HTTPS enabled Spring Boot Application
This commit is contained in:
sandy03934 2018-10-22 01:11:25 +05:30 committed by maibin
parent c0132660e3
commit d67ad2151b
8 changed files with 158 additions and 1 deletions

View File

@ -230,11 +230,15 @@
<!--If you want to run the example with the multiple http elements,
comment the tag above and uncomment the one below -->
<!--<start-class>org.baeldung.multipleentrypoints.MultipleEntryPointsApplication</start-class>-->
<!--If you want to run the example with the Https enabled endpoints,
comment the tag above and uncomment the one below -->
<!-- <start-class>org.baeldung.ssl.HttpsEnabledApplication</start-class> -->
<taglibs-standard.version>1.1.2</taglibs-standard.version>
<jstl.version>1.2</jstl.version>
<cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>
<ehcache-core.version>2.6.11</ehcache-core.version>
<java.version>1.8</java.version>
</properties>
</project>

View File

@ -0,0 +1,14 @@
package org.baeldung.ssl;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class HttpsEnabledApplication {
public static void main(String... args) {
SpringApplication application = new SpringApplication(HttpsEnabledApplication.class);
application.setAdditionalProfiles("ssl");
application.run(args);
}
}

View File

@ -0,0 +1,36 @@
package org.baeldung.ssl;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("memuser")
.password(passwordEncoder().encode("pass"))
.roles("USER");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic()
.and()
.authorizeRequests()
.antMatchers("/**")
.authenticated();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

View File

@ -0,0 +1,15 @@
package org.baeldung.ssl;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
public class WelcomeController {
@GetMapping("/welcome")
public String welcome() {
return "ssl/welcome";
}
}

View File

@ -0,0 +1,20 @@
http.port=8080
server.port=8443
security.require-ssl=true
# The format used for the keystore
server.ssl.key-store-type=PKCS12
# The path to the keystore containing the certificate
server.ssl.key-store=classpath:keystore/baeldung.p12
# The password used to generate the certificate
server.ssl.key-store-password=password
# The alias mapped to the certificate
server.ssl.key-alias=baeldung
#trust store location
trust.store=classpath:keystore/baeldung.p12
#trust store password
trust.store.password=password

View File

@ -0,0 +1 @@
<h1>Welcome to Secured Site</h1>

View File

@ -0,0 +1,67 @@
package org.baeldung.web;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.baeldung.ssl.HttpsEnabledApplication;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.io.Resource;
import org.springframework.http.*;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.web.client.RestTemplate;
import javax.net.ssl.SSLContext;
import java.util.Base64;
import static org.junit.Assert.assertEquals;
@RunWith(SpringRunner.class)
@SpringBootTest(classes = HttpsEnabledApplication.class, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
@ActiveProfiles("ssl")
public class HttpsApplicationIntegrationTest {
private static final String WELCOME_URL = "https://localhost:8443/welcome";
@Value("${trust.store}")
private Resource trustStore;
@Value("${trust.store.password}")
private String trustStorePassword;
@Test
public void whenGETanHTTPSResource_thenCorrectResponse() throws Exception {
ResponseEntity<String> response = restTemplate().exchange(WELCOME_URL, HttpMethod.GET, new HttpEntity<String>(withAuthorization("memuser", "pass")), String.class);
assertEquals("<h1>Welcome to Secured Site</h1>", response.getBody());
assertEquals(HttpStatus.OK, response.getStatusCode());
}
RestTemplate restTemplate() throws Exception {
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(trustStore.getURL(), trustStorePassword.toCharArray())
.build();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext);
HttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(socketFactory)
.build();
HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
return new RestTemplate(factory);
}
HttpHeaders withAuthorization(String userName, String password) {
return new HttpHeaders() {
{
String auth = userName + ":" + password;
String authHeader = "Basic " + new String(Base64.getEncoder()
.encode(auth.getBytes()));
set("Authorization", authHeader);
}
};
}
}