iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor spring config

Browse Source
This commit is contained in:
Hai Nguyen 2018-08-14 14:41:06 +08:00
parent b96859e09f
commit e080e587a0
6 changed files with 54 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
spring-boot-security-taglibs/src/main/java/org/baeldung/security/Application.java
View File

@ -1,23 +0,0 @@
package org.baeldung.security;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
@SpringBootApplication
public class Application extends SpringBootServletInitializer {
public Application() {
super();
}
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder builder) {
return builder.sources(Application.class);
}
}

40
spring-boot-security-taglibs/src/main/java/org/baeldung/security/ApplicationConfig.java Normal file
View File

@ -0,0 +1,40 @@
package org.baeldung.security;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
@SpringBootApplication
@Configuration
@EnableWebSecurity
public class ApplicationConfig extends WebSecurityConfigurerAdapter {
public static final String DEFAULT_PASSWORD = "password";
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
auth.inMemoryAuthentication()
.passwordEncoder(encoder)
.withUser("testUser")
.password(encoder.encode(DEFAULT_PASSWORD))
.roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf();
http.authorizeRequests()
.antMatchers("/**")
.permitAll()
.and()
.httpBasic();
}
}

2
spring-boot-security-taglibs/src/main/java/org/baeldung/security/HomeController.java
View File

@ -9,10 +9,8 @@ import javax.servlet.http.HttpServletResponse;
@Controller @Controller
@RequestMapping("/") @RequestMapping("/")
public class HomeController { public class HomeController {
@RequestMapping("") @RequestMapping("")
public String home(HttpServletRequest request, HttpServletResponse response) { public String home(HttpServletRequest request, HttpServletResponse response) {
return "home"; return "home";
} }
} }

75
spring-boot-security-taglibs/src/main/java/org/baeldung/security/SecurityConfig.java
View File

@ -1,75 +0,0 @@
package org.baeldung.security;
import java.util.HashSet;
import java.util.Set;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private static final String ROLE_PREFIX = "ROLE_";
public static final String DEFAULT_PASSWORD = "password";
@Bean
static PasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder(10);
}
@Bean
UserDetailsService customUserDetailsService() {
return new UserDetailsService() {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// authenticate, grant ADMIN role and return dummy user
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + "ADMIN"));
return new User(username, bCryptPasswordEncoder().encode(DEFAULT_PASSWORD), authorities);
}
};
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserDetailsService())
.passwordEncoder(bCryptPasswordEncoder());
}
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManager();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf();
http.headers()
.frameOptions()
.sameOrigin();
http.antMatcher("/**")
.userDetailsService(customUserDetailsService())
.authorizeRequests()
.antMatchers("/**")
.permitAll()
.and()
.httpBasic();
}
}

28
spring-boot-security-taglibs/src/main/webapp/WEB-INF/views/home.jsp
View File

@ -1,8 +1,5 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" <%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
pageEncoding="ISO-8859-1"%> <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html> <html>
<head> <head>
@ -11,19 +8,20 @@
<title>Home Page</title> <title>Home Page</title>
</head> </head>
<body> <body>
<sec:authorize access="isAuthenticated()"> <sec:authorize access="isAuthenticated()">
AUTHENTICATED AUTHENTICATED
</sec:authorize> </sec:authorize>
<sec:authorize access="hasRole('ADMIN')"> <sec:authorize access="hasRole('ADMIN')">
ADMIN ROLE ADMIN ROLE
</sec:authorize> </sec:authorize>
<h2>
<h2>principal.username: <sec:authentication property="principal.username" /> </h2> principal.username:
<sec:authentication property="principal.username" />
<form method="post" action="/do/something"> </h2>
<sec:csrfInput /> <form method="post" action="/do/something">
Text Field:<br /> <input type="text" name="textField" /> <sec:csrfInput />
</form> Text Field:<br />
<input type="text" name="textField" />
</form>
</body> </body>
</html> </html>

2
spring-boot-security-taglibs/src/test/java/org/baeldung/security/HomeControllerTest.java
View File

@ -19,7 +19,7 @@ public class HomeControllerTest {
@Test @Test
public void home() throws Exception { public void home() throws Exception {
String body = this.restTemplate.withBasicAuth("testUser", SecurityConfig.DEFAULT_PASSWORD) String body = this.restTemplate.withBasicAuth("testUser", ApplicationConfig.DEFAULT_PASSWORD)
.getForEntity("/", String.class) .getForEntity("/", String.class)
.getBody(); .getBody();
System.out.println(body); System.out.println(body);