iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed both Thymeleaf and Interceptors articles (#699) 

* Expression-Based Access Control

PermitAll, hasRole, hasAnyRole etc.
I modified classes regards to Security

* Added test cases for Spring Security Expressions

* Handler Interceptor - logging example

* Test for logger interceptor

* Removed conflicted part

* UserInterceptor (adding user information to model)

* Spring Handler Interceptor - session timers

* Spring Security CSRF attack protection with Thymeleaf

* Fix and();

* Logger update

* Changed config for Thymeleaf
This commit is contained in:
maibin 2016-09-25 22:45:22 +02:00 committed by Grzegorz Piwowarek
parent 1e6083a13c
commit eae09bb13a
4 changed files with 87 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
spring-security-rest-full/src/main/java/org/baeldung/web/interceptor/SessionTimerInterceptor.java
View File

@ -31,9 +31,8 @@ public class SessionTimerInterceptor extends HandlerInterceptorAdapter {
request.setAttribute("executionTime", startTime); request.setAttribute("executionTime", startTime);
if (UserInterceptor.isUserLogged()) { if (UserInterceptor.isUserLogged()) {
session = request.getSession(); session = request.getSession();
log.info("Who is logged in: " + SecurityContextHolder.getContext().getAuthentication().getName()); log.info("Time since last request in this session: {} ms",
log.info("Time since last request in this session: " System.currentTimeMillis() - request.getSession().getLastAccessedTime());
+ (System.currentTimeMillis() - request.getSession().getLastAccessedTime()) + " ms");
if (System.currentTimeMillis() - session.getLastAccessedTime() > MAX_INACTIVE_SESSION_TIME) { if (System.currentTimeMillis() - session.getLastAccessedTime() > MAX_INACTIVE_SESSION_TIME) {
log.warn("Logging out, due to inactive session"); log.warn("Logging out, due to inactive session");
SecurityContextHolder.clearContext(); SecurityContextHolder.clearContext();
@ -52,6 +51,6 @@ public class SessionTimerInterceptor extends HandlerInterceptorAdapter {
final ModelAndView model) throws Exception { final ModelAndView model) throws Exception {
log.info("Post handle method - check execution time of handling"); log.info("Post handle method - check execution time of handling");
long startTime = (Long) request.getAttribute("executionTime"); long startTime = (Long) request.getAttribute("executionTime");
log.info("Execution time for handling the request was: " + (System.currentTimeMillis() - startTime) + " ms"); log.info("Execution time for handling the request was: {} ms", System.currentTimeMillis() - startTime);
} }
} }

41
spring-thymeleaf/pom.xml
View File

@ -5,6 +5,26 @@
<artifactId>spring-thymeleaf</artifactId> <artifactId>spring-thymeleaf</artifactId>
<version>0.1-SNAPSHOT</version> <version>0.1-SNAPSHOT</version>
<packaging>war</packaging> <packaging>war</packaging>
<properties>
<java-version>1.8</java-version>
<!-- spring -->
<org.springframework-version>4.3.3.RELEASE</org.springframework-version>
<javax.servlet-version>3.0.1</javax.servlet-version>
<!-- logging -->
<org.slf4j.version>1.7.12</org.slf4j.version>
<logback.version>1.1.3</logback.version>
<!-- thymeleaf -->
<org.thymeleaf-version>3.0.1.RELEASE</org.thymeleaf-version>
<!-- validation -->
<javax.validation-version>1.1.0.Final</javax.validation-version>
<org.hibernate-version>5.1.2.Final</org.hibernate-version>
<!-- Maven plugins -->
<maven-compiler-plugin.version>3.5.1</maven-compiler-plugin.version>
<maven-war-plugin.version>2.6</maven-war-plugin.version>
<maven-surefire-plugin.version>2.19.1</maven-surefire-plugin.version>
<cargo-maven2-plugin.version>1.4.18</cargo-maven2-plugin.version>
</properties>
<dependencies> <dependencies>
<!-- Spring --> <!-- Spring -->
@ -167,25 +187,4 @@
</plugins> </plugins>
</build> </build>
<properties>
<java-version>1.8</java-version>
<!-- spring -->
<org.springframework-version>4.3.3.RELEASE</org.springframework-version>
<javax.servlet-version>3.0.1</javax.servlet-version>
<!-- logging -->
<org.slf4j.version>1.7.12</org.slf4j.version>
<logback.version>1.1.3</logback.version>
<!-- thymeleaf -->
<org.thymeleaf-version>2.1.4.RELEASE</org.thymeleaf-version>
<!-- validation -->
<javax.validation-version>1.1.0.Final</javax.validation-version>
<org.hibernate-version>5.1.2.Final</org.hibernate-version>
<!-- Maven plugins -->
<maven-compiler-plugin.version>3.5.1</maven-compiler-plugin.version>
<maven-war-plugin.version>2.6</maven-war-plugin.version>
<maven-surefire-plugin.version>2.19.1</maven-surefire-plugin.version>
<cargo-maven2-plugin.version>1.4.18</cargo-maven2-plugin.version>
</properties>
</project> </project>

53
spring-thymeleaf/src/main/java/com/baeldung/thymeleaf/config/WebMVCConfig.java
View File

@ -1,17 +1,23 @@
package com.baeldung.thymeleaf.config; package com.baeldung.thymeleaf.config;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Description; import org.springframework.context.annotation.Description;
import org.springframework.context.support.ResourceBundleMessageSource; import org.springframework.context.support.ResourceBundleMessageSource;
import org.springframework.format.FormatterRegistry; import org.springframework.format.FormatterRegistry;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.thymeleaf.TemplateEngine;
import org.thymeleaf.spring4.SpringTemplateEngine; import org.thymeleaf.spring4.SpringTemplateEngine;
import org.thymeleaf.spring4.templateresolver.SpringResourceTemplateResolver;
import org.thymeleaf.spring4.view.ThymeleafViewResolver; import org.thymeleaf.spring4.view.ThymeleafViewResolver;
import org.thymeleaf.templateresolver.ServletContextTemplateResolver; import org.thymeleaf.templatemode.TemplateMode;
import org.thymeleaf.templateresolver.ITemplateResolver;
import com.baeldung.thymeleaf.formatter.NameFormatter; import com.baeldung.thymeleaf.formatter.NameFormatter;
@ -22,35 +28,38 @@ import com.baeldung.thymeleaf.formatter.NameFormatter;
* Java configuration file that is used for Spring MVC and Thymeleaf * Java configuration file that is used for Spring MVC and Thymeleaf
* configurations * configurations
*/ */
public class WebMVCConfig extends WebMvcConfigurerAdapter { public class WebMVCConfig extends WebMvcConfigurerAdapter implements ApplicationContextAware {
@Bean private ApplicationContext applicationContext;
@Description("Thymeleaf Template Resolver")
public ServletContextTemplateResolver templateResolver() {
ServletContextTemplateResolver templateResolver = new ServletContextTemplateResolver();
templateResolver.setPrefix("/WEB-INF/views/");
templateResolver.setSuffix(".html");
templateResolver.setTemplateMode("HTML5");
return templateResolver; public void setApplicationContext(ApplicationContext applicationContext) {
this.applicationContext = applicationContext;
} }
@Bean @Bean
@Description("Thymeleaf Template Engine") public ViewResolver viewResolver() {
public SpringTemplateEngine templateEngine() { ThymeleafViewResolver resolver = new ThymeleafViewResolver();
SpringTemplateEngine templateEngine = new SpringTemplateEngine(); resolver.setTemplateEngine(templateEngine());
templateEngine.setTemplateResolver(templateResolver()); resolver.setCharacterEncoding("UTF-8");
resolver.setOrder(1);
return templateEngine; return resolver;
} }
@Bean @Bean
@Description("Thymeleaf View Resolver") public TemplateEngine templateEngine() {
public ThymeleafViewResolver viewResolver() { SpringTemplateEngine engine = new SpringTemplateEngine();
ThymeleafViewResolver viewResolver = new ThymeleafViewResolver(); engine.setEnableSpringELCompiler(true);
viewResolver.setTemplateEngine(templateEngine()); engine.setTemplateResolver(templateResolver());
viewResolver.setOrder(1); return engine;
return viewResolver; }
private ITemplateResolver templateResolver() {
SpringResourceTemplateResolver resolver = new SpringResourceTemplateResolver();
resolver.setApplicationContext(applicationContext);
resolver.setPrefix("/WEB-INF/views/");
resolver.setSuffix(".html");
resolver.setTemplateMode(TemplateMode.HTML);
return resolver;
} }
@Bean @Bean

8
spring-thymeleaf/src/main/java/com/baeldung/thymeleaf/config/WebMVCSecurity.java
View File

@ -37,7 +37,13 @@ public class WebMVCSecurity extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(final HttpSecurity http) throws Exception { protected void configure(final HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().httpBasic(); http
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.httpBasic()
;
} }
} }