Fixed both Thymeleaf and Interceptors articles (#699)
* Expression-Based Access Control PermitAll, hasRole, hasAnyRole etc. I modified classes regards to Security * Added test cases for Spring Security Expressions * Handler Interceptor - logging example * Test for logger interceptor * Removed conflicted part * UserInterceptor (adding user information to model) * Spring Handler Interceptor - session timers * Spring Security CSRF attack protection with Thymeleaf * Fix and(); * Logger update * Changed config for Thymeleaf
This commit is contained in:
parent
1e6083a13c
commit
eae09bb13a
|
@ -31,9 +31,8 @@ public class SessionTimerInterceptor extends HandlerInterceptorAdapter {
|
||||||
request.setAttribute("executionTime", startTime);
|
request.setAttribute("executionTime", startTime);
|
||||||
if (UserInterceptor.isUserLogged()) {
|
if (UserInterceptor.isUserLogged()) {
|
||||||
session = request.getSession();
|
session = request.getSession();
|
||||||
log.info("Who is logged in: " + SecurityContextHolder.getContext().getAuthentication().getName());
|
log.info("Time since last request in this session: {} ms",
|
||||||
log.info("Time since last request in this session: "
|
System.currentTimeMillis() - request.getSession().getLastAccessedTime());
|
||||||
+ (System.currentTimeMillis() - request.getSession().getLastAccessedTime()) + " ms");
|
|
||||||
if (System.currentTimeMillis() - session.getLastAccessedTime() > MAX_INACTIVE_SESSION_TIME) {
|
if (System.currentTimeMillis() - session.getLastAccessedTime() > MAX_INACTIVE_SESSION_TIME) {
|
||||||
log.warn("Logging out, due to inactive session");
|
log.warn("Logging out, due to inactive session");
|
||||||
SecurityContextHolder.clearContext();
|
SecurityContextHolder.clearContext();
|
||||||
|
@ -52,6 +51,6 @@ public class SessionTimerInterceptor extends HandlerInterceptorAdapter {
|
||||||
final ModelAndView model) throws Exception {
|
final ModelAndView model) throws Exception {
|
||||||
log.info("Post handle method - check execution time of handling");
|
log.info("Post handle method - check execution time of handling");
|
||||||
long startTime = (Long) request.getAttribute("executionTime");
|
long startTime = (Long) request.getAttribute("executionTime");
|
||||||
log.info("Execution time for handling the request was: " + (System.currentTimeMillis() - startTime) + " ms");
|
log.info("Execution time for handling the request was: {} ms", System.currentTimeMillis() - startTime);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,30 @@
|
||||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
<groupId>com.baeldung</groupId>
|
<groupId>com.baeldung</groupId>
|
||||||
<artifactId>spring-thymeleaf</artifactId>
|
<artifactId>spring-thymeleaf</artifactId>
|
||||||
<version>0.1-SNAPSHOT</version>
|
<version>0.1-SNAPSHOT</version>
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
|
<properties>
|
||||||
|
<java-version>1.8</java-version>
|
||||||
|
<!-- spring -->
|
||||||
|
<org.springframework-version>4.3.3.RELEASE</org.springframework-version>
|
||||||
|
<javax.servlet-version>3.0.1</javax.servlet-version>
|
||||||
|
<!-- logging -->
|
||||||
|
<org.slf4j.version>1.7.12</org.slf4j.version>
|
||||||
|
<logback.version>1.1.3</logback.version>
|
||||||
|
<!-- thymeleaf -->
|
||||||
|
<org.thymeleaf-version>3.0.1.RELEASE</org.thymeleaf-version>
|
||||||
|
<!-- validation -->
|
||||||
|
<javax.validation-version>1.1.0.Final</javax.validation-version>
|
||||||
|
<org.hibernate-version>5.1.2.Final</org.hibernate-version>
|
||||||
|
|
||||||
|
<!-- Maven plugins -->
|
||||||
|
<maven-compiler-plugin.version>3.5.1</maven-compiler-plugin.version>
|
||||||
|
<maven-war-plugin.version>2.6</maven-war-plugin.version>
|
||||||
|
<maven-surefire-plugin.version>2.19.1</maven-surefire-plugin.version>
|
||||||
|
<cargo-maven2-plugin.version>1.4.18</cargo-maven2-plugin.version>
|
||||||
|
</properties>
|
||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
<!-- Spring -->
|
<!-- Spring -->
|
||||||
|
@ -167,25 +187,4 @@
|
||||||
</plugins>
|
</plugins>
|
||||||
</build>
|
</build>
|
||||||
|
|
||||||
<properties>
|
|
||||||
<java-version>1.8</java-version>
|
|
||||||
<!-- spring -->
|
|
||||||
<org.springframework-version>4.3.3.RELEASE</org.springframework-version>
|
|
||||||
<javax.servlet-version>3.0.1</javax.servlet-version>
|
|
||||||
<!-- logging -->
|
|
||||||
<org.slf4j.version>1.7.12</org.slf4j.version>
|
|
||||||
<logback.version>1.1.3</logback.version>
|
|
||||||
<!-- thymeleaf -->
|
|
||||||
<org.thymeleaf-version>2.1.4.RELEASE</org.thymeleaf-version>
|
|
||||||
<!-- validation -->
|
|
||||||
<javax.validation-version>1.1.0.Final</javax.validation-version>
|
|
||||||
<org.hibernate-version>5.1.2.Final</org.hibernate-version>
|
|
||||||
|
|
||||||
<!-- Maven plugins -->
|
|
||||||
<maven-compiler-plugin.version>3.5.1</maven-compiler-plugin.version>
|
|
||||||
<maven-war-plugin.version>2.6</maven-war-plugin.version>
|
|
||||||
<maven-surefire-plugin.version>2.19.1</maven-surefire-plugin.version>
|
|
||||||
<cargo-maven2-plugin.version>1.4.18</cargo-maven2-plugin.version>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
</project>
|
</project>
|
||||||
|
|
|
@ -1,17 +1,23 @@
|
||||||
package com.baeldung.thymeleaf.config;
|
package com.baeldung.thymeleaf.config;
|
||||||
|
|
||||||
|
import org.springframework.context.ApplicationContext;
|
||||||
|
import org.springframework.context.ApplicationContextAware;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.ComponentScan;
|
import org.springframework.context.annotation.ComponentScan;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.context.annotation.Description;
|
import org.springframework.context.annotation.Description;
|
||||||
import org.springframework.context.support.ResourceBundleMessageSource;
|
import org.springframework.context.support.ResourceBundleMessageSource;
|
||||||
import org.springframework.format.FormatterRegistry;
|
import org.springframework.format.FormatterRegistry;
|
||||||
|
import org.springframework.web.servlet.ViewResolver;
|
||||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||||
|
import org.thymeleaf.TemplateEngine;
|
||||||
import org.thymeleaf.spring4.SpringTemplateEngine;
|
import org.thymeleaf.spring4.SpringTemplateEngine;
|
||||||
|
import org.thymeleaf.spring4.templateresolver.SpringResourceTemplateResolver;
|
||||||
import org.thymeleaf.spring4.view.ThymeleafViewResolver;
|
import org.thymeleaf.spring4.view.ThymeleafViewResolver;
|
||||||
import org.thymeleaf.templateresolver.ServletContextTemplateResolver;
|
import org.thymeleaf.templatemode.TemplateMode;
|
||||||
|
import org.thymeleaf.templateresolver.ITemplateResolver;
|
||||||
|
|
||||||
import com.baeldung.thymeleaf.formatter.NameFormatter;
|
import com.baeldung.thymeleaf.formatter.NameFormatter;
|
||||||
|
|
||||||
|
@ -22,53 +28,56 @@ import com.baeldung.thymeleaf.formatter.NameFormatter;
|
||||||
* Java configuration file that is used for Spring MVC and Thymeleaf
|
* Java configuration file that is used for Spring MVC and Thymeleaf
|
||||||
* configurations
|
* configurations
|
||||||
*/
|
*/
|
||||||
public class WebMVCConfig extends WebMvcConfigurerAdapter {
|
public class WebMVCConfig extends WebMvcConfigurerAdapter implements ApplicationContextAware {
|
||||||
|
|
||||||
@Bean
|
private ApplicationContext applicationContext;
|
||||||
@Description("Thymeleaf Template Resolver")
|
|
||||||
public ServletContextTemplateResolver templateResolver() {
|
|
||||||
ServletContextTemplateResolver templateResolver = new ServletContextTemplateResolver();
|
|
||||||
templateResolver.setPrefix("/WEB-INF/views/");
|
|
||||||
templateResolver.setSuffix(".html");
|
|
||||||
templateResolver.setTemplateMode("HTML5");
|
|
||||||
|
|
||||||
return templateResolver;
|
public void setApplicationContext(ApplicationContext applicationContext) {
|
||||||
}
|
this.applicationContext = applicationContext;
|
||||||
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Description("Thymeleaf Template Engine")
|
public ViewResolver viewResolver() {
|
||||||
public SpringTemplateEngine templateEngine() {
|
ThymeleafViewResolver resolver = new ThymeleafViewResolver();
|
||||||
SpringTemplateEngine templateEngine = new SpringTemplateEngine();
|
resolver.setTemplateEngine(templateEngine());
|
||||||
templateEngine.setTemplateResolver(templateResolver());
|
resolver.setCharacterEncoding("UTF-8");
|
||||||
|
resolver.setOrder(1);
|
||||||
|
return resolver;
|
||||||
|
}
|
||||||
|
|
||||||
return templateEngine;
|
@Bean
|
||||||
}
|
public TemplateEngine templateEngine() {
|
||||||
|
SpringTemplateEngine engine = new SpringTemplateEngine();
|
||||||
|
engine.setEnableSpringELCompiler(true);
|
||||||
|
engine.setTemplateResolver(templateResolver());
|
||||||
|
return engine;
|
||||||
|
}
|
||||||
|
|
||||||
@Bean
|
private ITemplateResolver templateResolver() {
|
||||||
@Description("Thymeleaf View Resolver")
|
SpringResourceTemplateResolver resolver = new SpringResourceTemplateResolver();
|
||||||
public ThymeleafViewResolver viewResolver() {
|
resolver.setApplicationContext(applicationContext);
|
||||||
ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
|
resolver.setPrefix("/WEB-INF/views/");
|
||||||
viewResolver.setTemplateEngine(templateEngine());
|
resolver.setSuffix(".html");
|
||||||
viewResolver.setOrder(1);
|
resolver.setTemplateMode(TemplateMode.HTML);
|
||||||
return viewResolver;
|
return resolver;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Description("Spring Message Resolver")
|
@Description("Spring Message Resolver")
|
||||||
public ResourceBundleMessageSource messageSource() {
|
public ResourceBundleMessageSource messageSource() {
|
||||||
ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource();
|
ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource();
|
||||||
messageSource.setBasename("messages");
|
messageSource.setBasename("messages");
|
||||||
return messageSource;
|
return messageSource;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addResourceHandlers(ResourceHandlerRegistry registry) {
|
public void addResourceHandlers(ResourceHandlerRegistry registry) {
|
||||||
registry.addResourceHandler("/resources/**").addResourceLocations("/WEB-INF/resources/");
|
registry.addResourceHandler("/resources/**").addResourceLocations("/WEB-INF/resources/");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@Description("Custom Conversion Service")
|
@Description("Custom Conversion Service")
|
||||||
public void addFormatters(FormatterRegistry registry) {
|
public void addFormatters(FormatterRegistry registry) {
|
||||||
registry.addFormatter(new NameFormatter());
|
registry.addFormatter(new NameFormatter());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,7 +37,13 @@ public class WebMVCSecurity extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(final HttpSecurity http) throws Exception {
|
protected void configure(final HttpSecurity http) throws Exception {
|
||||||
http.authorizeRequests().anyRequest().authenticated().and().httpBasic();
|
http
|
||||||
|
.authorizeRequests()
|
||||||
|
.anyRequest()
|
||||||
|
.authenticated()
|
||||||
|
.and()
|
||||||
|
.httpBasic()
|
||||||
|
;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue