diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/LogoutDemoApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/CustomLogoutApplication.java similarity index 54% rename from spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/LogoutDemoApplication.java rename to spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/CustomLogoutApplication.java index 027334dd6b..39d867b1f4 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/LogoutDemoApplication.java +++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/CustomLogoutApplication.java @@ -4,10 +4,10 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication -public class LogoutDemoApplication { +public class CustomLogoutApplication { - public static void main(String[] args) { - SpringApplication.run(LogoutDemoApplication.class, args); - } + public static void main(String[] args) { + SpringApplication.run(CustomLogoutApplication.class, args); + } } diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/MvcConfiguration.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/MvcConfiguration.java index 36de049a31..3e17a7c397 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/MvcConfiguration.java +++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/MvcConfiguration.java @@ -1,6 +1,7 @@ package com.baeldung.customlogouthandler; -import com.baeldung.customlogouthandler.web.CustomLogoutHandler; +import javax.sql.DataSource; + import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; @@ -11,7 +12,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; -import javax.sql.DataSource; +import com.baeldung.customlogouthandler.web.CustomLogoutHandler; @Configuration @EnableWebSecurity @@ -25,27 +26,30 @@ public class MvcConfiguration extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { - http - .httpBasic().and() + http.httpBasic() + .and() .authorizeRequests() - .antMatchers(HttpMethod.GET, "/user/**").hasRole("USER") - .and() - .logout() + .antMatchers(HttpMethod.GET, "/user/**") + .hasRole("USER") + .and() + .logout() .logoutUrl("/user/logout") .addLogoutHandler(logoutHandler) .logoutSuccessHandler((new HttpStatusReturningLogoutSuccessHandler(HttpStatus.OK))) .permitAll() - .and() - .csrf().disable() - .formLogin().disable(); + .and() + .csrf() + .disable() + .formLogin() + .disable(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.jdbcAuthentication() - .dataSource(dataSource) - .usersByUsernameQuery("select login, password, true from users where login=?") - .authoritiesByUsernameQuery("select login, role from users where login=?"); + .dataSource(dataSource) + .usersByUsernameQuery("select login, password, true from users where login=?") + .authoritiesByUsernameQuery("select login, role from users where login=?"); } } diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/services/UserCache.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/services/UserCache.java index 56c4d1e7c9..b86edc0dee 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/services/UserCache.java +++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/services/UserCache.java @@ -1,12 +1,14 @@ package com.baeldung.customlogouthandler.services; -import com.baeldung.customlogouthandler.user.User; -import org.springframework.stereotype.Service; +import java.util.concurrent.ConcurrentHashMap; +import java.util.concurrent.ConcurrentMap; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; -import java.util.concurrent.ConcurrentHashMap; -import java.util.concurrent.ConcurrentMap; + +import org.springframework.stereotype.Service; + +import com.baeldung.customlogouthandler.user.User; @Service public class UserCache { @@ -16,18 +18,18 @@ public class UserCache { private final ConcurrentMap store = new ConcurrentHashMap<>(256); - public User getByLogin(String login) { - return store.computeIfAbsent(login, k -> entityManager.createQuery("from User where login=:login", User.class) - .setParameter("login", k) - .getSingleResult()); + public User getByUserName(String userName) { + return store.computeIfAbsent(userName, k -> entityManager.createQuery("from User where login=:login", User.class) + .setParameter("login", k) + .getSingleResult()); } - public void evictUser(String login) { - store.remove(login); + public void evictUser(String userName) { + store.remove(userName); } public int size() { - return this.store.size(); + return store.size(); } } diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/user/UserUtils.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/user/UserUtils.java index 195497f7ba..aa9a521b01 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/user/UserUtils.java +++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/user/UserUtils.java @@ -5,8 +5,9 @@ import org.springframework.security.core.context.SecurityContextHolder; public class UserUtils { - public static String getAuthenticatedUserLogin() { - Authentication auth = SecurityContextHolder.getContext().getAuthentication(); + public static String getAuthenticatedUserName() { + Authentication auth = SecurityContextHolder.getContext() + .getAuthentication(); return auth != null ? ((org.springframework.security.core.userdetails.User) auth.getPrincipal()).getUsername() : null; } diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/CustomLogoutHandler.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/CustomLogoutHandler.java index 2a335cd122..a89c9a570d 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/CustomLogoutHandler.java +++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/CustomLogoutHandler.java @@ -1,13 +1,14 @@ package com.baeldung.customlogouthandler.web; -import com.baeldung.customlogouthandler.services.UserCache; -import com.baeldung.customlogouthandler.user.UserUtils; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.stereotype.Service; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import com.baeldung.customlogouthandler.services.UserCache; +import com.baeldung.customlogouthandler.user.UserUtils; @Service public class CustomLogoutHandler implements LogoutHandler { @@ -20,8 +21,8 @@ public class CustomLogoutHandler implements LogoutHandler { @Override public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { - String login = UserUtils.getAuthenticatedUserLogin(); - userCache.evictUser(login); + String userName = UserUtils.getAuthenticatedUserName(); + userCache.evictUser(userName); } } diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/UserController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/UserController.java index 18cd8dda98..b2d332a1bb 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/UserController.java +++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/com/baeldung/customlogouthandler/web/UserController.java @@ -1,13 +1,13 @@ package com.baeldung.customlogouthandler.web; -import com.baeldung.customlogouthandler.services.UserCache; -import com.baeldung.customlogouthandler.user.User; -import com.baeldung.customlogouthandler.user.UserUtils; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; +import com.baeldung.customlogouthandler.services.UserCache; +import com.baeldung.customlogouthandler.user.User; +import com.baeldung.customlogouthandler.user.UserUtils; @Controller @RequestMapping(path = "/user") @@ -22,8 +22,8 @@ public class UserController { @GetMapping(path = "/language") @ResponseBody public String getLanguage() { - String login = UserUtils.getAuthenticatedUserLogin(); - User user = userCache.getByLogin(login); + String userName = UserUtils.getAuthenticatedUserName(); + User user = userCache.getByUserName(userName); return user.getLanguage(); } diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/test/java/com/baeldung/customlogouthandler/CustomLogoutHandlerIntegrationTest.java b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/com/baeldung/customlogouthandler/CustomLogoutHandlerIntegrationTest.java index 3c325a2006..cd8a1a72d6 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/test/java/com/baeldung/customlogouthandler/CustomLogoutHandlerIntegrationTest.java +++ b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/com/baeldung/customlogouthandler/CustomLogoutHandlerIntegrationTest.java @@ -1,6 +1,7 @@ package com.baeldung.customlogouthandler; -import com.baeldung.customlogouthandler.services.UserCache; +import static org.assertj.core.api.Assertions.assertThat; + import org.junit.jupiter.api.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; @@ -11,96 +12,97 @@ import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; import org.springframework.http.ResponseEntity; +import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.jdbc.Sql; import org.springframework.test.context.jdbc.SqlGroup; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import static org.assertj.core.api.Assertions.assertThat; +import com.baeldung.customlogouthandler.services.UserCache; @RunWith(SpringJUnit4ClassRunner.class) -@SpringBootTest(classes = {LogoutDemoApplication.class, MvcConfiguration.class}, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -@SqlGroup({ - @Sql(value = "classpath:customlogouthandler/before.sql", executionPhase = Sql.ExecutionPhase.BEFORE_TEST_METHOD), - @Sql(value = "classpath:customlogouthandler/after.sql", executionPhase = Sql.ExecutionPhase.AFTER_TEST_METHOD) -}) +@SpringBootTest(classes = { CustomLogoutApplication.class }, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@SqlGroup({ @Sql(value = "classpath:customlogouthandler/before.sql", executionPhase = Sql.ExecutionPhase.BEFORE_TEST_METHOD), @Sql(value = "classpath:customlogouthandler/after.sql", executionPhase = Sql.ExecutionPhase.AFTER_TEST_METHOD) }) +@TestPropertySource(locations="classpath:customlogouthandler/application.properties") class CustomLogoutHandlerIntegrationTest { - @Autowired - private TestRestTemplate restTemplate; + @Autowired + private TestRestTemplate restTemplate; - @Autowired - private UserCache userCache; + @Autowired + private UserCache userCache; - @LocalServerPort - private int port; + @LocalServerPort + private int port; - @Test - public void whenLogin_thenUseUserCache() throws Exception { - // User cache should be empty on start - assertThat(userCache.size()).isEqualTo(0); + @Test + public void whenLogin_thenUseUserCache() { + // User cache should be empty on start + assertThat(userCache.size()).isEqualTo(0); - // Request using first login - ResponseEntity response = restTemplate - .withBasicAuth("user", "pass") - .getForEntity(getLanguageUrl(), String.class); + // Request using first login + ResponseEntity response = restTemplate.withBasicAuth("user", "pass") + .getForEntity(getLanguageUrl(), String.class); - assertThat(response.getBody()).contains("english"); + assertThat(response.getBody()).contains("english"); - // User cache must contain the user - assertThat(userCache.size()).isEqualTo(1); + // User cache must contain the user + assertThat(userCache.size()).isEqualTo(1); - // Getting the session cookie - HttpHeaders requestHeaders = new HttpHeaders(); - requestHeaders.add("Cookie", response.getHeaders().getFirst(HttpHeaders.SET_COOKIE)); + // Getting the session cookie + HttpHeaders requestHeaders = new HttpHeaders(); + requestHeaders.add("Cookie", response.getHeaders() + .getFirst(HttpHeaders.SET_COOKIE)); - // Request with the session cookie - response = restTemplate - .exchange(getLanguageUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); - assertThat(response.getBody()).contains("english"); + // Request with the session cookie + response = restTemplate.exchange(getLanguageUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); + assertThat(response.getBody()).contains("english"); - // Logging out using the session cookies - response = restTemplate.exchange(getLogoutUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); - assertThat(response.getStatusCode().value()).isEqualTo(200); - } + // Logging out using the session cookies + response = restTemplate.exchange(getLogoutUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); + assertThat(response.getStatusCode() + .value()).isEqualTo(200); + } - @Test - public void whenLogout_thenCacheIsEmpty() throws Exception { - // User cache should be empty on start - assertThat(userCache.size()).isEqualTo(0); + @Test + public void whenLogout_thenCacheIsEmpty() { + // User cache should be empty on start + assertThat(userCache.size()).isEqualTo(0); - // Request using first login - ResponseEntity response = restTemplate - .withBasicAuth("user", "pass") - .getForEntity(getLanguageUrl(), String.class); + // Request using first login + ResponseEntity response = restTemplate.withBasicAuth("user", "pass") + .getForEntity(getLanguageUrl(), String.class); - assertThat(response.getBody()).contains("english"); + assertThat(response.getBody()).contains("english"); - // User cache must contain the user - assertThat(userCache.size()).isEqualTo(1); + // User cache must contain the user + assertThat(userCache.size()).isEqualTo(1); - // Getting the session cookie - HttpHeaders requestHeaders = new HttpHeaders(); - requestHeaders.add("Cookie", response.getHeaders().getFirst(HttpHeaders.SET_COOKIE)); + // Getting the session cookie + HttpHeaders requestHeaders = new HttpHeaders(); + requestHeaders.add("Cookie", response.getHeaders() + .getFirst(HttpHeaders.SET_COOKIE)); - // Logging out using the session cookies - response = restTemplate.exchange(getLogoutUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); - assertThat(response.getStatusCode().value()).isEqualTo(200); + // Logging out using the session cookies + response = restTemplate.exchange(getLogoutUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); + assertThat(response.getStatusCode() + .value()).isEqualTo(200); - // User cache must be empty now - // this is the reaction on custom logout filter execution - assertThat(userCache.size()).isEqualTo(0); + // User cache must be empty now + // this is the reaction on custom logout filter execution + assertThat(userCache.size()).isEqualTo(0); - // Assert unathorized request - response = restTemplate.exchange(getLanguageUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); - assertThat(response.getStatusCode().value()).isEqualTo(401); - } + // Assert unauthorized request + response = restTemplate.exchange(getLanguageUrl(), HttpMethod.GET, new HttpEntity(requestHeaders), String.class); + assertThat(response.getStatusCode() + .value()).isEqualTo(401); + } - private String getLanguageUrl() { - return "http://localhost:" + port + "/user/language"; - } + private String getLanguageUrl() { + return "http://localhost:" + port + "/user/language"; + } - private String getLogoutUrl() { - return "http://localhost:" + port + "/user/logout"; - } + private String getLogoutUrl() { + return "http://localhost:" + port + "/user/logout"; + } } diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/test/resources/customlogouthandler/application.properties b/spring-security-modules/spring-security-mvc-boot-2/src/test/resources/customlogouthandler/application.properties index 8b6d47ebe9..9edd853f2c 100644 --- a/spring-security-modules/spring-security-mvc-boot-2/src/test/resources/customlogouthandler/application.properties +++ b/spring-security-modules/spring-security-mvc-boot-2/src/test/resources/customlogouthandler/application.properties @@ -1,5 +1,5 @@ -spring.datasource.url=jdbc:postgresql://localhost:5432/develop -spring.datasource.username=develop -spring.datasource.password=develop +spring.datasource.url=jdbc:postgresql://localhost:5432/test +spring.datasource.username=test +spring.datasource.password=test spring.jpa.hibernate.ddl-auto=create