iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BAEL-3335 example of reading request multiple times. removed spring boot and using spring-webmvc

Browse Source
This commit is contained in:
sumit-bhawsar
2019-10-20 04:01:29 +01:00
parent db85c8f275
commit 2e97ec17f4
20450 changed files with 1641014 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
spring-boot-security/src/main/java/com/baeldung/integrationtesting/MethodSecurityConfigurer.java
+13
View File
@@ -0,0 +1,13 @@
package com.baeldung.integrationtesting;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
@Configuration
@EnableGlobalMethodSecurity(
prePostEnabled = true,
securedEnabled = true)
public class MethodSecurityConfigurer extends GlobalMethodSecurityConfiguration {
}
spring-boot-security/src/main/java/com/baeldung/integrationtesting/SecuredApplication.java
+13
View File
@@ -0,0 +1,13 @@
package com.baeldung.integrationtesting;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class SecuredApplication {
public static void main(String[] args) {
SpringApplication.run(SecuredApplication.class, args);
}
}
spring-boot-security/src/main/java/com/baeldung/integrationtesting/SecuredController.java
+21
View File
@@ -0,0 +1,21 @@
package com.baeldung.integrationtesting;
import java.util.Arrays;
import java.util.List;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class SecuredController {
@GetMapping("/public/hello")
public List<String> publicHello() {
return Arrays.asList("Hello", "World", "from", "Public");
}
@GetMapping("/private/hello")
public List<String> privateHello() {
return Arrays.asList("Hello", "World", "from", "Private");
}
}
spring-boot-security/src/main/java/com/baeldung/integrationtesting/SecuredService.java
+13
View File
@@ -0,0 +1,13 @@
package com.baeldung.integrationtesting;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
@Service
public class SecuredService {
@PreAuthorize("authenticated")
public String sayHelloSecured() {
return "Hello user.";
}
}
spring-boot-security/src/main/java/com/baeldung/integrationtesting/WebSecurityConfigurer.java
+40
View File
@@ -0,0 +1,40 @@
package com.baeldung.integrationtesting;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
BCryptPasswordEncoder encoder = passwordEncoder();
auth.inMemoryAuthentication()
.passwordEncoder(encoder)
.withUser("spring")
.password(encoder.encode("secret"))
.roles("USER");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/private/**")
.hasRole("USER")
.antMatchers("/public/**")
.permitAll()
.and()
.httpBasic();
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/autoconfig/SpringBootSecurityApplication.java
+15
View File
@@ -0,0 +1,15 @@
package com.baeldung.springbootsecurity.autoconfig;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
@SpringBootApplication(exclude = {
SecurityAutoConfiguration.class
// ,ManagementWebSecurityAutoConfiguration.class
}, scanBasePackages = "com.baeldung.springbootsecurity.autoconfig")
public class SpringBootSecurityApplication {
public static void main(String[] args) {
SpringApplication.run(SpringBootSecurityApplication.class, args);
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/autoconfig/config/BasicConfiguration.java
+38
View File
@@ -0,0 +1,38 @@
package com.baeldung.springbootsecurity.autoconfig.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
@EnableWebSecurity
public class BasicConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
auth
.inMemoryAuthentication()
.withUser("user")
.password(encoder.encode("password"))
.roles("USER")
.and()
.withUser("admin")
.password(encoder.encode("admin"))
.roles("USER", "ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.httpBasic();
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2resource/SpringBootOAuth2ResourceApplication.java
+30
View File
@@ -0,0 +1,30 @@
package com.baeldung.springbootsecurity.oauth2resource;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@EnableResourceServer
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2resource")
public class SpringBootOAuth2ResourceApplication {
public static void main(String[] args) {
new SpringApplicationBuilder()
.profiles("resource")
.sources(SpringBootOAuth2ResourceApplication.class)
.build()
.run(args);
}
@RestController
class SecuredResourceController {
@GetMapping("/securedResource")
public String securedResource() {
return "Baeldung Secured Resource OK";
}
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/SpringBootAuthorizationServerApplication.java
+30
View File
@@ -0,0 +1,30 @@
package com.baeldung.springbootsecurity.oauth2server;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import java.security.Principal;
@EnableResourceServer
@EnableAuthorizationServer
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2server")
public class SpringBootAuthorizationServerApplication {
public static void main(String[] args) {
SpringApplication.run(SpringBootAuthorizationServerApplication.class, args);
}
@RestController
class UserController {
@GetMapping("/user")
public Principal user(Principal user) {
return user;
}
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/config/AuthenticationMananagerConfig.java
+18
View File
@@ -0,0 +1,18 @@
package com.baeldung.springbootsecurity.oauth2server.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@Profile("authz")
public class AuthenticationMananagerConfig extends WebSecurityConfigurerAdapter {
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/config/AuthorizationServerConfig.java
+46
View File
@@ -0,0 +1,46 @@
package com.baeldung.springbootsecurity.oauth2server.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
@Configuration
@Profile("authz")
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("baeldung")
.secret(passwordEncoder().encode("baeldung"))
.authorizedGrantTypes("client_credentials", "password", "authorization_code")
.scopes("openid", "read")
.autoApprove(true)
.and()
.withClient("baeldung-admin")
.secret(passwordEncoder().encode("baeldung"))
.authorizedGrantTypes("authorization_code", "client_credentials", "refresh_token")
.scopes("read", "write")
.autoApprove(true);
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/config/WebSecurityConfiguration.java
+17
View File
@@ -0,0 +1,17 @@
package com.baeldung.springbootsecurity.oauth2server.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@Profile("!authz")
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Bean
public AuthenticationManager customAuthenticationManager() throws Exception {
return authenticationManager();
}
}
spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2sso/SpringBootOAuth2SsoApplication.java
+19
View File
@@ -0,0 +1,19 @@
package com.baeldung.springbootsecurity.oauth2sso;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.boot.builder.SpringApplicationBuilder;
@EnableOAuth2Sso
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2sso")
public class SpringBootOAuth2SsoApplication {
public static void main(String[] args) {
new SpringApplicationBuilder()
.profiles("sso")
.sources(SpringBootOAuth2SsoApplication.class)
.build()
.run(args);
}
}
spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/HomeController.java
+14
View File
@@ -0,0 +1,14 @@
package com.baeldung.springsecuritytaglibs;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping("/")
public class HomeController {
@RequestMapping
public String home() {
return "home";
}
}
spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/SpringBootSecurityTagLibsApplication.java
+9
View File
@@ -0,0 +1,9 @@
package com.baeldung.springsecuritytaglibs;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.PropertySource;
@SpringBootApplication
@PropertySource("classpath:application-taglibs.properties")
public class SpringBootSecurityTagLibsApplication {
}
spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/config/SpringBootSecurityTagLibsConfig.java
+40
View File
@@ -0,0 +1,40 @@
package com.baeldung.springsecuritytaglibs.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@Configuration
@EnableWebSecurity
public class SpringBootSecurityTagLibsConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
BCryptPasswordEncoder encoder = passwordEncoder();
auth.inMemoryAuthentication()
.passwordEncoder(encoder)
.withUser("testUser")
.password(encoder.encode("password"))
.roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.csrf()
.and()
.authorizeRequests()
.antMatchers("/userManagement").hasRole("ADMIN")
.anyRequest().permitAll().and().httpBasic();
// @formatter:on
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
spring-boot-security/src/main/resources/application-authz.properties
+3
View File
@@ -0,0 +1,3 @@
spring.security.user.password=password
security.oauth2.client.client-id=client
security.oauth2.client.client-secret=secret
spring-boot-security/src/main/resources/application-resource.properties
+2
View File
@@ -0,0 +1,2 @@
server.port=8081
security.oauth2.resource.userInfoUri=http://localhost:8080/user
spring-boot-security/src/main/resources/application-sso.properties
+9
View File
@@ -0,0 +1,9 @@
server.port=8082
security.oauth2.client.clientId=<generated_app_id>
security.oauth2.client.clientSecret=<app_secret>
security.oauth2.client.accessTokenUri=https://graph.facebook.com/oauth/access_token
security.oauth2.client.userAuthorizationUri=https://www.facebook.com/dialog/oauth
security.oauth2.client.tokenName=oauth_token
security.oauth2.client.authenticationScheme=query
security.oauth2.client.clientAuthenticationScheme=form
security.oauth2.resource.userInfoUri=https://graph.facebook.com/me
spring-boot-security/src/main/resources/application-taglibs.properties
+3
View File
@@ -0,0 +1,3 @@
#jsp config
spring.mvc.view.prefix= /WEB-INF/views/
spring.mvc.view.suffix= .jsp
spring-boot-security/src/main/resources/application.properties
+4
View File
@@ -0,0 +1,4 @@
#spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
#security.user.password=password
#security.oauth2.client.client-id=client
#security.oauth2.client.client-secret=secret
spring-boot-security/src/main/resources/logback.xml
+13
View File
@@ -0,0 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
</pattern>
</encoder>
</appender>
<root level="INFO">
<appender-ref ref="STDOUT" />
</root>
</configuration>
spring-boot-security/src/main/resources/static/index.html
+10
View File
@@ -0,0 +1,10 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Index</title>
</head>
<body>
Welcome to Baeldung Secured Page !!!
</body>
</html>
spring-boot-security/src/main/webapp/WEB-INF/views/home.jsp
+38
View File
@@ -0,0 +1,38 @@
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<sec:csrfMetaTags />
<title>Home Page</title>
</head>
<body>
<sec:authorize access="!isAuthenticated()">
Login
</sec:authorize>
<sec:authorize access="isAuthenticated()">
Logout
</sec:authorize>
<sec:authorize access="isAuthenticated()">
<h2>
Welcome back, <sec:authentication property="name" />
</h2>
<sec:authorize access="hasRole('ADMIN')">
Manage Users
</sec:authorize>
<form method="post">
<sec:csrfInput />
Text Field: <br /> <input type="text" name="textField" />
<input type="submit" value="Submit form with CSRF input">
</form>
<sec:authorize url="/userManagement">
<a href="/userManagement">Manage Users</a>
</sec:authorize>
</sec:authorize>
</body>
</html>