From 31cbe87a5575fe6694dd0a9e43697f18198f202d Mon Sep 17 00:00:00 2001 From: Bipin kumar Date: Fri, 8 Mar 2024 02:44:09 +0530 Subject: [PATCH] JAVA-29170: Changes made for Upgrade spring-rest-http to Spring Boot 3 (#16000) * JAVA-29170: Changes made for Upgrade spring-rest-http to Spring Boot 3 * JAVA-29316: Changes made for Upgrade spring-rest-http to Spring Boot 3 * JAVA-29316: Changes made for Upgrade spring-rest-http to Spring Boot 3 --- .../spring-security-web-rest/pom.xml | 20 ++++++++- .../CustomRestExceptionHandler.java | 31 ++++--------- .../baeldung/security/SecurityJavaConfig.java | 43 ++++++------------- ...uestAwareAuthenticationSuccessHandler.java | 8 ++-- .../web/RestAuthenticationEntryPoint.java | 6 +-- .../web/error/CustomAccessDeniedHandler.java | 7 +-- .../RestResponseEntityExceptionHandler.java | 13 ------ .../java/com/baeldung/web/TestConfig.java | 4 +- 8 files changed, 52 insertions(+), 80 deletions(-) diff --git a/spring-security-modules/spring-security-web-rest/pom.xml b/spring-security-modules/spring-security-web-rest/pom.xml index 76d9ad37de..6bc9131e3e 100644 --- a/spring-security-modules/spring-security-web-rest/pom.xml +++ b/spring-security-modules/spring-security-web-rest/pom.xml @@ -10,9 +10,9 @@ com.baeldung - parent-spring-5 + parent-boot-3 0.0.1-SNAPSHOT - ../../parent-spring-5 + ../../parent-boot-3 @@ -144,6 +144,12 @@ commons-fileupload ${commons-fileupload.version} + + jakarta.servlet + jakarta.servlet-api + ${jakarta.servlet.version} + provided + @@ -155,6 +161,13 @@ + + org.springframework.boot + spring-boot-maven-plugin + + true + + org.codehaus.cargo cargo-maven2-plugin @@ -237,6 +250,9 @@ 2.9.0 1.6.1 + 6.0.13 + 6.1.5 + 6.0.0 \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/errorhandling/CustomRestExceptionHandler.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/errorhandling/CustomRestExceptionHandler.java index 02bc0a2512..a98acd2f9a 100644 --- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/errorhandling/CustomRestExceptionHandler.java +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/errorhandling/CustomRestExceptionHandler.java @@ -9,8 +9,8 @@ import javax.validation.ConstraintViolationException; import org.springframework.beans.TypeMismatchException; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; +import org.springframework.http.HttpStatusCode; import org.springframework.http.ResponseEntity; -import org.springframework.validation.BindException; import org.springframework.validation.FieldError; import org.springframework.validation.ObjectError; import org.springframework.web.HttpMediaTypeNotSupportedException; @@ -31,7 +31,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler { // 400 @Override - protected ResponseEntity handleMethodArgumentNotValid(final MethodArgumentNotValidException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { + protected ResponseEntity handleMethodArgumentNotValid(final MethodArgumentNotValidException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) { logger.info(ex.getClass().getName()); // final List errors = new ArrayList(); @@ -46,22 +46,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler { } @Override - protected ResponseEntity handleBindException(final BindException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { - logger.info(ex.getClass().getName()); - // - final List errors = new ArrayList(); - for (final FieldError error : ex.getBindingResult().getFieldErrors()) { - errors.add(error.getField() + ": " + error.getDefaultMessage()); - } - for (final ObjectError error : ex.getBindingResult().getGlobalErrors()) { - errors.add(error.getObjectName() + ": " + error.getDefaultMessage()); - } - final ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, ex.getLocalizedMessage(), errors); - return handleExceptionInternal(ex, apiError, headers, apiError.getStatus(), request); - } - - @Override - protected ResponseEntity handleTypeMismatch(final TypeMismatchException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { + protected ResponseEntity handleTypeMismatch(TypeMismatchException ex, HttpHeaders headers, HttpStatusCode status, WebRequest request) { logger.info(ex.getClass().getName()); // final String error = ex.getValue() + " value for " + ex.getPropertyName() + " should be of type " + ex.getRequiredType(); @@ -71,7 +56,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler { } @Override - protected ResponseEntity handleMissingServletRequestPart(final MissingServletRequestPartException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { + protected ResponseEntity handleMissingServletRequestPart(final MissingServletRequestPartException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) { logger.info(ex.getClass().getName()); // final String error = ex.getRequestPartName() + " part is missing"; @@ -80,7 +65,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler { } @Override - protected ResponseEntity handleMissingServletRequestParameter(final MissingServletRequestParameterException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { + protected ResponseEntity handleMissingServletRequestParameter(final MissingServletRequestParameterException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) { logger.info(ex.getClass().getName()); // final String error = ex.getParameterName() + " parameter is missing"; @@ -116,7 +101,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler { // 404 @Override - protected ResponseEntity handleNoHandlerFoundException(final NoHandlerFoundException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { + protected ResponseEntity handleNoHandlerFoundException(final NoHandlerFoundException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) { logger.info(ex.getClass().getName()); // final String error = "No handler found for " + ex.getHttpMethod() + " " + ex.getRequestURL(); @@ -128,7 +113,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler { // 405 @Override - protected ResponseEntity handleHttpRequestMethodNotSupported(final HttpRequestMethodNotSupportedException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { + protected ResponseEntity handleHttpRequestMethodNotSupported(final HttpRequestMethodNotSupportedException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) { logger.info(ex.getClass().getName()); // final StringBuilder builder = new StringBuilder(); @@ -143,7 +128,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler { // 415 @Override - protected ResponseEntity handleHttpMediaTypeNotSupported(final HttpMediaTypeNotSupportedException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { + protected ResponseEntity handleHttpMediaTypeNotSupported(final HttpMediaTypeNotSupportedException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) { logger.info(ex.getClass().getName()); // final StringBuilder builder = new StringBuilder(); diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/SecurityJavaConfig.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/SecurityJavaConfig.java index 0a79151f89..71a755e24d 100644 --- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/SecurityJavaConfig.java +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/SecurityJavaConfig.java @@ -1,11 +1,13 @@ package com.baeldung.security; +import static org.springframework.security.config.Customizer.withDefaults; + import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.core.userdetails.User; @@ -23,7 +25,7 @@ import com.baeldung.web.error.CustomAccessDeniedHandler; @Configuration @EnableWebSecurity -@EnableGlobalMethodSecurity(prePostEnabled = true) +@EnableMethodSecurity(prePostEnabled = true) @ComponentScan("com.baeldung.security") public class SecurityJavaConfig { @@ -53,36 +55,17 @@ public class SecurityJavaConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.csrf() - .disable() - .authorizeRequests() - .and() - .exceptionHandling() - .accessDeniedHandler(accessDeniedHandler) - .authenticationEntryPoint(restAuthenticationEntryPoint) - .and() - .authorizeRequests() - .antMatchers("/api/csrfAttacker*") - .permitAll() - .antMatchers("/api/customer/**") - .permitAll() - .antMatchers("/api/foos/**") - .authenticated() - .antMatchers("/api/async/**") - .permitAll() - .antMatchers("/api/admin/**") - .hasRole("ADMIN") - .and() - .formLogin() - .successHandler(mySuccessHandler) - .failureHandler(myFailureHandler) - .and() - .httpBasic() - .and() - .logout(); + http.authorizeHttpRequests (authorizeRequests -> authorizeRequests.requestMatchers("/api/csrfAttacker*").permitAll() + .requestMatchers("/api/customer/**").permitAll() + .requestMatchers("/api/foos/**").authenticated() + .requestMatchers("/api/async/**").permitAll() + .requestMatchers("/api/admin/**").hasRole("ADMIN")) + .formLogin(formLogin -> formLogin.successHandler(mySuccessHandler).failureHandler(myFailureHandler)) + .httpBasic(withDefaults()) + .logout(logout -> logout.permitAll()); return http.build(); } - + @Bean public PasswordEncoder encoder() { return new BCryptPasswordEncoder(); diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/MySavedRequestAwareAuthenticationSuccessHandler.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/MySavedRequestAwareAuthenticationSuccessHandler.java index 2d74ed9dca..51120139d0 100644 --- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/MySavedRequestAwareAuthenticationSuccessHandler.java +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/MySavedRequestAwareAuthenticationSuccessHandler.java @@ -2,10 +2,6 @@ package com.baeldung.security.web; import java.io.IOException; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; import org.springframework.security.web.savedrequest.HttpSessionRequestCache; @@ -14,6 +10,10 @@ import org.springframework.security.web.savedrequest.SavedRequest; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + @Component public class MySavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/RestAuthenticationEntryPoint.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/RestAuthenticationEntryPoint.java index 162ee46727..bb157901c5 100644 --- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/RestAuthenticationEntryPoint.java +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/RestAuthenticationEntryPoint.java @@ -2,13 +2,13 @@ package com.baeldung.security.web; import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.stereotype.Component; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + /** * The Entry Point will not redirect to any sort of Login - it will return the 401 */ diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/CustomAccessDeniedHandler.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/CustomAccessDeniedHandler.java index 6c686cd9e9..1c5d025ee2 100644 --- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/CustomAccessDeniedHandler.java +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/CustomAccessDeniedHandler.java @@ -2,14 +2,15 @@ package com.baeldung.web.error; import java.io.IOException; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.web.access.AccessDeniedHandler; import org.springframework.stereotype.Component; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + @Component public class CustomAccessDeniedHandler implements AccessDeniedHandler { diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/RestResponseEntityExceptionHandler.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/RestResponseEntityExceptionHandler.java index 9e6ae78d27..8744c29858 100644 --- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/RestResponseEntityExceptionHandler.java +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/RestResponseEntityExceptionHandler.java @@ -32,19 +32,6 @@ public class RestResponseEntityExceptionHandler extends ResponseEntityExceptionH return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.BAD_REQUEST, request); } - @Override - protected ResponseEntity handleHttpMessageNotReadable(final HttpMessageNotReadableException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { - final String bodyOfResponse = "This should be application specific"; - // ex.getCause() instanceof JsonMappingException, JsonParseException // for additional information later on - return handleExceptionInternal(ex, bodyOfResponse, headers, HttpStatus.BAD_REQUEST, request); - } - - @Override - protected ResponseEntity handleMethodArgumentNotValid(final MethodArgumentNotValidException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) { - final String bodyOfResponse = "This should be application specific"; - return handleExceptionInternal(ex, bodyOfResponse, headers, HttpStatus.BAD_REQUEST, request); - } - // 403 @ExceptionHandler({ AccessDeniedException.class }) public ResponseEntity handleAccessDeniedException(final Exception ex, final WebRequest request) { diff --git a/spring-security-modules/spring-security-web-rest/src/test/java/com/baeldung/web/TestConfig.java b/spring-security-modules/spring-security-web-rest/src/test/java/com/baeldung/web/TestConfig.java index ddb7240611..3abf7c7840 100644 --- a/spring-security-modules/spring-security-web-rest/src/test/java/com/baeldung/web/TestConfig.java +++ b/spring-security-modules/spring-security-web-rest/src/test/java/com/baeldung/web/TestConfig.java @@ -4,7 +4,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; import org.springframework.web.multipart.MultipartResolver; -import org.springframework.web.multipart.commons.CommonsMultipartResolver; +import org.springframework.web.multipart.support.StandardServletMultipartResolver; @Configuration @ComponentScan({ "com.baeldung.web" }) @@ -12,7 +12,7 @@ public class TestConfig { @Bean public MultipartResolver multipartResolver() { - CommonsMultipartResolver multipartResolver = new CommonsMultipartResolver(); + StandardServletMultipartResolver multipartResolver = new StandardServletMultipartResolver(); return multipartResolver; }