JAVA-12754: Moved 2 articles to spring-security-web-rest-basic-auth
This commit is contained in:
+14
@@ -0,0 +1,14 @@
|
||||
package com.baeldung.inmemory;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
|
||||
@SpringBootApplication
|
||||
public class InMemoryAuthApplication {
|
||||
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(InMemoryAuthApplication.class, args);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
+21
@@ -0,0 +1,21 @@
|
||||
package com.baeldung.inmemory;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@RestController
|
||||
public class InMemoryAuthController {
|
||||
|
||||
@GetMapping("/public/hello")
|
||||
public List<String> publicHello() {
|
||||
return Arrays.asList("Hello", "World", "from", "Public");
|
||||
}
|
||||
|
||||
@GetMapping("/private/hello")
|
||||
public List<String> privateHello() {
|
||||
return Arrays.asList("Hello", "World", "from", "Private");
|
||||
}
|
||||
|
||||
}
|
||||
+34
@@ -0,0 +1,34 @@
|
||||
package com.baeldung.inmemory;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
@Configuration
|
||||
public class InMemoryAuthWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
||||
auth.inMemoryAuthentication()
|
||||
.passwordEncoder(encoder)
|
||||
.withUser("spring")
|
||||
.password(encoder.encode("secret"))
|
||||
.roles("USER");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/private/**")
|
||||
.authenticated()
|
||||
.antMatchers("/public/**")
|
||||
.permitAll()
|
||||
.and()
|
||||
.httpBasic();
|
||||
}
|
||||
|
||||
}
|
||||
+29
@@ -0,0 +1,29 @@
|
||||
package com.baeldung.inmemory;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
//@Configuration
|
||||
public class InMemoryNoOpAuthWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser("spring")
|
||||
.password("{noop}secret")
|
||||
.roles("USER");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/private/**")
|
||||
.authenticated()
|
||||
.antMatchers("/public/**")
|
||||
.permitAll()
|
||||
.and()
|
||||
.httpBasic();
|
||||
}
|
||||
}
|
||||
+35
@@ -0,0 +1,35 @@
|
||||
package com.baeldung.passwordstorage;
|
||||
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.context.ApplicationListener;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
@Configuration
|
||||
public class BaeldungPasswordEncoderSetup {
|
||||
|
||||
private final static Logger LOG = LoggerFactory.getLogger(BaeldungPasswordEncoderSetup.class);
|
||||
|
||||
@Bean
|
||||
public ApplicationListener<AuthenticationSuccessEvent> authenticationSuccessListener(final PasswordEncoder encoder) {
|
||||
|
||||
return (AuthenticationSuccessEvent event) -> {
|
||||
final Authentication auth = event.getAuthentication();
|
||||
|
||||
if (auth instanceof UsernamePasswordAuthenticationToken && auth.getCredentials() != null) {
|
||||
|
||||
final CharSequence clearTextPass = (CharSequence) auth.getCredentials(); // 1
|
||||
final String newPasswordHash = encoder.encode(clearTextPass); // 2
|
||||
|
||||
LOG.info("New password hash {} for user {}", newPasswordHash, auth.getName());
|
||||
|
||||
((UsernamePasswordAuthenticationToken) auth).eraseCredentials(); // 3
|
||||
}
|
||||
};
|
||||
}
|
||||
}
|
||||
+13
@@ -0,0 +1,13 @@
|
||||
package com.baeldung.passwordstorage;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
|
||||
@SpringBootApplication
|
||||
public class PasswordStorageApplication {
|
||||
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(PasswordStorageApplication.class, args);
|
||||
}
|
||||
|
||||
}
|
||||
+55
@@ -0,0 +1,55 @@
|
||||
package com.baeldung.passwordstorage;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.crypto.password.StandardPasswordEncoder;
|
||||
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@Configuration
|
||||
public class PasswordStorageWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.eraseCredentials(false) // 4
|
||||
.userDetailsService(getUserDefaultDetailsService())
|
||||
.passwordEncoder(passwordEncoder());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public UserDetailsService getUserDefaultDetailsService() {
|
||||
return new InMemoryUserDetailsManager(User
|
||||
.withUsername("baeldung")
|
||||
.password("{noop}SpringSecurity5")
|
||||
.authorities(Collections.emptyList())
|
||||
.build());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
// set up the list of supported encoders and their prefixes
|
||||
PasswordEncoder defaultEncoder = new StandardPasswordEncoder();
|
||||
Map<String, PasswordEncoder> encoders = new HashMap<>();
|
||||
encoders.put("bcrypt", new BCryptPasswordEncoder());
|
||||
encoders.put("scrypt", new SCryptPasswordEncoder());
|
||||
encoders.put("noop", NoOpPasswordEncoder.getInstance());
|
||||
|
||||
DelegatingPasswordEncoder passwordEncoder = new DelegatingPasswordEncoder("bcrypt", encoders);
|
||||
passwordEncoder.setDefaultPasswordEncoderForMatches(defaultEncoder);
|
||||
|
||||
return passwordEncoder;
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user