diff --git a/jee-7-security/README.md b/jee-7-security/README.md new file mode 100644 index 0000000000..314de6d957 --- /dev/null +++ b/jee-7-security/README.md @@ -0,0 +1,2 @@ +### Relevant Articles: +- [Securing Java EE with Spring Security](http://www.baeldung.com/java-ee-spring-security) diff --git a/jee-7-security/pom.xml b/jee-7-security/pom.xml new file mode 100644 index 0000000000..622ca19903 --- /dev/null +++ b/jee-7-security/pom.xml @@ -0,0 +1,102 @@ + + + 4.0.0 + jee-7-security + 1.0-SNAPSHOT + war + jee-7-security + JavaEE 7 Spring Security Application + + + com.baeldung + parent-modules + 1.0.0-SNAPSHOT + + + + + javax + javaee-api + ${javaee_api.version} + provided + + + com.sun.faces + jsf-api + ${com.sun.faces.jsf.version} + + + com.sun.faces + jsf-impl + ${com.sun.faces.jsf.version} + + + javax.servlet + jstl + ${jstl.version} + + + javax.servlet + javax.servlet-api + ${javax.servlet-api.version} + + + javax.servlet.jsp + jsp-api + ${jsp-api.version} + provided + + + taglibs + standard + ${taglibs.standard.version} + + + + javax.mvc + javax.mvc-api + 1.0-pr + + + + org.springframework.security + spring-security-web + ${org.springframework.security.version} + + + + org.springframework.security + spring-security-config + ${org.springframework.security.version} + + + org.springframework.security + spring-security-taglibs + ${org.springframework.security.version} + + + + + + + org.apache.maven.plugins + maven-war-plugin + ${maven-war-plugin.version} + + src/main/webapp + false + + + + + + + 7.0 + 2.2.14 + 2.2 + 1.1.2 + 4.2.3.RELEASE + + + diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/SecurityWebApplicationInitializer.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/SecurityWebApplicationInitializer.java new file mode 100644 index 0000000000..e3e2ed80e6 --- /dev/null +++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/SecurityWebApplicationInitializer.java @@ -0,0 +1,10 @@ +package com.baeldung.springsecurity; + +import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer; + +public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer { + + public SecurityWebApplicationInitializer() { + super(SpringSecurityConfig.class); + } +} diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/SpringSecurityConfig.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/SpringSecurityConfig.java new file mode 100644 index 0000000000..70be1f91ce --- /dev/null +++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/SpringSecurityConfig.java @@ -0,0 +1,46 @@ +package com.baeldung.springsecurity; + +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +@Configuration +@EnableWebSecurity +public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth + .inMemoryAuthentication() + .withUser("user1") + .password("user1Pass") + .roles("USER") + .and() + .withUser("admin") + .password("adminPass") + .roles("ADMIN"); + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .csrf() + .disable() + .authorizeRequests() + .antMatchers("/auth/login*") + .anonymous() + .antMatchers("/home/admin*") + .hasRole("ADMIN") + .anyRequest() + .authenticated() + .and() + .formLogin() + .loginPage("/auth/login") + .defaultSuccessUrl("/home", true) + .failureUrl("/auth/login?error=true") + .and() + .logout() + .logoutSuccessUrl("/auth/login"); + } +} \ No newline at end of file diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/HomeController.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/HomeController.java new file mode 100644 index 0000000000..1662f38609 --- /dev/null +++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/HomeController.java @@ -0,0 +1,28 @@ +package com.baeldung.springsecurity.controller; + +import javax.mvc.annotation.Controller; +import javax.ws.rs.GET; +import javax.ws.rs.Path; + +@Path("/home") +@Controller +public class HomeController { + + @GET + public String home() { + return "home.jsp"; + } + + @GET + @Path("/user") + public String admin() { + return "user.jsp"; + } + + @GET + @Path("/admin") + public String user() { + return "admin.jsp"; + } + +} diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/LoginController.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/LoginController.java new file mode 100644 index 0000000000..a34abbfd2c --- /dev/null +++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/LoginController.java @@ -0,0 +1,16 @@ +package com.baeldung.springsecurity.controller; + +import javax.mvc.annotation.Controller; +import javax.ws.rs.GET; +import javax.ws.rs.Path; + +@Path("/login") +@Controller +public class LoginController { + + @GET + public String login() { + System.out.println("Login"); + return "login.jsp"; + } +} diff --git a/jee-7-security/src/main/resources/logback.xml b/jee-7-security/src/main/resources/logback.xml new file mode 100644 index 0000000000..c8c077ba1d --- /dev/null +++ b/jee-7-security/src/main/resources/logback.xml @@ -0,0 +1,13 @@ + + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/WEB-INF/beans.xml b/jee-7-security/src/main/webapp/WEB-INF/beans.xml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/jee-7-security/src/main/webapp/WEB-INF/faces-config.xml b/jee-7-security/src/main/webapp/WEB-INF/faces-config.xml new file mode 100644 index 0000000000..1f4085458f --- /dev/null +++ b/jee-7-security/src/main/webapp/WEB-INF/faces-config.xml @@ -0,0 +1,8 @@ + + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/WEB-INF/spring/security.xml b/jee-7-security/src/main/webapp/WEB-INF/spring/security.xml new file mode 100644 index 0000000000..777cd9461f --- /dev/null +++ b/jee-7-security/src/main/webapp/WEB-INF/spring/security.xml @@ -0,0 +1,23 @@ + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/admin.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/admin.jsp new file mode 100644 index 0000000000..b83ea09f5b --- /dev/null +++ b/jee-7-security/src/main/webapp/WEB-INF/views/admin.jsp @@ -0,0 +1,12 @@ +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> +<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %> + + + + +

Welcome to the ADMIN page

+ + ">Logout + + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/home.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/home.jsp new file mode 100644 index 0000000000..c6e129c9ce --- /dev/null +++ b/jee-7-security/src/main/webapp/WEB-INF/views/home.jsp @@ -0,0 +1,26 @@ +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> +<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %> + + + + +

This is the body of the sample view

+ + + This text is only visible to a user +

+ ">Restricted Admin Page +

+
+ + + This text is only visible to an admin +
+ ">Admin Page +
+
+ + ">Logout + + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/login.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/login.jsp new file mode 100644 index 0000000000..d6f2e56f3a --- /dev/null +++ b/jee-7-security/src/main/webapp/WEB-INF/views/login.jsp @@ -0,0 +1,26 @@ + + + + +

Login

+ +
+ + + + + + + + + + + + + +
User:
Password:
+ +
+ + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/user.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/user.jsp new file mode 100644 index 0000000000..11b8155da7 --- /dev/null +++ b/jee-7-security/src/main/webapp/WEB-INF/views/user.jsp @@ -0,0 +1,12 @@ +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> +<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %> + + + + +

Welcome to the Restricted Admin page

+ + ">Logout + + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/WEB-INF/web.xml b/jee-7-security/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 0000000000..e656ffc5be --- /dev/null +++ b/jee-7-security/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,71 @@ + + + + + Faces Servlet + javax.faces.webapp.FacesServlet + + + Faces Servlet + *.jsf + + + javax.faces.PROJECT_STAGE + Development + + + State saving method: 'client' or 'server' (default). See JSF Specification section 2.5.2 + javax.faces.STATE_SAVING_METHOD + client + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + index.jsf + welcome.jsf + index.html + index.jsp + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/index.jsp b/jee-7-security/src/main/webapp/index.jsp new file mode 100644 index 0000000000..93fef9713d --- /dev/null +++ b/jee-7-security/src/main/webapp/index.jsp @@ -0,0 +1,11 @@ +<%@ page contentType="text/html;charset=UTF-8" language="java" %> + + + Index Page + + + Non-secured Index Page +
+ Login + + \ No newline at end of file diff --git a/jee-7-security/src/main/webapp/secure.jsp b/jee-7-security/src/main/webapp/secure.jsp new file mode 100644 index 0000000000..0cadd2cd4f --- /dev/null +++ b/jee-7-security/src/main/webapp/secure.jsp @@ -0,0 +1,24 @@ +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8"%> +<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> +<%@ taglib uri="http://www.springframework.org/security/tags" prefix="sec" %> + + + + + Home Page + + +

Home Page

+ +

+ Hello
+ Roles: +

+ +
+ + +
+ + \ No newline at end of file diff --git a/pom.xml b/pom.xml index ef34881cef..741391e09c 100644 --- a/pom.xml +++ b/pom.xml @@ -399,6 +399,7 @@ javafx jgroups jee-7 + jee-7-security jhipster jjwt jsf @@ -1303,6 +1304,7 @@ javafx jgroups jee-7 + jee-7-security jjwt jsf json-path