BAEL-1311: Spring Security 5 - Security for Reactive Applications (#3056)

spring-5/src/main/java/com/baeldung/SpringSecurity5Application.java

@@ -0,0 +1,34 @@
+package com.baeldung;
+
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.annotation.AnnotationConfigApplicationContext;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.http.server.reactive.HttpHandler;
+import org.springframework.http.server.reactive.ReactorHttpHandlerAdapter;
+import org.springframework.web.reactive.config.EnableWebFlux;
+import org.springframework.web.server.adapter.WebHttpHandlerBuilder;
+import reactor.ipc.netty.NettyContext;
+import reactor.ipc.netty.http.server.HttpServer;
+
+@ComponentScan(basePackages = {"com.baeldung.security"})
+@EnableWebFlux
+public class SpringSecurity5Application {
+
+    public static void main(String[] args) {
+        try (AnnotationConfigApplicationContext context =
+                     new AnnotationConfigApplicationContext(SpringSecurity5Application.class)) {
+            context.getBean(NettyContext.class).onClose().block();
+        }
+    }
+
+    @Bean
+    public NettyContext nettyContext(ApplicationContext context) {
+        HttpHandler handler = WebHttpHandlerBuilder.applicationContext(context)
+                .build();
+        ReactorHttpHandlerAdapter adapter = new ReactorHttpHandlerAdapter(handler);
+        HttpServer httpServer = HttpServer.create("localhost", 8080);
+        return httpServer.newHandler(adapter).block();
+    }
+
+}

spring-5/src/main/java/com/baeldung/security/GreetController.java

@@ -0,0 +1,37 @@
+package com.baeldung.security;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+import reactor.core.publisher.Mono;
+
+import java.security.Principal;
+
+@RestController
+public class GreetController {
+
+    private GreetService greetService;
+
+    public GreetController(GreetService greetService) {
+        this.greetService = greetService;
+    }
+
+    @GetMapping("/")
+    public Mono<String> greet(Mono<Principal> principal) {
+        return principal
+                .map(Principal::getName)
+                .map(name -> String.format("Hello, %s", name));
+    }
+
+    @GetMapping("/admin")
+    public Mono<String> greetAdmin(Mono<Principal> principal) {
+        return principal
+                .map(Principal::getName)
+                .map(name -> String.format("Admin access: %s", name));
+    }
+
+    @GetMapping("/greetService")
+    public Mono<String> greetService() {
+        return greetService.greet();
+    }
+
+}

spring-5/src/main/java/com/baeldung/security/GreetService.java

@@ -0,0 +1,15 @@
+package com.baeldung.security;
+
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Service;
+import reactor.core.publisher.Mono;
+
+@Service
+public class GreetService {
+
+    @PreAuthorize("hasRole('ADMIN')")
+    public Mono<String> greet() {
+        return Mono.just("Hello from service!");
+    }
+
+}

spring-5/src/main/java/com/baeldung/security/SecurityConfig.java

@@ -0,0 +1,42 @@
+package com.baeldung.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
+import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.web.server.SecurityWebFilterChain;
+
+@EnableWebFluxSecurity
+@EnableReactiveMethodSecurity
+public class SecurityConfig {
+
+    @Bean
+    public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
+        return http.authorizeExchange()
+                .pathMatchers("/admin").hasAuthority("ROLE_ADMIN")
+                .anyExchange().authenticated()
+                .and().formLogin()
+                .and().build();
+    }
+
+    @Bean
+    public MapReactiveUserDetailsService userDetailsService() {
+        UserDetails user = User.withDefaultPasswordEncoder()
+                .username("user")
+                .password("password")
+                .roles("USER")
+                .build();
+
+        UserDetails admin = User.withDefaultPasswordEncoder()
+                .username("admin")
+                .password("password")
+                .roles("ADMIN")
+                .build();
+
+        return new MapReactiveUserDetailsService(user, admin);
+    }
+
+}