[BAEL-1410] Spring Boot Security auto-configuration (#3329)

* [BAEL-1410] Spring Boot Security Auto-Configuration * [BAEL-1410] Added some tests for incorrect credentials use case * [BAEL-1410] Added readme and some code improvements
2017-12-31 17:04:37 +02:00
parent 62e53959ef
commit 8de8770eec
10 changed files with 349 additions and 1 deletions
@@ -0,0 +1,16 @@
+package com.baeldung.springbootsecurity;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
+
+@SpringBootApplication(exclude = {
+  SecurityAutoConfiguration.class
+  //    ,ManagementWebSecurityAutoConfiguration.class
+})
+public class SpringBootSecurityApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(SpringBootSecurityApplication.class, args);
+    }
+}
@@ -0,0 +1,37 @@
+package com.baeldung.springbootsecurity.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@Profile("basic")
+public class BasicConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth
+          .inMemoryAuthentication()
+          .withUser("user")
+          .password("password")
+          .roles("USER")
+          .and()
+          .withUser("admin")
+          .password("admin")
+          .roles("USER", "ADMIN");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+          .authorizeRequests()
+          .anyRequest()
+          .authenticated()
+          .and()
+          .httpBasic();
+    }
+}
@@ -0,0 +1,39 @@
+package com.baeldung.springbootsecurity.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@Profile("form")
+public class FormLoginConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth
+          .inMemoryAuthentication()
+          .withUser("user")
+          .password("password")
+          .roles("USER")
+          .and()
+          .withUser("admin")
+          .password("password")
+          .roles("USER", "ADMIN");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+          .authorizeRequests()
+          .anyRequest()
+          .authenticated()
+          .and()
+          .formLogin()
+          .and()
+          .httpBasic();
+    }
+}
@@ -0,0 +1,4 @@
+#spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
+#spring.profiles.active=form
+#spring.profiles.active=basic
+#security.user.password=password
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Index</title>
+</head>
+<body>
+Welcome to Baeldung Secured Page !!!
+</body>
+</html>