From 8f590967c9305375eb10b3248a6438950df2e85e Mon Sep 17 00:00:00 2001 From: DOHA Date: Sun, 22 Jan 2017 16:23:07 +0200 Subject: [PATCH] add security configuration --- .../spring-cloud-rest-client/pom.xml | 46 +++++++++--- .../main/java/org/baeldung/SessionConfig.java | 8 ++ .../src/main/resources/application.properties | 14 +++- .../java/org/baeldung/RestApiLiveTest.java | 12 ++- .../java/org/baeldung/SessionLiveTest.java | 75 +++++++++++++++++++ .../src/test/resources/application.properties | 14 +++- .../spring-cloud-rest-server/pom.xml | 24 +++++- .../main/java/org/baeldung/SessionConfig.java | 8 ++ .../src/main/resources/application.properties | 11 ++- 9 files changed, 192 insertions(+), 20 deletions(-) create mode 100644 spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/java/org/baeldung/SessionConfig.java create mode 100644 spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/SessionLiveTest.java create mode 100644 spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/java/org/baeldung/SessionConfig.java diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/pom.xml b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/pom.xml index b6060282d2..21c19be834 100644 --- a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/pom.xml +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/pom.xml @@ -15,7 +15,7 @@ org.springframework.boot spring-boot-starter-parent 1.4.3.RELEASE - + @@ -27,25 +27,37 @@ - org.springframework.cloud - spring-cloud-starter-eureka + org.springframework.cloud + spring-cloud-starter-eureka org.springframework.boot spring-boot-starter-data-jpa - com.h2database - h2 + com.h2database + h2 org.springframework.boot spring-boot-starter-web - org.springframework.boot - spring-boot-starter-data-rest - + org.springframework.boot + spring-boot-starter-data-rest + + + org.springframework.boot + spring-boot-starter-security + + + org.springframework.session + spring-session + + + org.springframework.boot + spring-boot-starter-data-redis + org.springframework.boot @@ -53,11 +65,11 @@ test - io.rest-assured - rest-assured - ${rest-assured.version} + io.rest-assured + rest-assured + ${rest-assured.version} - + @@ -78,6 +90,16 @@ org.springframework.boot spring-boot-maven-plugin + + org.apache.maven.plugins + maven-surefire-plugin + + + **/*IntegrationTest.java + **/*LiveTest.java + + + diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/java/org/baeldung/SessionConfig.java b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/java/org/baeldung/SessionConfig.java new file mode 100644 index 0000000000..bd1c0013ca --- /dev/null +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/java/org/baeldung/SessionConfig.java @@ -0,0 +1,8 @@ +package org.baeldung; + +import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession; +import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer; + +@EnableRedisHttpSession +public class SessionConfig extends AbstractHttpSessionApplicationInitializer { +} diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/resources/application.properties b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/resources/application.properties index 45100d4788..65fcb7b71e 100644 --- a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/resources/application.properties +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/main/resources/application.properties @@ -1,9 +1,19 @@ +#### cloud spring.application.name=spring-cloud-eureka-client server.port=0 -eureka.client.serviceUrl.defaultZone=${EUREKA_URI:http://localhost:8761/eureka} +eureka.client.serviceUrl.defaultZone=${EUREKA_URI:http://system:systemPass@localhost:8761/eureka} eureka.instance.preferIpAddress=true +#### persistence spring.datasource.driver-class-name=org.h2.Driver spring.datasource.url=jdbc:h2:mem:cloud_rest;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE spring.datasource.username=sa -spring.datasource.password= \ No newline at end of file +spring.datasource.password= + +#### security +security.basic.enabled=true +security.basic.path=/** +security.user.name=user +security.user.password=userPass +security.user.role=USER +security.sessions=always \ No newline at end of file diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/RestApiLiveTest.java b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/RestApiLiveTest.java index 450df4ccf7..4ff54e44d2 100644 --- a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/RestApiLiveTest.java +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/RestApiLiveTest.java @@ -1,5 +1,6 @@ package org.baeldung; +import static io.restassured.RestAssured.preemptive; import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic; import static org.apache.commons.lang3.RandomStringUtils.randomNumeric; import static org.junit.Assert.assertEquals; @@ -8,6 +9,7 @@ import io.restassured.RestAssured; import io.restassured.response.Response; import org.baeldung.persistence.model.Book; +import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.boot.test.context.SpringBootTest; @@ -22,6 +24,11 @@ public class RestApiLiveTest { private static final String API_URI = "http://localhost:8084/books"; + @Before + public void setUp() { + RestAssured.authentication = preemptive().basic("user", "userPass"); + } + // GET @Test @@ -148,14 +155,14 @@ public class RestApiLiveTest { // =============================== Util - public Book createRandomBook() { + private Book createRandomBook() { final Book book = new Book(); book.setTitle(randomAlphabetic(10)); book.setAuthor(randomAlphabetic(15)); return book; } - public String createBookAsUri(Book book) { + private String createBookAsUri(Book book) { final Response response = RestAssured.given() .contentType(MediaType.APPLICATION_JSON_VALUE) .body(book) @@ -163,4 +170,5 @@ public class RestApiLiveTest { return response.jsonPath() .get("_links.self.href"); } + } diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/SessionLiveTest.java b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/SessionLiveTest.java new file mode 100644 index 0000000000..a3ca722107 --- /dev/null +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/java/org/baeldung/SessionLiveTest.java @@ -0,0 +1,75 @@ +package org.baeldung; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; +import io.restassured.RestAssured; +import io.restassured.response.Response; + +import java.util.Set; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.test.context.SpringBootTest.WebEnvironment; +import org.springframework.http.HttpStatus; +import org.springframework.test.context.junit4.SpringRunner; + +import redis.clients.jedis.Jedis; + +@RunWith(SpringRunner.class) +@SpringBootTest(classes = { SpringCloudRestClientApplication.class, SessionConfig.class }, webEnvironment = WebEnvironment.DEFINED_PORT) +public class SessionLiveTest { + + private Jedis jedis; + private static final String API_URI = "http://localhost:8084/books"; + + @Before + public void setUp() { + jedis = new Jedis("localhost", 6379); + jedis.flushAll(); + } + + @Test + public void whenStart_thenNoSessionsExist() { + final Set result = jedis.keys("*"); + assertEquals(0, result.size()); + } + + @Test + public void givenUnauthorizeUser_whenAccessResources_then_unAuthorized() { + final Response response = RestAssured.get(API_URI); + assertEquals(HttpStatus.UNAUTHORIZED.value(), response.getStatusCode()); + } + + @Test + public void givenAuthorizedUser_whenDeleteSession_thenUnauthorized() { + // authorize User + Response response = RestAssured.given() + .auth() + .preemptive() + .basic("user", "userPass") + .get(API_URI); + assertEquals(HttpStatus.OK.value(), response.getStatusCode()); + final String sessionCookie = response.getCookie("SESSION"); + + // check redis + final Set redisResult = jedis.keys("*"); + assertTrue(redisResult.size() > 0); + + // login with cookie + response = RestAssured.given() + .cookie("SESSION", sessionCookie) + .get(API_URI); + assertEquals(HttpStatus.OK.value(), response.getStatusCode()); + + // empty redis + jedis.flushAll(); + + // login with cookie again + response = RestAssured.given() + .cookie("SESSION", sessionCookie) + .get(API_URI); + assertEquals(HttpStatus.UNAUTHORIZED.value(), response.getStatusCode()); + } +} diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/resources/application.properties b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/resources/application.properties index c68aa7dc55..ece9ca1d94 100644 --- a/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/resources/application.properties +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-client/src/test/resources/application.properties @@ -1,9 +1,19 @@ +#### cloud spring.application.name=spring-cloud-eureka-client server.port=8084 -eureka.client.serviceUrl.defaultZone=${EUREKA_URI:http://localhost:8761/eureka} +eureka.client.serviceUrl.defaultZone=${EUREKA_URI:http://system:systemPass@localhost:8761/eureka} eureka.instance.preferIpAddress=true +#### persistence spring.datasource.driver-class-name=org.h2.Driver spring.datasource.url=jdbc:h2:mem:cloud_rest;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE spring.datasource.username=sa -spring.datasource.password= \ No newline at end of file +spring.datasource.password= + +#### security +security.basic.enabled=true +security.basic.path=/** +security.user.name=user +security.user.password=userPass +security.user.role=USER +security.sessions=always \ No newline at end of file diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/pom.xml b/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/pom.xml index e513b2d0c4..be67799fee 100644 --- a/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/pom.xml +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/pom.xml @@ -30,7 +30,19 @@ org.springframework.cloud spring-cloud-starter-eureka-server - + + org.springframework.boot + spring-boot-starter-security + + + org.springframework.session + spring-session + + + org.springframework.boot + spring-boot-starter-data-redis + + org.springframework.boot spring-boot-starter-test @@ -56,6 +68,16 @@ org.springframework.boot spring-boot-maven-plugin + + org.apache.maven.plugins + maven-surefire-plugin + + + **/*IntegrationTest.java + **/*LiveTest.java + + + diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/java/org/baeldung/SessionConfig.java b/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/java/org/baeldung/SessionConfig.java new file mode 100644 index 0000000000..bd1c0013ca --- /dev/null +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/java/org/baeldung/SessionConfig.java @@ -0,0 +1,8 @@ +package org.baeldung; + +import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession; +import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer; + +@EnableRedisHttpSession +public class SessionConfig extends AbstractHttpSessionApplicationInitializer { +} diff --git a/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/resources/application.properties b/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/resources/application.properties index 2c7dfa193e..3fd35c1f19 100644 --- a/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/resources/application.properties +++ b/spring-cloud/spring-cloud-rest/spring-cloud-rest-server/src/main/resources/application.properties @@ -1,3 +1,12 @@ +#### cloud server.port=8761 eureka.client.registerWithEureka=false -eureka.client.fetchRegistry=false \ No newline at end of file +eureka.client.fetchRegistry=false + +#### security +security.basic.enabled=true +security.basic.path=/** +security.user.name=system +security.user.password=systemPass +security.user.role=ADMIN +security.sessions=always \ No newline at end of file