BAEL-4019: Exploring Java Security frameworks
This commit is contained in:
@@ -0,0 +1,4 @@
|
||||
|
||||
/.idea/
|
||||
/target/
|
||||
/apache-shiro.iml
|
||||
@@ -0,0 +1,31 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>spring-security</artifactId>
|
||||
<name>spring-security</name>
|
||||
|
||||
<parent>
|
||||
<groupId>com.baeldung</groupId>
|
||||
<artifactId>java-security</artifactId>
|
||||
<version>1.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-freemarker</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
+12
@@ -0,0 +1,12 @@
|
||||
package com.baeldung.springsecurity;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
|
||||
@SpringBootApplication
|
||||
public class Application {
|
||||
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(Application.class, args);
|
||||
}
|
||||
}
|
||||
+45
@@ -0,0 +1,45 @@
|
||||
package com.baeldung.springsecurity.config;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests(authorize -> authorize.antMatchers("/index", "/login")
|
||||
.permitAll()
|
||||
.antMatchers("/home", "/logout")
|
||||
.authenticated()
|
||||
.antMatchers("/admin/**")
|
||||
.hasRole("ADMIN"))
|
||||
.formLogin(formLogin -> formLogin.loginPage("/login")
|
||||
.failureUrl("/login-error"));
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser("Jerry")
|
||||
.password(passwordEncoder().encode("password"))
|
||||
.authorities("READ", "WRITE")
|
||||
.roles("ADMIN")
|
||||
.and()
|
||||
.withUser("Tom")
|
||||
.password(passwordEncoder().encode("password"))
|
||||
.authorities("READ")
|
||||
.roles("USER");
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
}
|
||||
+79
@@ -0,0 +1,79 @@
|
||||
package com.baeldung.springsecurity.web;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
|
||||
@Controller
|
||||
public class SpringController {
|
||||
|
||||
@GetMapping("/")
|
||||
public String index() {
|
||||
return "index";
|
||||
}
|
||||
|
||||
@GetMapping("/login")
|
||||
public String showLoginPage() {
|
||||
return "login";
|
||||
}
|
||||
|
||||
@RequestMapping("/login-error")
|
||||
public String loginError(Model model) {
|
||||
model.addAttribute("error", "Invalid Credentials");
|
||||
return "login";
|
||||
}
|
||||
|
||||
@PostMapping("/login")
|
||||
public String doLogin(HttpServletRequest req) {
|
||||
return "redirect:/home";
|
||||
}
|
||||
|
||||
@GetMapping("/home")
|
||||
public String showHomePage(HttpServletRequest req, Model model) {
|
||||
addUserAttributes(model);
|
||||
return "home";
|
||||
}
|
||||
|
||||
@GetMapping("/admin")
|
||||
public String adminOnly(HttpServletRequest req, Model model) {
|
||||
addUserAttributes(model);
|
||||
model.addAttribute("adminContent", "only admin can view this");
|
||||
return "home";
|
||||
}
|
||||
|
||||
private void addUserAttributes(Model model) {
|
||||
Authentication auth = SecurityContextHolder.getContext()
|
||||
.getAuthentication();
|
||||
if (auth != null && !auth.getClass()
|
||||
.equals(AnonymousAuthenticationToken.class)) {
|
||||
User user = (User) auth.getPrincipal();
|
||||
model.addAttribute("username", user.getUsername());
|
||||
|
||||
Collection<GrantedAuthority> authorities = user.getAuthorities();
|
||||
|
||||
for (GrantedAuthority authority : authorities) {
|
||||
if (authority.getAuthority()
|
||||
.contains("USER")) {
|
||||
model.addAttribute("role", "USER");
|
||||
model.addAttribute("permissions", "READ");
|
||||
} else if (authority.getAuthority()
|
||||
.contains("ADMIN")) {
|
||||
model.addAttribute("role", "ADMIN");
|
||||
model.addAttribute("permissions", "READ WRITE");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,12 @@
|
||||
server:
|
||||
port: 8080
|
||||
|
||||
logging:
|
||||
level:
|
||||
root: WARN
|
||||
org.springframework.web: INFO
|
||||
org.springframework.security: INFO
|
||||
|
||||
spring:
|
||||
freemarker:
|
||||
suffix: .ftl
|
||||
@@ -0,0 +1,20 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Home Page</title>
|
||||
</head>
|
||||
<body style="margin-left: 30px;">
|
||||
<h1>Welcome ${username}!</h1>
|
||||
<p><strong>Role</strong>: ${role}</p>
|
||||
<p><strong>Permissions</strong></p>
|
||||
<p>${permissions}</p>
|
||||
<a href="/admin">Admin only</a>
|
||||
<#if adminContent??>
|
||||
${adminContent}
|
||||
</#if>
|
||||
<br>
|
||||
<form role="form" action="/logout" method="POST">
|
||||
<input type="Submit" value="Logout" />
|
||||
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,10 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Index</title>
|
||||
</head>
|
||||
<body>
|
||||
<h1>Welcome Guest!</h1>
|
||||
<br>
|
||||
Go to the <a href="/home">secured page
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,26 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Login</title>
|
||||
</head>
|
||||
<body style="margin-left: 30px;">
|
||||
<h3>Login</h3>
|
||||
<br>
|
||||
<form action="/login" method="post">
|
||||
<#if (error?length > 0)??>
|
||||
<p style="color:darkred;">${error}</p>
|
||||
<#else>
|
||||
</#if>
|
||||
|
||||
<label for="username">Username</label>
|
||||
<br>
|
||||
<input type="text" name="username">
|
||||
<br><br>
|
||||
<label for="password">Password</label>
|
||||
<br>
|
||||
<input type="password" name="password">
|
||||
<br><br>
|
||||
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
|
||||
<input type="submit" value="Submit">
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
+17
@@ -0,0 +1,17 @@
|
||||
package com.baeldung.springsecurity;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.ExtendWith;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.test.context.junit.jupiter.SpringExtension;
|
||||
|
||||
@ExtendWith(SpringExtension.class)
|
||||
@SpringBootTest(classes = { Application.class })
|
||||
public class SpringContextTest {
|
||||
|
||||
@Test
|
||||
public void whenSpringContextIsBootstrapped_thenNoExceptions() {
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user