diff --git a/spring-session/jetty-session-demo/pom.xml b/spring-session/jetty-session-demo/pom.xml
deleted file mode 100644
index 19f0577d2e..0000000000
--- a/spring-session/jetty-session-demo/pom.xml
+++ /dev/null
@@ -1,76 +0,0 @@
-
-
- 4.0.0
-
- com.baeldung
- jetty-session-demo
- 1.0.0-SNAPSHOT
-
-
- org.springframework.boot
- spring-boot-starter-parent
- 1.4.0.RELEASE
-
-
-
-
-
- org.springframework.boot
- spring-boot-starter-jetty
-
-
-
- org.springframework.boot
- spring-boot-starter-data-redis
-
-
- org.springframework.boot
- spring-boot-starter-security
-
-
- org.springframework.session
- spring-session
-
-
- org.springframework.boot
- spring-boot-starter-web
-
-
- org.springframework.boot
- spring-boot-starter-test
- test
-
-
-
-
-
-
- org.springframework.cloud
- spring-cloud-dependencies
- Brixton.RELEASE
- pom
- import
-
-
-
-
-
-
-
- org.springframework.boot
- spring-boot-maven-plugin
-
-
- org.apache.maven.plugins
- maven-compiler-plugin
- 3.3
-
- 1.8
- 1.8
-
-
-
-
-
\ No newline at end of file
diff --git a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/JettyController.java b/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/JettyController.java
deleted file mode 100644
index 308b0a8d51..0000000000
--- a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/JettyController.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package com.baeldung.spring.session.jettyex;
-
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-@RestController
-public class JettyController {
- @RequestMapping
- public String helloJetty() {
- return "hello Jetty";
- }
-}
\ No newline at end of file
diff --git a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/SecurityConfig.java b/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/SecurityConfig.java
deleted file mode 100644
index 5ce8f9a042..0000000000
--- a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/SecurityConfig.java
+++ /dev/null
@@ -1,19 +0,0 @@
-package com.baeldung.spring.session.jettyex;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.http.SessionCreationPolicy;
-
-@Configuration
-@EnableWebSecurity
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER).and()
- .authorizeRequests().anyRequest().hasRole("ADMIN");
- }
-}
diff --git a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/SessionConfig.java b/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/SessionConfig.java
deleted file mode 100644
index 735ae7fb43..0000000000
--- a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/SessionConfig.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package com.baeldung.spring.session.jettyex;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
-import org.springframework.session.web.http.HeaderHttpSessionStrategy;
-import org.springframework.session.web.http.HttpSessionStrategy;
-
-@Configuration
-@EnableRedisHttpSession
-public class SessionConfig extends AbstractHttpSessionApplicationInitializer {
- @Bean
- public HttpSessionStrategy httpSessionStrategy() {
- return new HeaderHttpSessionStrategy();
- }
-}
diff --git a/spring-session/jetty-session-demo/src/main/resources/application.properties b/spring-session/jetty-session-demo/src/main/resources/application.properties
deleted file mode 100644
index 7f81672eda..0000000000
--- a/spring-session/jetty-session-demo/src/main/resources/application.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-server.port=8081
-spring.redis.host=localhost
-spring.redis.port=6379
\ No newline at end of file
diff --git a/spring-session/pom.xml b/spring-session/pom.xml
index fec6a46af2..cf6fc71be2 100644
--- a/spring-session/pom.xml
+++ b/spring-session/pom.xml
@@ -4,19 +4,68 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
4.0.0
-
-
- com.baeldung
- parent-modules
- 1.0.0-SNAPSHOT
-
-
spring-session
1.0.0-SNAPSHOT
pom
-
- jetty-session-demo
- tomcat-session-demo
-
+
+ org.springframework.boot
+ spring-boot-starter-parent
+ 1.4.0.RELEASE
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-data-redis
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+ org.springframework.session
+ spring-session
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+ org.springframework.boot
+ spring-boot-starter-test
+ test
+
+
+
+
+
+
+ org.springframework.cloud
+ spring-cloud-dependencies
+ Brixton.RELEASE
+ pom
+ import
+
+
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+
+ org.apache.maven.plugins
+ maven-compiler-plugin
+ 3.3
+
+ 1.8
+ 1.8
+
+
+
+
\ No newline at end of file
diff --git a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/SecurityConfig.java b/spring-session/src/main/java/com/baeldung/spring/session/SecurityConfig.java
similarity index 90%
rename from spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/SecurityConfig.java
rename to spring-session/src/main/java/com/baeldung/spring/session/SecurityConfig.java
index 0f467dd104..beaa4da0fe 100644
--- a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/SecurityConfig.java
+++ b/spring-session/src/main/java/com/baeldung/spring/session/SecurityConfig.java
@@ -1,4 +1,4 @@
-package com.baeldung.spring.session.tomcatex;
+package com.baeldung.spring.session;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
@@ -23,7 +23,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
http
.httpBasic().and()
.authorizeRequests()
- .antMatchers("/tomcat/admin").hasRole("ADMIN")
+ .antMatchers("/").hasRole("ADMIN")
.anyRequest().authenticated();
}
}
diff --git a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/SessionConfig.java b/spring-session/src/main/java/com/baeldung/spring/session/SessionConfig.java
similarity index 88%
rename from spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/SessionConfig.java
rename to spring-session/src/main/java/com/baeldung/spring/session/SessionConfig.java
index 5afac6cb6b..5a9bc9ff28 100644
--- a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/SessionConfig.java
+++ b/spring-session/src/main/java/com/baeldung/spring/session/SessionConfig.java
@@ -1,4 +1,4 @@
-package com.baeldung.spring.session.tomcatex;
+package com.baeldung.spring.session;
import org.springframework.context.annotation.Configuration;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
diff --git a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/TomcatController.java b/spring-session/src/main/java/com/baeldung/spring/session/SessionController.java
similarity index 55%
rename from spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/TomcatController.java
rename to spring-session/src/main/java/com/baeldung/spring/session/SessionController.java
index a241158294..224196d8a0 100644
--- a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/TomcatController.java
+++ b/spring-session/src/main/java/com/baeldung/spring/session/SessionController.java
@@ -1,12 +1,12 @@
-package com.baeldung.spring.session.tomcatex;
+package com.baeldung.spring.session;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
-public class TomcatController {
- @RequestMapping("/tomcat/admin")
+public class SessionController {
+ @RequestMapping("/")
public String helloTomcatAdmin() {
- return "hello tomcat admin";
+ return "hello admin";
}
}
diff --git a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/JettyWebApplication.java b/spring-session/src/main/java/com/baeldung/spring/session/SessionWebApplication.java
similarity index 57%
rename from spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/JettyWebApplication.java
rename to spring-session/src/main/java/com/baeldung/spring/session/SessionWebApplication.java
index ebb2a8e188..3c605be3a6 100644
--- a/spring-session/jetty-session-demo/src/main/java/com/baeldung/spring/session/jettyex/JettyWebApplication.java
+++ b/spring-session/src/main/java/com/baeldung/spring/session/SessionWebApplication.java
@@ -1,11 +1,11 @@
-package com.baeldung.spring.session.jettyex;
+package com.baeldung.spring.session;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
-public class JettyWebApplication {
+public class SessionWebApplication {
public static void main(String[] args) {
- SpringApplication.run(JettyWebApplication.class, args);
+ SpringApplication.run(SessionWebApplication.class, args);
}
}
diff --git a/spring-session/tomcat-session-demo/src/main/resources/application.properties b/spring-session/src/main/resources/application.properties
similarity index 100%
rename from spring-session/tomcat-session-demo/src/main/resources/application.properties
rename to spring-session/src/main/resources/application.properties
diff --git a/spring-session/src/test/java/com/baeldung/spring/session/SessionControllerTest.java b/spring-session/src/test/java/com/baeldung/spring/session/SessionControllerTest.java
new file mode 100644
index 0000000000..5775710410
--- /dev/null
+++ b/spring-session/src/test/java/com/baeldung/spring/session/SessionControllerTest.java
@@ -0,0 +1,87 @@
+package com.baeldung.spring.session;
+
+import org.apache.tomcat.util.codec.binary.Base64;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.web.client.TestRestTemplate;
+import org.springframework.data.redis.connection.RedisConnection;
+import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
+import org.springframework.http.*;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import java.util.Set;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+public class SessionControllerTest {
+
+ @Autowired
+ private TestRestTemplate restTemplate;
+ @Autowired
+ private JedisConnectionFactory jedisConnectionFactory;
+
+ private RedisConnection connection;
+
+ @Before
+ public void clearRedisData() {
+ connection = jedisConnectionFactory.getConnection();
+ connection.flushAll();
+ }
+
+ @Test
+ public void testRedisIsEmpty() {
+ Set result = connection.keys("*".getBytes());
+ assertEquals(0, result.size());
+ }
+
+ @Test
+ public void testUnauthenticatedCantAccess() {
+ ResponseEntity result = restTemplate.getForEntity("/", String.class);
+ assertEquals(HttpStatus.UNAUTHORIZED, result.getStatusCode());
+ }
+
+ @Test
+ public void testRedisControlsSession() {
+ ResponseEntity result = restTemplate.exchange("/", HttpMethod.GET, makeAuthRequest(), String.class);
+ assertEquals("hello admin", result.getBody()); //login worked
+
+ Set redisResult = connection.keys("*".getBytes());
+ assertTrue(redisResult.size() > 0); //redis is populated with session data
+
+ String sessionCookie = result.getHeaders().get("Set-Cookie").get(0).split(";")[0];
+ result = restTemplate.exchange("/", HttpMethod.GET, makeRequestWithCookie(sessionCookie), String.class);
+ assertEquals("hello admin", result.getBody()); //access with session works worked
+
+ connection.flushAll(); //clear all keys in redis
+
+ result = restTemplate.exchange("/", HttpMethod.GET, makeRequestWithCookie(sessionCookie), String.class);
+ assertEquals(HttpStatus.UNAUTHORIZED, result.getStatusCode());//access denied after sessions are removed in redis
+
+ }
+
+ private HttpEntity makeRequestWithCookie(String sessionCookie) {
+ HttpHeaders headers = new HttpHeaders();
+ headers.add("Cookie", sessionCookie);
+
+ return new HttpEntity<>(headers);
+ }
+
+ private HttpEntity makeAuthRequest() {
+ String plainCreds = "admin:password";
+ byte[] plainCredsBytes = plainCreds.getBytes();
+ byte[] base64CredsBytes = Base64.encodeBase64(plainCredsBytes);
+ String base64Creds = new String(base64CredsBytes);
+
+ HttpHeaders headers = new HttpHeaders();
+ headers.add("Authorization", "Basic " + base64Creds);
+
+ return new HttpEntity<>(headers);
+ }
+
+}
\ No newline at end of file
diff --git a/spring-session/tomcat-session-demo/pom.xml b/spring-session/tomcat-session-demo/pom.xml
deleted file mode 100644
index 0a101e73a6..0000000000
--- a/spring-session/tomcat-session-demo/pom.xml
+++ /dev/null
@@ -1,71 +0,0 @@
-
-
- 4.0.0
-
- com.baeldung
- tomcat-session-demo
- 1.0.0-SNAPSHOT
-
-
- org.springframework.boot
- spring-boot-starter-parent
- 1.4.0.RELEASE
-
-
-
-
-
- org.springframework.boot
- spring-boot-starter-data-redis
-
-
- org.springframework.boot
- spring-boot-starter-security
-
-
- org.springframework.session
- spring-session
-
-
- org.springframework.boot
- spring-boot-starter-web
-
-
- org.springframework.boot
- spring-boot-starter-test
- test
-
-
-
-
-
-
- org.springframework.cloud
- spring-cloud-dependencies
- Brixton.RELEASE
- pom
- import
-
-
-
-
-
-
-
- org.springframework.boot
- spring-boot-maven-plugin
-
-
- org.apache.maven.plugins
- maven-compiler-plugin
- 3.3
-
- 1.8
- 1.8
-
-
-
-
-
\ No newline at end of file
diff --git a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/TomcatWebApplication.java b/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/TomcatWebApplication.java
deleted file mode 100644
index fb4e059dd1..0000000000
--- a/spring-session/tomcat-session-demo/src/main/java/com/baeldung/spring/session/tomcatex/TomcatWebApplication.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package com.baeldung.spring.session.tomcatex;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-@SpringBootApplication
-public class TomcatWebApplication {
- public static void main(String[] args) {
- SpringApplication.run(TomcatWebApplication.class, args);
- }
-}
diff --git a/spring-session/tomcat-session-demo/src/test/java/com/baeldung/spring/session/tomcatex/TomcatControllerTest.java b/spring-session/tomcat-session-demo/src/test/java/com/baeldung/spring/session/tomcatex/TomcatControllerTest.java
deleted file mode 100644
index 5bfb7e9411..0000000000
--- a/spring-session/tomcat-session-demo/src/test/java/com/baeldung/spring/session/tomcatex/TomcatControllerTest.java
+++ /dev/null
@@ -1,103 +0,0 @@
-package com.baeldung.spring.session.tomcatex;
-
-import org.apache.tomcat.util.codec.binary.Base64;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.context.embedded.LocalServerPort;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.web.client.TestRestTemplate;
-import org.springframework.data.redis.connection.RedisConnection;
-import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
-import org.springframework.http.*;
-import org.springframework.test.context.junit4.SpringRunner;
-
-import java.util.Set;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-@RunWith(SpringRunner.class)
-@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
-public class TomcatControllerTest {
-
- @Autowired
- private TestRestTemplate restTemplate;
- @LocalServerPort
- private int port;
- @Autowired
- private JedisConnectionFactory jedisConnectionFactory;
- private RedisConnection connection;
-
- @Before
- public void clearRedisData() {
- connection = jedisConnectionFactory.getConnection();
- connection.flushAll();
- }
-
- @Test
- public void testRedisIsEmpty() {
- Set result = connection.keys("*".getBytes());
- assertEquals(0, result.size());
- }
-
- @Test
- public void testForbiddenToProtectedEndpoint() {
- ResponseEntity result = restTemplate.getForEntity("/tomcat/admin", String.class);
- assertEquals(HttpStatus.UNAUTHORIZED, result.getStatusCode());
- }
-
- @Test
- public void testLoginAddsRedisKey() {
- ResponseEntity result = makeRequest();
- assertEquals("hello tomcat admin", result.getBody()); //login worked
-
- Set redisResult = connection.keys("*".getBytes());
- assertTrue(redisResult.size() > 0); //redis was populated with data
- }
-
- @Test //requires that the jetty service is running on port 8081
- public void testFailureAccessingJettyResourceWithTomcatSessionToken() {
- //call the jetty server with the token
- ResponseEntity jettyResult = restTemplate.getForEntity("http://localhost:8081", String.class);
- assertEquals(HttpStatus.UNAUTHORIZED, jettyResult.getStatusCode()); //login worked
- }
-
- @Test //requires that the jetty service is running on port 8081
- public void testAccessingJettyResourceWithTomcatSessionToken() {
- //login to get a session token
- ResponseEntity result = makeRequest();
- assertEquals("hello tomcat admin", result.getBody()); //login worked
-
- assertTrue(result.getHeaders().containsKey("Set-Cookie"));
-
- String setCookieValue = result.getHeaders().get("Set-Cookie").get(0);
- String sessionCookie = setCookieValue.split(";")[0];
- String sessionValue = sessionCookie.split("=")[1];
-
- //Add session token to headers
- HttpHeaders headers = new HttpHeaders();
- headers.add("x-auth-token", sessionValue);
-
- //call the jetty server with the token
- HttpEntity request = new HttpEntity<>(headers);
- ResponseEntity jettyResult = restTemplate.exchange("http://localhost:8081", HttpMethod.GET, request, String.class);
- assertEquals("hello Jetty", jettyResult.getBody()); //login worked
-
- }
-
- private ResponseEntity makeRequest() {
- String plainCreds = "admin:password";
- byte[] plainCredsBytes = plainCreds.getBytes();
- byte[] base64CredsBytes = Base64.encodeBase64(plainCredsBytes);
- String base64Creds = new String(base64CredsBytes);
-
- HttpHeaders headers = new HttpHeaders();
- headers.add("Authorization", "Basic " + base64Creds);
-
- HttpEntity request = new HttpEntity<>(headers);
- return restTemplate.exchange("http://localhost:" + port + "/tomcat/admin", HttpMethod.GET, request, String.class);
- }
-
-}
\ No newline at end of file