Spring Security Taglibs (#4947)

* BAEL-1846: Java Image to Base64 String

* Move from using main method to Junit test

* Update to use environment variables for testing

* reformat and add test file

* spring boot jsp security taglibs

* add more test

* add more test

* refactor spring config

* refactor spring config

* Update README.md

* fi alignment

* fix requested comments

* additional tests and content

* additional tests and content

* update examples

* Delete Readme file

* edit form example

* adding example for spring boot security tag libs

* Remove old tag libs module
This commit is contained in:
Hai Nguyen
2018-08-31 02:19:13 +08:00
committed by Josh Cummings
parent aa2822c5fc
commit be05fabb4e
8 changed files with 173 additions and 1 deletions
@@ -0,0 +1,14 @@
package com.baeldung.springsecuritytaglibs;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping("/")
public class HomeController {
@RequestMapping
public String home() {
return "home";
}
}
@@ -0,0 +1,9 @@
package com.baeldung.springsecuritytaglibs;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.PropertySource;
@SpringBootApplication
@PropertySource("classpath:application-taglibs.properties")
public class SpringBootSecurityTagLibsApplication {
}
@@ -0,0 +1,31 @@
package com.baeldung.springsecuritytaglibs.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class SpringBootSecurityTagLibsConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("testUser")
.password("password")
.roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.csrf()
.and()
.authorizeRequests()
.antMatchers("/userManagement").hasRole("ADMIN")
.anyRequest().permitAll().and().httpBasic();
// @formatter:on
}
}
@@ -0,0 +1,3 @@
#jsp config
spring.mvc.view.prefix: /WEB-INF/views/
spring.mvc.view.suffix: .jsp
@@ -1,4 +1,4 @@
#spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
#security.user.password=password
#security.oauth2.client.client-id=client
#security.oauth2.client.client-secret=secret
#security.oauth2.client.client-secret=secret
@@ -0,0 +1,38 @@
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<sec:csrfMetaTags />
<title>Home Page</title>
</head>
<body>
<sec:authorize access="!isAuthenticated()">
Login
</sec:authorize>
<sec:authorize access="isAuthenticated()">
Logout
</sec:authorize>
<sec:authorize access="isAuthenticated()">
<h2>
Welcome back, <sec:authentication property="name" />
</h2>
<sec:authorize access="hasRole('ADMIN')">
Manage Users
</sec:authorize>
<form method="post">
<sec:csrfInput />
Text Field: <br /> <input type="text" name="textField" />
<input type="submit" value="Submit form with CSRF input">
</form>
<sec:authorize url="/userManagement">
<a href="/userManagement">Manage Users</a>
</sec:authorize>
</sec:authorize>
</body>
</html>