From bfb364769cf1c86da4053683185361e2fad15a4b Mon Sep 17 00:00:00 2001 From: lor6 Date: Thu, 9 Feb 2017 11:56:34 +0200 Subject: [PATCH] move multiple login project (#1140) --- spring-security-custom-permission/pom.xml | 12 +- .../main/java/org/baeldung/Application.java | 2 +- .../MultipleLoginApplication.java | 22 ++++ .../multiplelogin/MultipleLoginMvcConfig.java | 45 +++++++ .../MultipleLoginSecurityConfig.java | 122 ++++++++++++++++++ .../multiplelogin/UsersController.java | 38 ++++++ .../src/main/resources/templates/403.html | 10 ++ .../main/resources/templates/adminPage.html | 13 ++ .../src/main/resources/templates/login.html | 27 ++++ .../main/resources/templates/loginAdmin.html | 31 +++++ .../main/resources/templates/loginUser.html | 30 +++++ .../resources/templates/protectedLinks.html | 13 ++ .../main/resources/templates/userPage.html | 12 ++ 13 files changed, 375 insertions(+), 2 deletions(-) create mode 100644 spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java create mode 100644 spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java create mode 100644 spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java create mode 100644 spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java create mode 100644 spring-security-custom-permission/src/main/resources/templates/403.html create mode 100644 spring-security-custom-permission/src/main/resources/templates/adminPage.html create mode 100644 spring-security-custom-permission/src/main/resources/templates/login.html create mode 100644 spring-security-custom-permission/src/main/resources/templates/loginAdmin.html create mode 100644 spring-security-custom-permission/src/main/resources/templates/loginUser.html create mode 100644 spring-security-custom-permission/src/main/resources/templates/protectedLinks.html create mode 100644 spring-security-custom-permission/src/main/resources/templates/userPage.html diff --git a/spring-security-custom-permission/pom.xml b/spring-security-custom-permission/pom.xml index 39dec2805f..a2925189e4 100644 --- a/spring-security-custom-permission/pom.xml +++ b/spring-security-custom-permission/pom.xml @@ -128,6 +128,12 @@ spring-security-taglibs ${spring-security-taglibs.version} + + + org.springframework.security + spring-security-core + ${spring-security-core.version} + javax.servlet.jsp.jstl @@ -280,11 +286,15 @@ org.baeldung.Application - UTF-8 + + + UTF-8 1.8 10.13.1.1 1.1.2 4.2.0.RELEASE + 4.2.0.RELEASE + 1.2 2.4.0 1.6.1 diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/Application.java b/spring-security-custom-permission/src/main/java/org/baeldung/Application.java index 71d503e678..072a6ca4fe 100644 --- a/spring-security-custom-permission/src/main/java/org/baeldung/Application.java +++ b/spring-security-custom-permission/src/main/java/org/baeldung/Application.java @@ -9,7 +9,7 @@ import org.springframework.context.annotation.FilterType; @Configuration @EnableAutoConfiguration -@ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*")) +@ComponentScan(excludeFilters = {@ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.voter.*"), @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.baeldung.multiplelogin.*")}) public class Application extends SpringBootServletInitializer { public static void main(String[] args) { SpringApplication.run(Application.class, args); diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java new file mode 100644 index 0000000000..23fda0547f --- /dev/null +++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java @@ -0,0 +1,22 @@ +package org.baeldung.multiplelogin; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.EnableAutoConfiguration; +import org.springframework.boot.context.web.SpringBootServletInitializer; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.builder.SpringApplicationBuilder; + +@SpringBootApplication +@ComponentScan("org.baeldung.multiplelogin") +public class MultipleLoginApplication extends SpringBootServletInitializer { + public static void main(String[] args) { + SpringApplication.run(MultipleLoginApplication.class, args); + } + + @Override + protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { + return application.sources(MultipleLoginApplication.class); + } +} \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java new file mode 100644 index 0000000000..ec76be1909 --- /dev/null +++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java @@ -0,0 +1,45 @@ +package org.baeldung.multiplelogin; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.ViewResolver; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; +import org.springframework.web.servlet.view.InternalResourceViewResolver; +import org.springframework.web.servlet.view.JstlView; +import org.springframework.context.annotation.ComponentScan; + +@EnableWebMvc +@Configuration +@ComponentScan("org.baeldung.controller") +public class MultipleLoginMvcConfig extends WebMvcConfigurerAdapter { + + public MultipleLoginMvcConfig() { + super(); + } + + // API + + @Override + public void addViewControllers(final ViewControllerRegistry registry) { + super.addViewControllers(registry); + + registry.addViewController("/anonymous.html"); + + registry.addViewController("/login.html"); + registry.addViewController("/homepage.html"); + registry.addViewController("/console.html"); + } + + @Bean + public ViewResolver viewResolver() { + final InternalResourceViewResolver bean = new InternalResourceViewResolver(); + + bean.setViewClass(JstlView.class); + bean.setPrefix("/WEB-INF/view/"); + bean.setSuffix(".jsp"); + + return bean; + } +} \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java new file mode 100644 index 0000000000..d7dbf17723 --- /dev/null +++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java @@ -0,0 +1,122 @@ +package org.baeldung.multiplelogin; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.TestingAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.provisioning.InMemoryUserDetailsManager; + +@Configuration +@EnableWebSecurity +public class MultipleLoginSecurityConfig { + + @Bean + public UserDetailsService userDetailsService() throws Exception { + InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager(); + manager.createUser(User.withUsername("user") + .password("userPass") + .roles("USER") + .build()); + manager.createUser(User.withUsername("admin") + .password("adminPass") + .roles("ADMIN") + .build()); + return manager; + } + + @Configuration + @Order(1) + public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter { + + public App1ConfigurationAdapter() { + super(); + } + + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.inMemoryAuthentication() + .withUser("admin") + .password("admin") + .roles("ADMIN"); + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.antMatcher("/admin*") + .authorizeRequests() + .anyRequest() + .hasRole("ADMIN") + // log in + .and() + .formLogin() + .loginPage("/loginAdmin") + .loginProcessingUrl("/admin_login") + .failureUrl("/loginAdmin?error=loginError") + .defaultSuccessUrl("/adminPage") + // logout + .and() + .logout() + .logoutUrl("/admin_logout") + .logoutSuccessUrl("/protectedLinks") + .deleteCookies("JSESSIONID") + .and() + .exceptionHandling() + .accessDeniedPage("/403") + .and() + .csrf() + .disable(); + } + } + + @Configuration + @Order(2) + public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter { + + public App2ConfigurationAdapter() { + super(); + } + + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.inMemoryAuthentication() + .withUser("user") + .password("user") + .roles("USER"); + } + + protected void configure(HttpSecurity http) throws Exception { + http.antMatcher("/user*") + .authorizeRequests() + .anyRequest() + .hasRole("USER") + // log in + .and() + .formLogin() + .loginPage("/loginUser") + .loginProcessingUrl("/user_login") + .failureUrl("/loginUser?error=loginError") + .defaultSuccessUrl("/userPage") + // logout + .and() + .logout() + .logoutUrl("/user_logout") + .logoutSuccessUrl("/protectedLinks") + .deleteCookies("JSESSIONID") + .and() + .exceptionHandling() + .accessDeniedPage("/403") + .and() + .csrf() + .disable(); + } + } + +} diff --git a/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java new file mode 100644 index 0000000000..0672a760af --- /dev/null +++ b/spring-security-custom-permission/src/main/java/org/baeldung/multiplelogin/UsersController.java @@ -0,0 +1,38 @@ +package org.baeldung.multiplelogin; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; + +@Controller +public class UsersController { + + @RequestMapping("/protectedLinks") + public String getAnonymousPage() { + return "protectedLinks"; + } + + @RequestMapping("/userPage") + public String getUserPage() { + return "userPage"; + } + + @RequestMapping("/adminPage") + public String getAdminPage() { + return "adminPage"; + } + + @RequestMapping("/loginAdmin") + public String getAdminLoginPage() { + return "loginAdmin"; + } + + @RequestMapping("/loginUser") + public String getUserLoginPage() { + return "loginUser"; + } + + @RequestMapping("/403") + public String getAccessDeniedPage() { + return "403"; + } +} diff --git a/spring-security-custom-permission/src/main/resources/templates/403.html b/spring-security-custom-permission/src/main/resources/templates/403.html new file mode 100644 index 0000000000..20550768cf --- /dev/null +++ b/spring-security-custom-permission/src/main/resources/templates/403.html @@ -0,0 +1,10 @@ + + + + + + + +You do not have permission to view this page. + + \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/resources/templates/adminPage.html b/spring-security-custom-permission/src/main/resources/templates/adminPage.html new file mode 100644 index 0000000000..13aff9b15a --- /dev/null +++ b/spring-security-custom-permission/src/main/resources/templates/adminPage.html @@ -0,0 +1,13 @@ + + + + +Insert title here + + +Welcome admin! Logout + +

+Back to links + + \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/resources/templates/login.html b/spring-security-custom-permission/src/main/resources/templates/login.html new file mode 100644 index 0000000000..dd6bd04767 --- /dev/null +++ b/spring-security-custom-permission/src/main/resources/templates/login.html @@ -0,0 +1,27 @@ + + + + +

Login

+ +
+ + + + + + + + + + + + + + +
User:
Password:
+ +
+ + + \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/resources/templates/loginAdmin.html b/spring-security-custom-permission/src/main/resources/templates/loginAdmin.html new file mode 100644 index 0000000000..43d0e73233 --- /dev/null +++ b/spring-security-custom-permission/src/main/resources/templates/loginAdmin.html @@ -0,0 +1,31 @@ + + + + +Insert title here + + + +

Admin login page

+
+ + + + + + + + + + + + + +
User:
Password:
+ +
+ +

Login failed!

+ + + \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/resources/templates/loginUser.html b/spring-security-custom-permission/src/main/resources/templates/loginUser.html new file mode 100644 index 0000000000..bf4ddd48bc --- /dev/null +++ b/spring-security-custom-permission/src/main/resources/templates/loginUser.html @@ -0,0 +1,30 @@ + + + + +Login + + + +

User login page

+ +
+ + + + + + + + + + + + +
User:
Password:
+ +
+

Login failed!

+ + + \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/resources/templates/protectedLinks.html b/spring-security-custom-permission/src/main/resources/templates/protectedLinks.html new file mode 100644 index 0000000000..1877464fe5 --- /dev/null +++ b/spring-security-custom-permission/src/main/resources/templates/protectedLinks.html @@ -0,0 +1,13 @@ + + + + +Insert title here + + + +User page +
+Admin page + + \ No newline at end of file diff --git a/spring-security-custom-permission/src/main/resources/templates/userPage.html b/spring-security-custom-permission/src/main/resources/templates/userPage.html new file mode 100644 index 0000000000..894a225871 --- /dev/null +++ b/spring-security-custom-permission/src/main/resources/templates/userPage.html @@ -0,0 +1,12 @@ + + + + +Insert title here + + +Welcome user! Logout +

+Back to links + + \ No newline at end of file