This commit is contained in:
devender.kumar
2019-10-30 23:16:56 +01:00
parent db85c8f275
commit fb34b40870
20538 changed files with 1642819 additions and 0 deletions
@@ -0,0 +1,14 @@
package com.baeldung.springbootsecuritycors.basicauth;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecuritycors")
@EnableAutoConfiguration
public class SpringBootSecurityApplication {
public static void main(String[] args) {
SpringApplication.run(SpringBootSecurityApplication.class, args);
}
}
@@ -0,0 +1,19 @@
package com.baeldung.springbootsecuritycors.basicauth.config;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
http.cors(); //disable this line to reproduce the CORS 401
}
}
@@ -0,0 +1,17 @@
package com.baeldung.springbootsecuritycors.controller;
import java.security.Principal;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@CrossOrigin("http://localhost:4200")
public class ResourceController {
@GetMapping("/user")
public String user(Principal principal) {
return principal.getName();
}
}
@@ -0,0 +1,42 @@
package com.baeldung.springbootsecuritycors;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.options;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import com.baeldung.springbootsecuritycors.basicauth.SpringBootSecurityApplication;
@RunWith(SpringRunner.class)
@SpringBootTest(classes = { SpringBootSecurityApplication.class })
public class ResourceControllerTest {
private MockMvc mockMvc;
@Autowired
private WebApplicationContext wac;
@Before
public void setUp() {
this.mockMvc = MockMvcBuilders.webAppContextSetup(wac)
.apply(SecurityMockMvcConfigurers.springSecurity())
.build();
}
@Test
public void givenPreFlightRequest_whenPerfomed_shouldReturnOK() throws Exception {
mockMvc.perform(options("/user")
.header("Access-Control-Request-Method", "GET")
.header("Origin", "http://localhost:4200"))
.andExpect(status().isOk());
}
}