Add PreAuth Xml sample project
Closes gh-26
This commit is contained in:
12
servlet/xml/java/preauth/src/main/resources/logback.xml
Normal file
12
servlet/xml/java/preauth/src/main/resources/logback.xml
Normal file
@@ -0,0 +1,12 @@
|
||||
<configuration>
|
||||
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
|
||||
<encoder>
|
||||
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
|
||||
</encoder>
|
||||
</appender>
|
||||
|
||||
<root level="WARN">
|
||||
<appender-ref ref="STDOUT" />
|
||||
</root>
|
||||
|
||||
</configuration>
|
||||
@@ -0,0 +1,26 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<!--
|
||||
- Sample namespace-based configuration
|
||||
-
|
||||
-->
|
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:sec="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
<sec:http>
|
||||
<sec:intercept-url pattern="/secure/extreme/**" access="hasRole('ROLE_SUPERVISOR')"/>
|
||||
<sec:intercept-url pattern="/secure/**" access="hasRole('ROLE_USER')"/>
|
||||
<sec:intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
|
||||
|
||||
<sec:jee mappable-roles="ROLE_USER,ROLE_SUPERVISOR" />
|
||||
|
||||
<sec:logout />
|
||||
</sec:http>
|
||||
|
||||
<sec:authentication-manager />
|
||||
|
||||
</beans>
|
||||
60
servlet/xml/java/preauth/src/main/webapp/WEB-INF/web.xml
Normal file
60
servlet/xml/java/preauth/src/main/webapp/WEB-INF/web.xml
Normal file
@@ -0,0 +1,60 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
|
||||
<display-name>Spring Security Preauthentication Demo Application</display-name>
|
||||
|
||||
<!--
|
||||
- Location of the XML file that defines the root application context
|
||||
- Applied by ContextLoaderListener.
|
||||
-->
|
||||
<context-param>
|
||||
<param-name>contextConfigLocation</param-name>
|
||||
<param-value>
|
||||
/WEB-INF/applicationContext-security.xml
|
||||
</param-value>
|
||||
</context-param>
|
||||
|
||||
<filter>
|
||||
<filter-name>springSecurityFilterChain</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>springSecurityFilterChain</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<!--
|
||||
- Loads the root application context of this web app at startup.
|
||||
- The application context is then available via
|
||||
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
|
||||
-->
|
||||
<listener>
|
||||
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
|
||||
</listener>
|
||||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>Preauth Realm</realm-name>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
<role-name>ROLE_USER</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>ROLE_SUPERVISOR</role-name>
|
||||
</security-role>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>All areas</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>ROLE_USER</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
</web-app>
|
||||
11
servlet/xml/java/preauth/src/main/webapp/index.jsp
Normal file
11
servlet/xml/java/preauth/src/main/webapp/index.jsp
Normal file
@@ -0,0 +1,11 @@
|
||||
<html>
|
||||
<body>
|
||||
<h1>Home Page</h1>
|
||||
<p>Anyone can view this page.</p>
|
||||
|
||||
<p>Your principal object is....: <%= request.getUserPrincipal() %></p>
|
||||
|
||||
<p><a href="secure/index.jsp">Secure page</a></p>
|
||||
<p><a href="secure/extreme/index.jsp">Extremely secure page</a></p>
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,10 @@
|
||||
|
||||
<html>
|
||||
<body>
|
||||
<h1>VERY Secure Page</h1>
|
||||
This is a protected page. You can only see me if you are a supervisor.
|
||||
|
||||
<p><a href="../../">Home</a>
|
||||
<p><a href="../../logout">Logout</a>
|
||||
</body>
|
||||
</html>
|
||||
15
servlet/xml/java/preauth/src/main/webapp/secure/index.jsp
Normal file
15
servlet/xml/java/preauth/src/main/webapp/secure/index.jsp
Normal file
@@ -0,0 +1,15 @@
|
||||
<html>
|
||||
<body>
|
||||
<h1>Secure Page</h1>
|
||||
This is a protected page. You can get to me if you've been remembered,
|
||||
or if you've authenticated this session.<br><br>
|
||||
|
||||
<%if (request.isUserInRole("ROLE_SUPERVISOR")) { %>
|
||||
You are a supervisor! You can therefore see the <a href="extreme/index.jsp">extremely secure page</a>.<br><br>
|
||||
<% } %>
|
||||
|
||||
|
||||
<p><a href="../">Home</a>
|
||||
<p><a href="../logout">Logout</a>
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.ExtendWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit.jupiter.SpringExtension;
|
||||
import org.springframework.test.context.web.WebAppConfiguration;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*/
|
||||
@ExtendWith(SpringExtension.class)
|
||||
@ContextConfiguration("file:src/main/webapp/WEB-INF/applicationContext-security.xml")
|
||||
@WebAppConfiguration
|
||||
public class PreAuthXmlTests {
|
||||
|
||||
@Autowired
|
||||
FilterChainProxy filterChainProxy;
|
||||
|
||||
@Test
|
||||
void configLoads() {
|
||||
}
|
||||
|
||||
}
|
||||
15
servlet/xml/java/preauth/src/test/resources/logback-test.xml
Normal file
15
servlet/xml/java/preauth/src/test/resources/logback-test.xml
Normal file
@@ -0,0 +1,15 @@
|
||||
<configuration>
|
||||
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
|
||||
<encoder>
|
||||
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
|
||||
</encoder>
|
||||
</appender>
|
||||
|
||||
<logger name="org.springframework.security" level="${sec.log.level:-WARN}"/>
|
||||
|
||||
|
||||
<root level="${root.level:-WARN}">
|
||||
<appender-ref ref="STDOUT" />
|
||||
</root>
|
||||
|
||||
</configuration>
|
||||
Reference in New Issue
Block a user