From 9ac570cba7ff3742aad5dcff9b269634b4d7478f Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Tue, 7 Apr 2015 16:30:57 -0500 Subject: [PATCH] Update to Spring IO version - Update Spring Boot 1.2.3.RELEASE - Update Spring Security 4.0.0.RELEASE - Update Spring 4.1.6.RELEASE - Update Groovy 2.3.8 - Update Jackson 2.4.5 - Update Jedis 2.5.2 - Update Spring Data Redis 1.4.2 Fixes gh-126 --- build.gradle | 2 +- gradle.properties | 14 ++++++++------ samples/hazelcast/build.gradle | 4 ++-- samples/httpsession-xml/build.gradle | 2 +- samples/httpsession/build.gradle | 2 +- samples/rest/build.gradle | 2 +- samples/security/build.gradle | 2 +- samples/users/build.gradle | 2 +- .../sample/config/WebSocketSecurityConfig.java | 5 ++--- .../main/java/sample/mvc/CsrfController.java | 14 ++++++++++++++ .../resources/static/resources/js/message.js | 18 ++++++++++++++++-- spring-session/build.gradle | 2 +- .../web/http/SessionRepositoryFilterTests.java | 1 - 13 files changed, 49 insertions(+), 21 deletions(-) create mode 100644 samples/websocket/src/main/java/sample/mvc/CsrfController.java diff --git a/build.gradle b/build.gradle index 614b3efb..1419ef3f 100644 --- a/build.gradle +++ b/build.gradle @@ -13,7 +13,7 @@ buildscript { group = 'org.springframework.session' -ext.springBootVersion = '1.1.10.RELEASE' +ext.springBootVersion = '1.2.3.RELEASE' ext.JAVA_GRADLE = "$rootDir/gradle/java.gradle" ext.MAVEN_GRADLE = "$rootDir/gradle/publish-maven.gradle" ext.TOMCAT_GRADLE = "$rootDir/gradle/tomcat.gradle" diff --git a/gradle.properties b/gradle.properties index b122d1bf..4df0159a 100644 --- a/gradle.properties +++ b/gradle.properties @@ -3,13 +3,15 @@ version=1.0.1.BUILD-SNAPSHOT commonsPoolVersion=2.2 embeddedRedisVersion=0.5 gebVersion=0.10.0 -groovyVersion=2.3.8 -jacksonVersion=2.4.4 -jedisVersion=2.4.1 +groovyVersion=2.3.11 +hazelcastVersion=3.3.3 +jacksonVersion=2.4.5 +jedisVersion=2.5.2 jstlVersion=1.2.1 +junitVersion=4.11 seleniumVersion=2.44.0 servletApiVersion=3.0.1 spockVersion=0.7-groovy-2.0 -springDataRedisVersion=1.4.1.RELEASE -springSecurityVersion=4.0.0.RC1 -springVersion=4.1.3.RELEASE +springDataRedisVersion=1.4.2.RELEASE +springSecurityVersion=4.0.0.RELEASE +springVersion=4.1.6.RELEASE diff --git a/samples/hazelcast/build.gradle b/samples/hazelcast/build.gradle index 1f9f34b6..cf29c063 100644 --- a/samples/hazelcast/build.gradle +++ b/samples/hazelcast/build.gradle @@ -8,12 +8,12 @@ sonarRunner { dependencies { compile project(':spring-session'), - "com.hazelcast:hazelcast-client:3.3.3", + "com.hazelcast:hazelcast-client:$hazelcastVersion", jstlDependencies providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile 'junit:junit:4.11' + testCompile "junit:junit:$junitVersion" integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/httpsession-xml/build.gradle b/samples/httpsession-xml/build.gradle index 09a91cea..dfb00ba7 100644 --- a/samples/httpsession-xml/build.gradle +++ b/samples/httpsession-xml/build.gradle @@ -14,7 +14,7 @@ dependencies { providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile 'junit:junit:4.11' + testCompile "junit:junit:$junitVersion" integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/httpsession/build.gradle b/samples/httpsession/build.gradle index 09a91cea..dfb00ba7 100644 --- a/samples/httpsession/build.gradle +++ b/samples/httpsession/build.gradle @@ -14,7 +14,7 @@ dependencies { providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile 'junit:junit:4.11' + testCompile "junit:junit:$junitVersion" integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/rest/build.gradle b/samples/rest/build.gradle index 63c2b72b..07f5bc99 100644 --- a/samples/rest/build.gradle +++ b/samples/rest/build.gradle @@ -17,7 +17,7 @@ dependencies { providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile 'junit:junit:4.11' + testCompile "junit:junit:$junitVersion" integrationTestCompile spockDependencies, 'org.codehaus.groovy.modules.http-builder:http-builder:0.7' diff --git a/samples/security/build.gradle b/samples/security/build.gradle index c6e1f8f5..b97f71ac 100644 --- a/samples/security/build.gradle +++ b/samples/security/build.gradle @@ -16,7 +16,7 @@ dependencies { providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile 'junit:junit:4.11' + testCompile "junit:junit:$junitVersion" integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/users/build.gradle b/samples/users/build.gradle index 09a91cea..dfb00ba7 100644 --- a/samples/users/build.gradle +++ b/samples/users/build.gradle @@ -14,7 +14,7 @@ dependencies { providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile 'junit:junit:4.11' + testCompile "junit:junit:$junitVersion" integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/websocket/src/main/java/sample/config/WebSocketSecurityConfig.java b/samples/websocket/src/main/java/sample/config/WebSocketSecurityConfig.java index 392bbb07..d159ae35 100644 --- a/samples/websocket/src/main/java/sample/config/WebSocketSecurityConfig.java +++ b/samples/websocket/src/main/java/sample/config/WebSocketSecurityConfig.java @@ -16,7 +16,6 @@ package sample.config; import org.springframework.context.annotation.Configuration; -import org.springframework.messaging.simp.SimpMessageType; import org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry; import org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer; @@ -30,8 +29,8 @@ public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBro @Override protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) { messages - .antMatchers(SimpMessageType.MESSAGE,"/queue/**","/topic/**").denyAll() - .antMatchers(SimpMessageType.SUBSCRIBE, "/queue/**/*-user*","/topic/**/*-user*").denyAll() + .simpMessageDestMatchers("/queue/**","/topic/**").denyAll() + .simpSubscribeDestMatchers("/queue/**/*-user*","/topic/**/*-user*").denyAll() .anyMessage().authenticated(); } // @formatter:on diff --git a/samples/websocket/src/main/java/sample/mvc/CsrfController.java b/samples/websocket/src/main/java/sample/mvc/CsrfController.java new file mode 100644 index 00000000..84fba11c --- /dev/null +++ b/samples/websocket/src/main/java/sample/mvc/CsrfController.java @@ -0,0 +1,14 @@ +package sample.mvc; + +import org.springframework.security.web.csrf.CsrfToken; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class CsrfController { + + @RequestMapping("/csrf") + public CsrfToken csrf(CsrfToken token) { + return token; + } +} diff --git a/samples/websocket/src/main/resources/static/resources/js/message.js b/samples/websocket/src/main/resources/static/resources/js/message.js index a13fba39..4c1c5fce 100644 --- a/samples/websocket/src/main/resources/static/resources/js/message.js +++ b/samples/websocket/src/main/resources/static/resources/js/message.js @@ -6,9 +6,23 @@ function ApplicationModel(stompClient) { self.username = ko.observable(); self.conversation = ko.observable(new ImConversationModel(stompClient,this.username)); self.notifications = ko.observableArray(); + self.csrfToken = ko.computed(function() { + return JSON.parse($.ajax({ + type: 'GET', + url: 'csrf', + dataType: 'json', + success: function() { }, + data: {}, + async: false + }).responseText); + }, this); self.connect = function() { - stompClient.connect({}, function(frame) { + var headers = {}; + var csrf = self.csrfToken(); + var headers = {}; + headers[csrf.headerName] = csrf.token; + stompClient.connect(headers, function(frame) { console.log('Connected ' + frame); self.username(frame.headers['user-name']); @@ -43,7 +57,7 @@ function ApplicationModel(stompClient) { self.conversation().receiveMessage(JSON.parse(message.body)); }); }, function(error) { - self.pushNotification(error) + self.pushNotification(error) console.log("STOMP protocol error " + error); }); } diff --git a/spring-session/build.gradle b/spring-session/build.gradle index 380d16fb..16d853e8 100644 --- a/spring-session/build.gradle +++ b/spring-session/build.gradle @@ -23,7 +23,7 @@ dependencies { integrationTestCompile "redis.clients:jedis:2.4.1", "org.apache.commons:commons-pool2:2.2", "redis.embedded:embedded-redis:$embeddedRedisVersion" - testCompile 'junit:junit:4.11', + testCompile "junit:junit:$junitVersion", 'org.mockito:mockito-core:1.9.5', "org.springframework:spring-test:$springVersion", 'org.easytesting:fest-assert:1.4', diff --git a/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java b/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java index 53cfc3da..1df10912 100644 --- a/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java +++ b/spring-session/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java @@ -27,7 +27,6 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; -import java.util.List; import java.util.Map; import java.util.NoSuchElementException;