Browse Source
Complete the restructuring of the security auto-configuration packages by removing the direct import of web configuration from the main security auto-configuration. Closes gh-14412pull/14844/merge
Phillip Webb
8 years ago
40 changed files with 270 additions and 193 deletions
10
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveUserDetailsServiceAutoConfiguration.java → spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/ReactiveUserDetailsServiceAutoConfiguration.java
10
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveUserDetailsServiceAutoConfiguration.java → spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/ReactiveUserDetailsServiceAutoConfiguration.java
@ -1,41 +0,0 @@
@@ -1,41 +0,0 @@
|
||||
/* |
||||
* Copyright 2012-2018 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
|
||||
package org.springframework.boot.autoconfigure.security; |
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; |
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; |
||||
import org.springframework.context.annotation.Bean; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension; |
||||
|
||||
/** |
||||
* Automatically adds Spring Security's integration with Spring Data. |
||||
* |
||||
* @author Rob Winch |
||||
* @since 1.3 |
||||
*/ |
||||
@Configuration |
||||
@ConditionalOnClass(SecurityEvaluationContextExtension.class) |
||||
public class SecurityDataConfiguration { |
||||
|
||||
@Bean |
||||
@ConditionalOnMissingBean |
||||
public SecurityEvaluationContextExtension securityEvaluationContextExtension() { |
||||
return new SecurityEvaluationContextExtension(); |
||||
} |
||||
|
||||
} |
||||
5
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveSecurityAutoConfiguration.java → spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveWebSecurityAutoConfiguration.java
5
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveSecurityAutoConfiguration.java → spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveWebSecurityAutoConfiguration.java
4
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/servlet/WebSecurityEnablerConfiguration.java → spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/servlet/EnableWebSecurityConfiguration.java
4
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/servlet/WebSecurityEnablerConfiguration.java → spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/web/servlet/EnableWebSecurityConfiguration.java
@ -0,0 +1,44 @@
@@ -0,0 +1,44 @@
|
||||
/* |
||||
* Copyright 2012-2018 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet; |
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureAfter; |
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration; |
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; |
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration; |
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties; |
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.context.annotation.Import; |
||||
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher; |
||||
|
||||
/** |
||||
* {@link EnableAutoConfiguration Auto-configuration} for Spring Security in a servlet web |
||||
* application. |
||||
* |
||||
* @author Madhura Bhave |
||||
* @since 2.1.0 |
||||
*/ |
||||
@Configuration |
||||
@EnableConfigurationProperties(SecurityProperties.class) |
||||
@ConditionalOnClass(DefaultAuthenticationEventPublisher.class) |
||||
@AutoConfigureAfter(SecurityAutoConfiguration.class) |
||||
@Import({ SpringBootWebSecurityConfiguration.class, |
||||
EnableWebSecurityConfiguration.class }) |
||||
public class ServletWebSecurityAutoConfiguration { |
||||
|
||||
} |
||||
5
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveUserDetailsServiceAutoConfigurationTests.java → spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/ReactiveUserDetailsServiceAutoConfigurationTests.java
5
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveUserDetailsServiceAutoConfigurationTests.java → spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/ReactiveUserDetailsServiceAutoConfigurationTests.java
9
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveSecurityAutoConfigurationTests.java → spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveWebSecurityAutoConfigurationTests.java
9
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveSecurityAutoConfigurationTests.java → spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/web/reactive/ReactiveWebSecurityAutoConfigurationTests.java
@ -0,0 +1,131 @@
@@ -0,0 +1,131 @@
|
||||
/* |
||||
* Copyright 2012-2018 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet; |
||||
|
||||
import java.util.EnumSet; |
||||
|
||||
import javax.servlet.DispatcherType; |
||||
|
||||
import org.junit.Test; |
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigurations; |
||||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration; |
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration; |
||||
import org.springframework.boot.test.context.runner.WebApplicationContextRunner; |
||||
import org.springframework.boot.web.servlet.DelegatingFilterProxyRegistrationBean; |
||||
import org.springframework.boot.web.servlet.filter.OrderedFilter; |
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; |
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity; |
||||
import org.springframework.security.web.FilterChainProxy; |
||||
import org.springframework.test.util.ReflectionTestUtils; |
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat; |
||||
|
||||
/** |
||||
* Tests for {@link ServletWebSecurityAutoConfiguration}. |
||||
* |
||||
* @author Phillip Webb |
||||
*/ |
||||
public class ServletWebSecurityAutoConfigurationTests { |
||||
|
||||
private WebApplicationContextRunner contextRunner = new WebApplicationContextRunner() |
||||
.withConfiguration(AutoConfigurations.of(SecurityAutoConfiguration.class, |
||||
ServletWebSecurityAutoConfiguration.class, |
||||
PropertyPlaceholderAutoConfiguration.class)); |
||||
|
||||
@Test |
||||
public void testWebConfiguration() { |
||||
this.contextRunner.run((context) -> { |
||||
assertThat(context.getBean(AuthenticationManagerBuilder.class)).isNotNull(); |
||||
assertThat(context.getBean(FilterChainProxy.class).getFilterChains()) |
||||
.hasSize(1); |
||||
}); |
||||
} |
||||
|
||||
@Test |
||||
public void testDefaultFilterOrderWithSecurityAdapter() { |
||||
this.contextRunner |
||||
.withConfiguration(AutoConfigurations.of(WebSecurity.class, |
||||
SecurityFilterAutoConfiguration.class)) |
||||
.run((context) -> assertThat(context |
||||
.getBean("securityFilterChainRegistration", |
||||
DelegatingFilterProxyRegistrationBean.class) |
||||
.getOrder()).isEqualTo( |
||||
OrderedFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER - 100)); |
||||
} |
||||
|
||||
@Test |
||||
public void testDefaultFilterOrder() { |
||||
this.contextRunner |
||||
.withConfiguration( |
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class)) |
||||
.run((context) -> assertThat(context |
||||
.getBean("securityFilterChainRegistration", |
||||
DelegatingFilterProxyRegistrationBean.class) |
||||
.getOrder()).isEqualTo( |
||||
OrderedFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER - 100)); |
||||
} |
||||
|
||||
@Test |
||||
public void testCustomFilterOrder() { |
||||
this.contextRunner |
||||
.withConfiguration( |
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class)) |
||||
.withPropertyValues("spring.security.filter.order:12345").run( |
||||
(context) -> assertThat(context |
||||
.getBean("securityFilterChainRegistration", |
||||
DelegatingFilterProxyRegistrationBean.class) |
||||
.getOrder()).isEqualTo(12345)); |
||||
} |
||||
|
||||
@Test |
||||
public void defaultFilterDispatcherTypes() { |
||||
this.contextRunner |
||||
.withConfiguration( |
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class)) |
||||
.run((context) -> { |
||||
DelegatingFilterProxyRegistrationBean bean = context.getBean( |
||||
"securityFilterChainRegistration", |
||||
DelegatingFilterProxyRegistrationBean.class); |
||||
@SuppressWarnings("unchecked") |
||||
EnumSet<DispatcherType> dispatcherTypes = (EnumSet<DispatcherType>) ReflectionTestUtils |
||||
.getField(bean, "dispatcherTypes"); |
||||
assertThat(dispatcherTypes).containsOnly(DispatcherType.ASYNC, |
||||
DispatcherType.ERROR, DispatcherType.REQUEST); |
||||
}); |
||||
} |
||||
|
||||
@Test |
||||
public void customFilterDispatcherTypes() { |
||||
this.contextRunner |
||||
.withPropertyValues( |
||||
"spring.security.filter.dispatcher-types:INCLUDE,ERROR") |
||||
.withConfiguration( |
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class)) |
||||
.run((context) -> { |
||||
DelegatingFilterProxyRegistrationBean bean = context.getBean( |
||||
"securityFilterChainRegistration", |
||||
DelegatingFilterProxyRegistrationBean.class); |
||||
@SuppressWarnings("unchecked") |
||||
EnumSet<DispatcherType> dispatcherTypes = (EnumSet<DispatcherType>) ReflectionTestUtils |
||||
.getField(bean, "dispatcherTypes"); |
||||
assertThat(dispatcherTypes).containsOnly(DispatcherType.INCLUDE, |
||||
DispatcherType.ERROR); |
||||
}); |
||||
} |
||||
|
||||
} |
||||
Loading…
Reference in new issue