GitHub-Spring
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Switch to lambda style security configuration 

Closes gh-17525
pull/17660/head
Madhura Bhave 7 years ago
parent
ed0f6e66ca
commit
39a7b9da38
20 changed files with 133 additions and 79 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfiguration.java
  2. 11
      spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityConfigurerAdapter.java
  3. 18
      spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfigurationTests.java
  4. 8
      spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/AbstractEndpointRequestIntegrationTests.java
  5. 5
      spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityAutoConfigurationTests.java
  6. 4
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/servlet/OAuth2WebSecurityConfiguration.java
  7. 7
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java
  8. 5
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerOpaqueTokenConfiguration.java
  9. 4
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java
  10. 4
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerOpaqueTokenConfiguration.java
  11. 5
      spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java
  12. 10
      spring-boot-project/spring-boot-docs/src/main/asciidoc/production-ready-features.adoc
  13. 4
      spring-boot-project/spring-boot-test-autoconfigure/src/test/java/org/springframework/boot/test/autoconfigure/web/reactive/webclient/WebTestClientSpringBootTestIntegrationTests.java
  14. 20
      spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator-custom-security/src/main/java/smoketest/actuator/customsecurity/SecurityConfiguration.java
  15. 17
      spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-secure-webflux/src/test/java/smoketest/secure/webflux/ManagementPortSampleSecureWebFluxTests.java
  16. 18
      spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-secure-webflux/src/test/java/smoketest/secure/webflux/SampleSecureWebFluxCustomSecurityTests.java
  17. 24
      spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-method-security/src/main/java/smoketest/security/method/SampleMethodSecurityApplication.java
  18. 10
      spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-secure-custom/src/main/java/smoketest/web/secure/custom/SampleWebSecureCustomApplication.java
  19. 9
      spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-secure-jdbc/src/main/java/smoketest/web/secure/jdbc/SampleWebSecureJdbcApplication.java
  20. 15
      spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-secure/src/main/java/smoketest/web/secure/SampleWebSecureApplication.java

14
spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfiguration.java
Unescape View File

@ -32,6 +32,7 @@ import org.springframework.boot.autoconfigure.security.oauth2.resource.reactive. @@ -32,6 +32,7 @@ import org.springframework.boot.autoconfigure.security.oauth2.resource.reactive.
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
@ -56,9 +57,16 @@ import org.springframework.security.web.server.WebFilterChainProxy; @@ -56,9 +57,16 @@ import org.springframework.security.web.server.WebFilterChainProxy;
public class ReactiveManagementWebSecurityAutoConfiguration {
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().matchers(EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class))
.permitAll().anyExchange().authenticated().and().httpBasic().and().formLogin().and().build();
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
// @formatter:off
http.authorizeExchange((exchanges) ->
exchanges
.matchers(EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class)).permitAll()
.anyExchange().authenticated())
.httpBasic(Customizer.withDefaults())
.formLogin(Customizer.withDefaults());
// @formatter:on
return http.build();
}
}

11
spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityConfigurerAdapter.java
Unescape View File

@ -19,6 +19,7 @@ package org.springframework.boot.actuate.autoconfigure.security.servlet; @@ -19,6 +19,7 @@ package org.springframework.boot.actuate.autoconfigure.security.servlet;
import org.springframework.boot.actuate.health.HealthEndpoint;
import org.springframework.boot.actuate.info.InfoEndpoint;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@ -39,8 +40,14 @@ class ManagementWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapte @@ -39,8 +40,14 @@ class ManagementWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapte
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().requestMatchers(EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class))
.permitAll().anyRequest().authenticated().and().formLogin().and().httpBasic();
// @formatter:off
http.authorizeRequests((requests) ->
requests
.requestMatchers(EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class)).permitAll()
.anyRequest().authenticated())
.formLogin(Customizer.withDefaults())
.httpBasic(Customizer.withDefaults());
// @formatter:on
}
}

18
spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfigurationTests.java
Unescape View File

@ -47,6 +47,7 @@ import org.springframework.http.server.reactive.ServerHttpResponse; @@ -47,6 +47,7 @@ import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
import org.springframework.mock.http.server.reactive.MockServerHttpResponse;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.WebFilterChainProxy;
@ -163,9 +164,11 @@ class ReactiveManagementWebSecurityAutoConfigurationTests { @@ -163,9 +164,11 @@ class ReactiveManagementWebSecurityAutoConfigurationTests {
static class CustomSecurityConfiguration {
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().pathMatchers("/foo").permitAll().anyExchange().authenticated().and()
.formLogin().and().build();
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
return http
.authorizeExchange(
(exchanges) -> exchanges.pathMatchers("/foo").permitAll().anyExchange().authenticated())
.formLogin(Customizer.withDefaults()).build();
}
}
@ -179,7 +182,7 @@ class ReactiveManagementWebSecurityAutoConfigurationTests { @@ -179,7 +182,7 @@ class ReactiveManagementWebSecurityAutoConfigurationTests {
}
@Bean
WebFilterChainProxy webFilterChainProxy(ServerHttpSecurity http) {
WebFilterChainProxy webFilterChainProxy(ServerHttpSecurity http) throws Exception {
return new WebFilterChainProxy(getFilterChains(http));
}
@ -190,9 +193,10 @@ class ReactiveManagementWebSecurityAutoConfigurationTests { @@ -190,9 +193,10 @@ class ReactiveManagementWebSecurityAutoConfigurationTests {
return httpSecurity;
}
private List<SecurityWebFilterChain> getFilterChains(ServerHttpSecurity http) {
return Collections.singletonList(
http.authorizeExchange().anyExchange().authenticated().and().formLogin().and().build());
private List<SecurityWebFilterChain> getFilterChains(ServerHttpSecurity http) throws Exception {
return Collections
.singletonList(http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated())
.formLogin(Customizer.withDefaults()).build());
}
static class TestServerHttpSecurity extends ServerHttpSecurity implements ApplicationContextAware {

8
spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/AbstractEndpointRequestIntegrationTests.java
Unescape View File

@ -167,10 +167,14 @@ abstract class AbstractEndpointRequestIntegrationTests { @@ -167,10 +167,14 @@ abstract class AbstractEndpointRequestIntegrationTests {
return new WebSecurityConfigurerAdapter() {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().requestMatchers(EndpointRequest.toLinks()).permitAll()
// @formatter:off
http.authorizeRequests((requests) -> requests
.requestMatchers(EndpointRequest.toLinks()).permitAll()
.requestMatchers(EndpointRequest.to(TestEndpoint1.class)).permitAll()
.requestMatchers(EndpointRequest.toAnyEndpoint()).authenticated().anyRequest()
.hasRole("ADMIN").and().httpBasic();
.hasRole("ADMIN"))
.httpBasic();
// @formatter:on
}
};
}

5
spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityAutoConfigurationTests.java
Unescape View File

@ -37,6 +37,7 @@ import org.springframework.mock.web.MockFilterChain; @@ -37,6 +37,7 @@ import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockServletContext;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.FilterChainProxy;
@ -126,8 +127,8 @@ class ManagementWebSecurityAutoConfigurationTests { @@ -126,8 +127,8 @@ class ManagementWebSecurityAutoConfigurationTests {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/foo").permitAll().anyRequest().authenticated().and().formLogin()
.and().httpBasic();
http.authorizeRequests((requests) -> requests.antMatchers("/foo").permitAll().anyRequest().authenticated())
.formLogin(Customizer.withDefaults()).httpBasic();
}
}

4
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/servlet/OAuth2WebSecurityConfiguration.java
Unescape View File

@ -20,6 +20,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; @@ -20,6 +20,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
@ -56,7 +57,8 @@ class OAuth2WebSecurityConfiguration { @@ -56,7 +57,8 @@ class OAuth2WebSecurityConfiguration {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().oauth2Login().and().oauth2Client();
http.authorizeRequests((requests) -> requests.anyRequest().authenticated())
.oauth2Login(Customizer.withDefaults()).oauth2Client();
}
}

7
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java
Unescape View File

@ -89,9 +89,10 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { @@ -89,9 +89,10 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
@Bean
@ConditionalOnBean(ReactiveJwtDecoder.class)
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, ReactiveJwtDecoder jwtDecoder) {
http.authorizeExchange().anyExchange().authenticated().and().oauth2ResourceServer().jwt()
.jwtDecoder(jwtDecoder);
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, ReactiveJwtDecoder jwtDecoder)
throws Exception {
http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated())
.oauth2ResourceServer((server) -> server.jwt((jwt) -> jwt.jwtDecoder(jwtDecoder)));
return http.build();
}

5
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerOpaqueTokenConfiguration.java
Unescape View File

@ -57,8 +57,9 @@ class ReactiveOAuth2ResourceServerOpaqueTokenConfiguration { @@ -57,8 +57,9 @@ class ReactiveOAuth2ResourceServerOpaqueTokenConfiguration {
@Bean
@ConditionalOnBean(ReactiveOAuth2TokenIntrospectionClient.class)
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange().anyExchange().authenticated().and().oauth2ResourceServer().opaqueToken();
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated())
.oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::opaqueToken);
return http.build();
}

4
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java
Unescape View File

@ -31,6 +31,7 @@ import org.springframework.context.annotation.Conditional; @@ -31,6 +31,7 @@ import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.jwt.JwtDecoders;
@ -95,7 +96,8 @@ class OAuth2ResourceServerJwtConfiguration { @@ -95,7 +96,8 @@ class OAuth2ResourceServerJwtConfiguration {
return new WebSecurityConfigurerAdapter() {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().oauth2ResourceServer().jwt();
http.authorizeRequests((requests) -> requests.anyRequest().authenticated())
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
}
};
}

4
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerOpaqueTokenConfiguration.java
Unescape View File

@ -23,6 +23,7 @@ import org.springframework.context.annotation.Bean; @@ -23,6 +23,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
import org.springframework.security.oauth2.server.resource.introspection.NimbusOAuth2TokenIntrospectionClient;
import org.springframework.security.oauth2.server.resource.introspection.OAuth2TokenIntrospectionClient;
@ -60,7 +61,8 @@ class OAuth2ResourceServerOpaqueTokenConfiguration { @@ -60,7 +61,8 @@ class OAuth2ResourceServerOpaqueTokenConfiguration {
return new WebSecurityConfigurerAdapter() {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().oauth2ResourceServer().opaqueToken();
http.authorizeRequests((requests) -> requests.anyRequest().authenticated())
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);
}
};
}

5
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java
Unescape View File

@ -375,8 +375,9 @@ class ReactiveOAuth2ResourceServerAutoConfigurationTests { @@ -375,8 +375,9 @@ class ReactiveOAuth2ResourceServerAutoConfigurationTests {
static class SecurityWebFilterChainConfig {
@Bean
SecurityWebFilterChain testSpringSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange().pathMatchers("/message/**").hasRole("ADMIN").anyExchange().authenticated().and()
SecurityWebFilterChain testSpringSecurityFilterChain(ServerHttpSecurity http) throws Exception {
http.authorizeExchange(
(exchanges) -> exchanges.pathMatchers("/message/**").hasRole("ADMIN").anyExchange().authenticated())
.httpBasic();
return http.build();
}

10
spring-boot-project/spring-boot-docs/src/main/asciidoc/production-ready-features.adoc
Unescape View File

@ -396,9 +396,9 @@ A typical Spring Security configuration might look something like the following @@ -396,9 +396,9 @@ A typical Spring Security configuration might look something like the following
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests()
.anyRequest().hasRole("ENDPOINT_ADMIN")
.and()
http.requestMatcher(EndpointRequest.toAnyEndpoint())
.authorizeRequests((requests) ->
requests.anyRequest().hasRole("ENDPOINT_ADMIN"))
.httpBasic();
}
@ -432,8 +432,8 @@ following example: @@ -432,8 +432,8 @@ following example:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests()
.anyRequest().permitAll();
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
.anyRequest().permitAll());
}
}

4
spring-boot-project/spring-boot-test-autoconfigure/src/test/java/org/springframework/boot/test/autoconfigure/web/reactive/webclient/WebTestClientSpringBootTestIntegrationTests.java
Unescape View File

@ -67,8 +67,8 @@ class WebTestClientSpringBootTestIntegrationTests { @@ -67,8 +67,8 @@ class WebTestClientSpringBootTestIntegrationTests {
static class TestConfiguration {
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().anyExchange().permitAll().and().build();
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
return http.authorizeExchange((exchanges) -> exchanges.anyExchange().permitAll()).build();
}
}

20
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator-custom-security/src/main/java/smoketest/actuator/customsecurity/SecurityConfiguration.java
Unescape View File

@ -21,6 +21,7 @@ import org.springframework.boot.actuate.web.mappings.MappingsEndpoint; @@ -21,6 +21,7 @@ import org.springframework.boot.actuate.web.mappings.MappingsEndpoint;
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
@ -43,16 +44,15 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @@ -43,16 +44,15 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests()
.mvcMatchers("/actuator/beans").hasRole("BEANS")
.requestMatchers(EndpointRequest.to("health", "info")).permitAll()
.requestMatchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.antMatchers("/foo").permitAll()
.antMatchers("/**").hasRole("USER")
.and()
.cors()
.and()
http.authorizeRequests((requests) ->
requests
.mvcMatchers("/actuator/beans").hasRole("BEANS")
.requestMatchers(EndpointRequest.to("health", "info")).permitAll()
.requestMatchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.antMatchers("/foo").permitAll()
.antMatchers("/**").hasRole("USER"))
.cors(Customizer.withDefaults())
.httpBasic();
// @formatter:on
}

17
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-secure-webflux/src/test/java/smoketest/secure/webflux/ManagementPortSampleSecureWebFluxTests.java
Unescape View File

@ -90,11 +90,18 @@ class ManagementPortSampleSecureWebFluxTests { @@ -90,11 +90,18 @@ class ManagementPortSampleSecureWebFluxTests {
static class SecurityConfiguration {
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().matchers(EndpointRequest.to("health", "info")).permitAll()
.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll().pathMatchers("/login")
.permitAll().anyExchange().authenticated().and().httpBasic().and().build();
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
// @formatter:off
http.authorizeExchange((exchanges) ->
exchanges
.matchers(EndpointRequest.to("health", "info")).permitAll()
.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.pathMatchers("/login").permitAll()
.anyExchange().authenticated())
.httpBasic();
// @formatter:on
return http.build();
}
}

18
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-secure-webflux/src/test/java/smoketest/secure/webflux/SampleSecureWebFluxCustomSecurityTests.java
Unescape View File

@ -29,6 +29,7 @@ import org.springframework.context.annotation.Bean; @@ -29,6 +29,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
@ -114,11 +115,18 @@ class SampleSecureWebFluxCustomSecurityTests { @@ -114,11 +115,18 @@ class SampleSecureWebFluxCustomSecurityTests {
}
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().matchers(EndpointRequest.to("health", "info")).permitAll()
.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll().pathMatchers("/login")
.permitAll().anyExchange().authenticated().and().httpBasic().and().build();
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
// @formatter:off
http.authorizeExchange((exchanges) ->
exchanges
.matchers(EndpointRequest.to("health", "info")).permitAll()
.matchers(EndpointRequest.toAnyEndpoint().excluding(MappingsEndpoint.class)).hasRole("ACTUATOR")
.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.pathMatchers("/login").permitAll()
.anyExchange().authenticated())
.httpBasic(Customizer.withDefaults());
// @formatter:off
return http.build();
}
}

24
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-method-security/src/main/java/smoketest/security/method/SampleMethodSecurityApplication.java
Unescape View File

@ -73,15 +73,13 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer { @@ -73,15 +73,13 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer {
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests()
.antMatchers("/login").permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin().loginPage("/login").failureUrl("/login?error")
.and()
.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.and()
.exceptionHandling().accessDeniedPage("/access?error");
http.authorizeRequests((requests) ->
requests
.antMatchers("/login").permitAll()
.anyRequest().fullyAuthenticated())
.formLogin((form) -> form.loginPage("/login").failureUrl("/login?error"))
.logout((logout) -> logout.logoutRequestMatcher(new AntPathRequestMatcher("/logout")))
.exceptionHandling((exceptions) -> exceptions.accessDeniedPage("/access?error"));
// @formatter:on
}
@ -93,12 +91,8 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer { @@ -93,12 +91,8 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer {
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
// @formatter:on
http.requestMatcher(EndpointRequest.toAnyEndpoint())
.authorizeRequests((requests) -> requests.anyRequest().authenticated()).httpBasic();
}
}

10
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-secure-custom/src/main/java/smoketest/web/secure/custom/SampleWebSecureCustomApplication.java
Unescape View File

@ -24,6 +24,7 @@ import org.springframework.boot.builder.SpringApplicationBuilder; @@ -24,6 +24,7 @@ import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
@ -61,8 +62,13 @@ public class SampleWebSecureCustomApplication implements WebMvcConfigurer { @@ -61,8 +62,13 @@ public class SampleWebSecureCustomApplication implements WebMvcConfigurer {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest().fullyAuthenticated().and()
.formLogin().loginPage("/login").failureUrl("/login?error").permitAll().and().logout().permitAll();
// @formatter:off
http.authorizeRequests((requests) ->
requests
.antMatchers("/css/**").permitAll().anyRequest().fullyAuthenticated())
.formLogin((form) -> form.loginPage("/login").failureUrl("/login?error").permitAll())
.logout(LogoutConfigurer::permitAll);
// @formatter:on
}
}

9
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-secure-jdbc/src/main/java/smoketest/web/secure/jdbc/SampleWebSecureJdbcApplication.java
Unescape View File

@ -27,6 +27,7 @@ import org.springframework.context.annotation.Bean; @@ -27,6 +27,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.provisioning.JdbcUserDetailsManager;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@ -65,8 +66,12 @@ public class SampleWebSecureJdbcApplication implements WebMvcConfigurer { @@ -65,8 +66,12 @@ public class SampleWebSecureJdbcApplication implements WebMvcConfigurer {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest().fullyAuthenticated().and()
.formLogin().loginPage("/login").failureUrl("/login?error").permitAll().and().logout().permitAll();
// @formatter:off
http.authorizeRequests(
(requests) -> requests.antMatchers("/css/**").permitAll().anyRequest().fullyAuthenticated())
.formLogin((form) -> form.loginPage("/login").failureUrl("/login?error").permitAll())
.logout(LogoutConfigurer::permitAll);
// @formatter:on
}
@Bean

15
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-web-secure/src/main/java/smoketest/web/secure/SampleWebSecureApplication.java
Unescape View File

@ -25,6 +25,7 @@ import org.springframework.boot.builder.SpringApplicationBuilder; @@ -25,6 +25,7 @@ import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
@ -63,13 +64,13 @@ public class SampleWebSecureApplication implements WebMvcConfigurer { @@ -63,13 +64,13 @@ public class SampleWebSecureApplication implements WebMvcConfigurer {
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests()
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin().loginPage("/login").failureUrl("/login?error").permitAll()
.and()
.logout().permitAll();
http.authorizeRequests((requests) ->
requests
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().fullyAuthenticated())
.formLogin((form) ->
form.loginPage("/login").failureUrl("/login?error").permitAll())
.logout(LogoutConfigurer::permitAll);
// @formatter:on
}

Write Preview
Loading…
Cancel
Save