mindol1004/spring-boot-rest
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master'

Browse Source 
# Conflicts:
#	pom.xml
#	spring-cloud/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/SecurityConfig.java
#	spring-cloud/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java
#	spring-cloud/spring-cloud-bootstrap/gateway/src/main/java/com/baeldung/spring/cloud/bootstrap/gateway/SecurityConfig.java
#	spring-cloud/spring-cloud-bootstrap/resource/src/main/java/com/baeldung/spring/cloud/bootstrap/resource/SecurityConfig.java
This commit is contained in:
tschiman
2016-11-05 10:06:53 -06:00
parent 8564e482e4 c29601db41
commit 826c536d0d
685 changed files with 9025 additions and 3364 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
spring-cloud/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/SecurityConfig.java
View File

@@ -1,6 +1,8 @@
package com.baeldung.spring.cloud.bootstrap.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -9,11 +11,19 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests().anyRequest().hasRole("SYSTEM").and()
.httpBasic().and()
.csrf().disable();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception{
auth.inMemoryAuthentication().withUser("configUser").password("configPassword").roles("SYSTEM");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest().hasRole("SYSTEM")
.and()
.httpBasic()
.and()
.csrf()
.disable();
}
}

74
spring-cloud/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java
View File

@@ -15,37 +15,51 @@ import org.springframework.security.config.http.SessionCreationPolicy;
@Order(1)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("discUser").password("discPassword").roles("SYSTEM");
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception{
auth.inMemoryAuthentication().withUser("discUser").password("discPassword").roles("SYSTEM");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
.and()
.requestMatchers()
.antMatchers("/eureka/**")
.and()
.authorizeRequests()
.antMatchers("/eureka/**").hasRole("SYSTEM")
.anyRequest().denyAll()
.and()
.httpBasic()
.and()
.csrf()
.disable();
}
@Configuration
//no order tag means this is the last security filter to be evaluated
public static class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS).and()
.requestMatchers().antMatchers("/eureka/**").and()
.authorizeRequests()
.antMatchers("/eureka/**").hasRole("SYSTEM")
.anyRequest().denyAll().and()
.httpBasic().and()
.csrf().disable();
}
@Configuration
//no order tag means this is the last security filter to be evaluated
public static class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER).and()
.httpBasic().disable()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
.antMatchers("/info", "/health").authenticated()
.anyRequest().denyAll().and()
.csrf().disable();
}
@Override protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.NEVER)
.and()
.httpBasic()
.disable()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
.antMatchers("/info","/health").authenticated()
.anyRequest().denyAll()
.and()
.csrf()
.disable();
}
}
}

40
spring-cloud/spring-cloud-bootstrap/gateway/src/main/java/com/baeldung/spring/cloud/bootstrap/gateway/SecurityConfig.java
View File

@@ -11,23 +11,27 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password("password").roles("USER").and()
.withUser("admin").password("admin").roles("ADMIN");
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password("password").roles("USER")
.and()
.withUser("admin").password("admin").roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/resource/hello/cloud").permitAll()
.antMatchers("/eureka/**").hasRole("ADMIN")
.anyRequest().authenticated().and()
.formLogin().and()
.logout().permitAll()
.logoutSuccessUrl("/resource/hello/cloud").permitAll().and()
.csrf().disable();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/resource/hello/cloud").permitAll()
.antMatchers("/eureka/**").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.logout().permitAll()
.logoutSuccessUrl("/resource/hello/cloud").permitAll()
.and()
.csrf()
.disable();
}
}

32
spring-cloud/spring-cloud-bootstrap/resource/src/main/java/com/baeldung/spring/cloud/bootstrap/resource/SecurityConfig.java
View File

@@ -1,6 +1,8 @@
package com.baeldung.spring.cloud.bootstrap.resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -9,15 +11,23 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic().disable()
.authorizeRequests()
.antMatchers("/hello/cloud").permitAll()
.antMatchers("/hello/user").hasAnyRole("USER", "ADMIN")
.antMatchers("/hello/admin").hasRole("ADMIN")
.anyRequest().authenticated().and()
.csrf().disable();
}
@Autowired
public void configureGlobal1(AuthenticationManagerBuilder auth) throws Exception {
//try in memory auth with no users to support the case that this will allow for users that are logged in to go anywhere
auth.inMemoryAuthentication();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic()
.disable()
.authorizeRequests()
.antMatchers("/hello/cloud").permitAll()
.antMatchers("/hello/user").hasAnyRole("USER", "ADMIN")
.antMatchers("/hello/admin").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.csrf()
.disable();
}
}

1
spring-cloud/spring-cloud-config/client-config/config-client-production.properties
View File

@@ -1 +0,0 @@
user.role=User

46
spring-cloud/spring-cloud-config/client/pom.xml
View File

@@ -6,49 +6,30 @@
<parent>
<groupId>com.baeldung.spring.cloud</groupId>
<artifactId>spring-cloud-config</artifactId>
<version>0.0.1-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>client</artifactId>
<packaging>jar</packaging>
<name>client</name>
<description>Demo project for Spring Cloud Config Client</description>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-config</artifactId>
<version>1.2.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>${org.springframework.boot.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<version>${org.springframework.boot.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Brixton.BUILD-SNAPSHOT</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
@@ -57,23 +38,4 @@
</plugin>
</plugins>
</build>
<repositories>
<repository>
<id>spring-snapshots</id>
<name>Spring Snapshots</name>
<url>https://repo.spring.io/snapshot</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<repository>
<id>spring-milestones</id>
<name>Spring Milestones</name>
<url>https://repo.spring.io/milestone</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
</project>

1
spring-cloud/spring-cloud-config/client/src/main/resources/bootstrap.properties
View File

@@ -3,3 +3,4 @@ spring.profiles.active=development
spring.cloud.config.uri=http://localhost:8888
spring.cloud.config.username=root
spring.cloud.config.password=s3cr3t
spring.cloud.config.fail-fast=true

0
spring-cloud/spring-cloud-config/client-config/config-client-development.properties → spring-cloud/spring-cloud-config/config-repo/config-client-development.properties
View File

2
spring-cloud/spring-cloud-config/config-repo/config-client-production.properties Normal file
View File

@@ -0,0 +1,2 @@
user.role=User
user.password=pass

22
spring-cloud/spring-cloud-config/pom.xml
View File

@@ -5,7 +5,7 @@
<groupId>com.baeldung.spring.cloud</groupId>
<artifactId>spring-cloud-config</artifactId>
<version>0.0.1-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
<packaging>pom</packaging>
<modules>
@@ -16,9 +16,22 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.5.RELEASE</version>
<version>1.4.1.RELEASE</version>
<relativePath/>
</parent>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Camden.SR1</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
@@ -36,7 +49,10 @@
</build>
<properties>
<org.springframework.boot.version>1.3.5.RELEASE</org.springframework.boot.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<org.springframework.boot.version>1.4.1.RELEASE</org.springframework.boot.version>
<maven-surefire-plugin.version>2.19.1</maven-surefire-plugin.version>
</properties>
</project>

47
spring-cloud/spring-cloud-config/server/pom.xml
View File

@@ -6,77 +6,42 @@
<parent>
<groupId>com.baeldung.spring.cloud</groupId>
<artifactId>spring-cloud-config</artifactId>
<version>0.0.1-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>server</artifactId>
<name>server</name>
<description>Demo project for Spring Cloud Config Server</description>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-server</artifactId>
<version>1.2.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>${org.springframework.boot.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>${org.springframework.boot.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<version>${org.springframework.boot.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Brixton.BUILD-SNAPSHOT</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${org.springframework.boot.version}</version>
</plugin>
</plugins>
</build>
<repositories>
<repository>
<id>spring-snapshots</id>
<name>Spring Snapshots</name>
<url>https://repo.spring.io/snapshot</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<repository>
<id>spring-milestones</id>
<name>Spring Milestones</name>
<url>https://repo.spring.io/milestone</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
</project>

2
spring-cloud/spring-cloud-config/server/src/main/java/com/baeldung/spring/cloud/config/server/ConfigServer.java
View File

@@ -3,11 +3,9 @@ package com.baeldung.spring.cloud.config.server;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.config.server.EnableConfigServer;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@SpringBootApplication
@EnableConfigServer
@EnableWebSecurity
public class ConfigServer {
public static void main(String[] args) {
SpringApplication.run(ConfigServer.class, args);

4
spring-cloud/spring-cloud-config/server/src/main/resources/application.properties
View File

@@ -1,6 +1,6 @@
server.port=8888
spring.cloud.config.server.git.uri=https://github.com/eugenp/tutorials/tree/master/spring-cloud-config/client-config
spring.cloud.config.server.git.clone-on-start=false
spring.cloud.config.server.git.uri=
spring.cloud.config.server.git.clone-on-start=true
security.user.name=root
security.user.password=s3cr3t
encrypt.key-store.location=classpath:/config-server.jks