initial rename of template project

spring-security-rest-basic-auth/src/main/java/org/baeldung/client/HttpComponentsClientHttpRequestFactoryBasicAuth.java

@@ -0,0 +1,42 @@
+package org.baeldung.client;
+
+import java.net.URI;
+
+import org.apache.http.HttpHost;
+import org.apache.http.client.AuthCache;
+import org.apache.http.client.protocol.ClientContext;
+import org.apache.http.impl.auth.BasicScheme;
+import org.apache.http.impl.client.BasicAuthCache;
+import org.apache.http.protocol.BasicHttpContext;
+import org.apache.http.protocol.HttpContext;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
+
+public class HttpComponentsClientHttpRequestFactoryBasicAuth extends HttpComponentsClientHttpRequestFactory {
+    HttpHost host;
+
+    public HttpComponentsClientHttpRequestFactoryBasicAuth(final HttpHost host) {
+        super();
+        this.host = host;
+    }
+
+    //
+
+    @Override
+    protected HttpContext createHttpContext(final HttpMethod httpMethod, final URI uri) {
+        return createHttpContext();
+    }
+
+    private HttpContext createHttpContext() {
+        // Create AuthCache instance
+        final AuthCache authCache = new BasicAuthCache();
+        // Generate BASIC scheme object and add it to the local auth cache
+        final BasicScheme basicAuth = new BasicScheme();
+        authCache.put(host, basicAuth);
+        // Add AuthCache to the execution context
+        final BasicHttpContext localcontext = new BasicHttpContext();
+        localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);
+        return localcontext;
+    }
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/client/RestTemplateFactory.java

@@ -0,0 +1,58 @@
+package org.baeldung.client;
+
+import org.apache.http.HttpHost;
+import org.apache.http.client.HttpClient;
+import org.apache.http.params.HttpConnectionParams;
+import org.apache.http.params.HttpParams;
+import org.springframework.beans.factory.FactoryBean;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.stereotype.Component;
+import org.springframework.web.client.RestTemplate;
+
+@Component
+public class RestTemplateFactory implements FactoryBean<RestTemplate>, InitializingBean {
+    private RestTemplate restTemplate;
+
+    public RestTemplateFactory() {
+        super();
+    }
+
+    // API
+
+    @Override
+    public RestTemplate getObject() {
+        return restTemplate;
+    }
+
+    @Override
+    public Class<RestTemplate> getObjectType() {
+        return RestTemplate.class;
+    }
+
+    @Override
+    public boolean isSingleton() {
+        return true;
+    }
+
+    @Override
+    public void afterPropertiesSet() {
+        final HttpHost host = new HttpHost("localhost", 8080, "http");
+        final HttpComponentsClientHttpRequestFactoryBasicAuth requestFactory = new HttpComponentsClientHttpRequestFactoryBasicAuth(host);
+        restTemplate = new RestTemplate(requestFactory);
+
+        final int timeout = 5;
+        final HttpClient httpClient = requestFactory.getHttpClient();
+        // - note: timeout via raw String parameters
+        // httpClient.getParams().setParameter("http.connection.timeout", timeout * 1000);
+        // httpClient.getParams().setParameter("http.socket.timeout", timeout * 1000);
+
+        // httpClient.getParams().setParameter("http.connection-manager.timeout", new Long(timeout * 1000));
+        // httpClient.getParams().setParameter("http.protocol.head-body-timeout", timeout * 1000);
+
+        // - note: timeout via the API
+        final HttpParams httpParams = httpClient.getParams();
+        HttpConnectionParams.setConnectionTimeout(httpParams, timeout * 1000); // http.connection.timeout
+        HttpConnectionParams.setSoTimeout(httpParams, timeout * 1000); // http.socket.timeout
+    }
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/client/spring/ClientConfig.java

@@ -0,0 +1,16 @@
+package org.baeldung.client.spring;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+@ComponentScan("org.baeldung.client")
+public class ClientConfig {
+
+    public ClientConfig() {
+        super();
+    }
+
+    // beans
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/security/MySavedRequestAwareAuthenticationSuccessHandler.java

@@ -0,0 +1,48 @@
+package org.baeldung.security;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
+import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
+import org.springframework.security.web.savedrequest.RequestCache;
+import org.springframework.security.web.savedrequest.SavedRequest;
+import org.springframework.util.StringUtils;
+
+public class MySavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
+
+    private RequestCache requestCache = new HttpSessionRequestCache();
+
+    @Override
+    public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws ServletException, IOException {
+        final SavedRequest savedRequest = requestCache.getRequest(request, response);
+
+        if (savedRequest == null) {
+            super.onAuthenticationSuccess(request, response, authentication);
+
+            return;
+        }
+        final String targetUrlParameter = getTargetUrlParameter();
+        if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) {
+            requestCache.removeRequest(request, response);
+            super.onAuthenticationSuccess(request, response, authentication);
+
+            return;
+        }
+
+        clearAuthenticationAttributes(request);
+
+        // Use the DefaultSavedRequest URL
+        // final String targetUrl = savedRequest.getRedirectUrl();
+        // logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl);
+        // getRedirectStrategy().sendRedirect(request, response, targetUrl);
+    }
+
+    public void setRequestCache(final RequestCache requestCache) {
+        this.requestCache = requestCache;
+    }
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/security/RestAuthenticationEntryPoint.java

@@ -0,0 +1,23 @@
+package org.baeldung.security;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+/**
+ * The Entry Point will not redirect to any sort of Login - it will return the 401
+ */
+@Component
+public final class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
+
+    @Override
+    public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException {
+        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
+    }
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/spring/SecSecurityConfig.java

@@ -0,0 +1,16 @@
+package org.baeldung.spring;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.ImportResource;
+
+@Configuration
+@ImportResource({ "classpath:webSecurityConfig.xml" })
+@ComponentScan("org.baeldung.security")
+public class SecSecurityConfig {
+
+    public SecSecurityConfig() {
+        super();
+    }
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/spring/WebConfig.java

@@ -0,0 +1,31 @@
+package org.baeldung.spring;
+
+import java.util.List;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+
+@Configuration
+@EnableWebMvc
+@ComponentScan("org.baeldung.web")
+public class WebConfig extends WebMvcConfigurerAdapter {
+
+    public WebConfig() {
+        super();
+    }
+
+    // beans
+
+    @Override
+    public void configureMessageConverters(final List<HttpMessageConverter<?>> converters) {
+        super.configureMessageConverters(converters);
+        converters.add(new MappingJackson2HttpMessageConverter());
+    }
+
+    //
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/web/controller/BarController.java

@@ -0,0 +1,31 @@
+package org.baeldung.web.controller;
+
+import org.baeldung.web.dto.Bar;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Controller
+@RequestMapping(value = "/bars")
+public class BarController {
+
+    @Autowired
+    private ApplicationEventPublisher eventPublisher;
+
+    public BarController() {
+        super();
+    }
+
+    // API
+
+    @RequestMapping(value = "/{id}", method = RequestMethod.GET)
+    @ResponseBody
+    public Bar findOne(@PathVariable("id") final Long id) {
+        return new Bar();
+    }
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/web/controller/FooController.java

@@ -0,0 +1,33 @@
+package org.baeldung.web.controller;
+
+import org.baeldung.web.dto.Foo;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Controller
+@RequestMapping(value = "/foos")
+public class FooController {
+
+    @Autowired
+    private ApplicationEventPublisher eventPublisher;
+
+    public FooController() {
+        super();
+    }
+
+    // API
+
+    @RequestMapping(value = "/{id}", method = RequestMethod.GET)
+    @ResponseBody
+    @PreAuthorize("hasRole('ROLE_USER')")
+    public Foo findOne(@PathVariable("id") final Long id) {
+        return new Foo();
+    }
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/web/dto/Bar.java

@@ -0,0 +1,14 @@
+package org.baeldung.web.dto;
+
+import java.io.Serializable;
+
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+public class Bar implements Serializable {
+
+    public Bar() {
+        super();
+    }
+
+}

spring-security-rest-basic-auth/src/main/java/org/baeldung/web/dto/Foo.java

@@ -0,0 +1,14 @@
+package org.baeldung.web.dto;
+
+import java.io.Serializable;
+
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+public class Foo implements Serializable {
+
+    public Foo() {
+        super();
+    }
+
+}

spring-security-rest-basic-auth/src/main/resources/logback.xml

@@ -0,0 +1,22 @@
+<configuration>
+
+	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+		<encoder>
+			<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
+			</pattern>
+		</encoder>
+	</appender>
+
+	<logger name="org.apache.http" level="TRACE" />
+	
+	<logger name="org.springframework" level="WARN" />
+	<logger name="org.springframework.transaction" level="WARN" />
+
+	<!-- in order to debug some marshalling issues, this needs to be TRACE -->
+	<logger name="org.springframework.web.servlet.mvc" level="WARN" />
+
+	<root level="INFO">
+		<appender-ref ref="STDOUT" />
+	</root>
+
+</configuration>

spring-security-rest-basic-auth/src/main/resources/webSecurityConfig.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security-3.1.xsd
+        http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
+
+    <http create-session="stateless" use-expressions="true">
+
+        <http-basic />
+
+    </http>
+
+    <authentication-manager>
+        <authentication-provider>
+            <user-service>
+                <user name="user" password="userPass" authorities="ROLE_USER" />
+            </user-service>
+        </authentication-provider>
+    </authentication-manager>
+
+    <global-method-security pre-post-annotations="enabled" />
+
+</beans:beans>

spring-security-rest-basic-auth/src/main/webapp/WEB-INF/api-servlet.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd" >
+
+</beans>

spring-security-rest-basic-auth/src/main/webapp/WEB-INF/web.xml

@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
+  <display-name>Spring Security Custom Application</display-name>
+  <context-param>
+    <param-name>contextClass</param-name>
+    <param-value>
+         org.springframework.web.context.support.AnnotationConfigWebApplicationContext
+      </param-value>
+  </context-param>
+  <context-param>
+    <param-name>contextConfigLocation</param-name>
+    <param-value>org.baeldung.spring</param-value>
+  </context-param>
+  <listener>
+    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+  </listener>
+  <servlet>
+    <servlet-name>api</servlet-name>
+    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+    <load-on-startup>1</load-on-startup>
+  </servlet>
+  <servlet-mapping>
+    <servlet-name>api</servlet-name>
+    <url-pattern>/api/*</url-pattern>
+  </servlet-mapping>
+  <filter>
+    <filter-name>springSecurityFilterChain</filter-name>
+    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+  </filter>
+  <filter-mapping>
+    <filter-name>springSecurityFilterChain</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+</web-app>

spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java

@@ -0,0 +1,38 @@
+package org.baeldung.client;
+
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.baeldung.client.spring.ClientConfig;
+import org.baeldung.web.dto.Foo;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.support.AnnotationConfigContextLoader;
+import org.springframework.web.client.RestTemplate;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(classes = { ClientConfig.class }, loader = AnnotationConfigContextLoader.class)
+public class ClientLiveTest {
+
+    @Autowired
+    private RestTemplate restTemplate;
+
+    // tests
+
+    @Test
+    public final void whenSecuredRestApiIsConsumed_then200OK() {
+        final HttpComponentsClientHttpRequestFactory requestFactory = (HttpComponentsClientHttpRequestFactory) restTemplate.getRequestFactory();
+        final DefaultHttpClient httpClient = (DefaultHttpClient) requestFactory.getHttpClient();
+        httpClient.getCredentialsProvider().setCredentials(new AuthScope("localhost", 8080, AuthScope.ANY_REALM), new UsernamePasswordCredentials("user", "userPass"));
+
+        final ResponseEntity<Foo> responseEntity = restTemplate.exchange("http://localhost:8080/spring-security-rest-template/api/foos/1", HttpMethod.GET, null, Foo.class);
+        System.out.println(responseEntity.getStatusCode());
+    }
+
+}

spring-security-rest-basic-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java

@@ -0,0 +1,67 @@
+package org.baeldung.client;
+
+import java.io.IOException;
+import java.util.Timer;
+import java.util.TimerTask;
+
+import org.apache.http.HttpResponse;
+import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.params.ClientPNames;
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.http.params.CoreConnectionPNames;
+import org.apache.http.params.HttpConnectionParams;
+import org.apache.http.params.HttpParams;
+import org.baeldung.client.spring.ClientConfig;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.support.AnnotationConfigContextLoader;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(classes = { ClientConfig.class }, loader = AnnotationConfigContextLoader.class)
+public class RawClientLiveTest {
+
+    // tests
+
+    @Test
+    public final void whenSecuredRestApiIsConsumed_then200OK() throws ClientProtocolException, IOException {
+        final DefaultHttpClient httpClient = new DefaultHttpClient();
+
+        final int timeout = 20; // seconds
+        final HttpParams httpParams = httpClient.getParams();
+        configureViaRawApi(timeout, httpParams);
+        // configureViaHighLevelApi(timeout, httpParams);
+
+        final HttpGet getMethod = new HttpGet("http://localhost:8080/spring-security-rest-template/api/bars/1");
+
+        final int hardTimeout = 5; // seconds
+        final TimerTask task = new TimerTask() {
+            @Override
+            public void run() {
+                if (getMethod != null) {
+                    getMethod.abort();
+                }
+            }
+        };
+        new Timer(true).schedule(task, hardTimeout * 1000);
+
+        final HttpResponse response = httpClient.execute(getMethod);
+        System.out.println("HTTP Status of response: " + response.getStatusLine().getStatusCode());
+    }
+
+    // util
+
+    final void configureViaHighLevelApi(final int timeout, final HttpParams httpParams) {
+        HttpConnectionParams.setConnectionTimeout(httpParams, timeout * 1000); // http.connection.timeout
+        HttpConnectionParams.setSoTimeout(httpParams, timeout * 1000); // http.socket.timeout
+        httpParams.setParameter(ClientPNames.CONN_MANAGER_TIMEOUT, new Long(timeout * 1000));
+    }
+
+    final void configureViaRawApi(final int timeout, final HttpParams httpParams) {
+        httpParams.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, timeout * 1000);
+        httpParams.setParameter(CoreConnectionPNames.SO_TIMEOUT, timeout * 1000);
+        httpParams.setParameter(ClientPNames.CONN_MANAGER_TIMEOUT, new Long(timeout * 1000));
+    }
+}

spring-security-rest-basic-auth/src/test/resources/.gitignore

@@ -0,0 +1,13 @@
+*.class
+
+#folders#
+/target
+/neoDb*
+/data
+/src/main/webapp/WEB-INF/classes
+*/META-INF/*
+
+# Packaged files #
+*.jar
+*.war
+*.ear