Add Spring Security Sample

Fixes gh-68

samples/security/src/main/java/sample/Config.java

@@ -0,0 +1,36 @@
+package sample;
+/*
+ * Copyright 2002-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
+import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
+
+/**
+ * @author Rob Winch
+ */
+@Import(EmbeddedRedisConfiguration.class)
+@Configuration
+@EnableRedisHttpSession
+public class Config {
+
+    @Bean
+    public JedisConnectionFactory connectionFactory() {
+        return new JedisConnectionFactory();
+    }
+}

samples/security/src/main/java/sample/EmbeddedRedisConfiguration.java

@@ -0,0 +1,57 @@
+package sample;
+/*
+ * Copyright 2002-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+import org.springframework.beans.factory.DisposableBean;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import redis.clients.jedis.Protocol;
+import redis.embedded.RedisServer;
+
+/**
+ * Runs an embedded Redis instance. This is only necessary since we do not want
+ * users to have to setup a Redis instance. In a production environment, this
+ * would not be used since a Redis Server would be setup.
+ *
+ * @author Rob Winch
+ */
+@Configuration
+public class EmbeddedRedisConfiguration {
+
+    @Bean
+    public RedisServerBean redisServer() {
+        return new RedisServerBean();
+    }
+
+    class RedisServerBean implements InitializingBean, DisposableBean {
+        private RedisServer redisServer;
+
+
+        @Override
+        public void afterPropertiesSet() throws Exception {
+            redisServer = new RedisServer(Protocol.DEFAULT_PORT);
+            redisServer.start();
+        }
+
+        @Override
+        public void destroy() throws Exception {
+            if(redisServer != null) {
+                redisServer.stop();
+            }
+        }
+    }
+}

samples/security/src/main/java/sample/Initializer.java

@@ -0,0 +1,29 @@
+package sample;
+/*
+ * Copyright 2002-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+
+import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
+
+/**
+ * @author Rob Winch
+ */
+public class Initializer extends AbstractHttpSessionApplicationInitializer {
+
+    public Initializer() {
+        super(Config.class, SecurityConfig.class);
+    }
+}

samples/security/src/main/java/sample/SecurityConfig.java

@@ -0,0 +1,34 @@
+/*
+ * Copyright 2002-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package sample;
+
+/**
+ * @author Rob Winch
+ */
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+@EnableWebSecurity
+public class SecurityConfig {
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth
+            .inMemoryAuthentication()
+                .withUser("user").password("password").roles("USER");
+    }
+}

samples/security/src/main/java/sample/SecurityInitializer.java

@@ -0,0 +1,24 @@
+/*
+ * Copyright 2002-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package sample;
+
+import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
+
+/**
+ * @author Rob Winch
+ */
+public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {
+}

samples/security/src/main/java/sample/SessionServlet.java

@@ -0,0 +1,40 @@
+package sample;
+/*
+ * Copyright 2002-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * @author Rob Winch
+ */
+@WebServlet("/session")
+public class SessionServlet extends HttpServlet {
+
+    @Override
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        String attributeName = req.getParameter("attributeName");
+        String attributeValue = req.getParameter("attributeValue");
+        req.getSession().setAttribute(attributeName, attributeValue);
+        resp.sendRedirect(req.getContextPath() + "/");
+    }
+
+    private static final long serialVersionUID = 2878267318695777395L;
+}