Compare commits
138 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
77e062b2cd | ||
|
|
2a3b76fee5 | ||
|
|
d5b75228fc | ||
|
|
3d7c668e57 | ||
|
|
e83cf082c4 | ||
|
|
cbd1c66c13 | ||
|
|
9f7a969a6e | ||
|
|
f51310ee64 | ||
|
|
5f2523e211 | ||
|
26986a6b7d | ||
|
6cdb77378d | ||
|
238416ec23 | ||
|
|
4b99428267 | ||
|
058e4e46a5 | ||
|
|
fd3609c6f0 | ||
|
|
a0d03adbe1 | ||
|
|
b229103d8c | ||
|
|
94b441c676 | ||
|
|
b2f10c6752 | ||
|
|
b3d228eb2e | ||
|
|
19dd3d8be1 | ||
|
|
1aaffb28fc | ||
|
|
75af61ca6c | ||
|
|
2fff593423 | ||
|
|
6a381d3226 | ||
|
|
cd628fe5af | ||
|
ee4df64bb1 | ||
|
|
d850762bce | ||
|
|
f71d1d6ca4 | ||
|
|
e5eeacec5f | ||
|
|
62ec64310b | ||
|
|
58813e9d5a | ||
|
|
c66ee750f9 | ||
|
|
9062db3f55 | ||
|
|
4bf15cda3b | ||
|
|
7f8c0387a7 | ||
|
|
3bc15c4259 | ||
|
|
c9add24c77 | ||
|
aaed973d27 | ||
|
|
55c4fcfd3f | ||
|
|
2a5d6b4d2e | ||
|
|
42aa10bfe8 | ||
|
|
2ce570cbdc | ||
|
|
221b48094a | ||
|
|
d43b48bbb0 | ||
|
|
840907993b | ||
|
|
e1dea5e0a8 | ||
|
|
4db41c1caf | ||
|
|
23a32acd56 | ||
|
|
dc8cca5351 | ||
|
|
2369b2cfb3 | ||
|
|
e6ce56ec8b | ||
|
|
36939c1b02 | ||
|
|
0a84f9d544 | ||
|
|
f4840e98a2 | ||
|
|
8c99c9f904 | ||
|
|
f70f1f20f9 | ||
|
|
ac1a77e5fe | ||
|
|
214a556dd4 | ||
|
|
cace484fbe | ||
|
|
a5ec1ccf1f | ||
|
7fc0ae47d5 | ||
|
ce2e644e04 | ||
|
24c198fe98 | ||
|
|
8800fb9816 | ||
|
|
b8e94948ae | ||
|
|
8d2276341f | ||
|
|
2c1b79375d | ||
|
|
63f1c7bf6f | ||
|
|
e8e4ee2850 | ||
|
|
9a643c8866 | ||
|
|
282f774e07 | ||
|
|
fba9313c6b | ||
|
|
e6ec5765b8 | ||
|
|
c2288615bf | ||
|
|
ad52fc0297 | ||
|
|
2516a495af | ||
|
|
9be7ac7fa6 | ||
|
|
c335a49924 | ||
|
|
092e6c6607 | ||
|
|
0924c9558a | ||
|
|
0484781541 | ||
|
|
3995f8bf65 | ||
|
|
ad16f17398 | ||
|
|
11aa50e83c | ||
|
|
ab5c727846 | ||
|
|
a0246a61b6 | ||
|
|
8f20fa328a | ||
|
|
44ff959c59 | ||
|
|
ad67a3775b | ||
|
|
75c60b27bd | ||
|
12ce8de84e | ||
|
|
81bd6bd261 | ||
|
|
2e8c4292fd | ||
|
|
315b9c9929 | ||
|
|
a70abd90bd | ||
|
|
f13df5aa2f | ||
|
|
6fd68e093f | ||
|
|
653d820290 | ||
|
|
950ac50234 | ||
|
|
bda72c074f | ||
|
|
fb1362aa2c | ||
|
|
d5dac6629d | ||
|
|
04b4b9ba17 | ||
|
|
97308bdbf4 | ||
|
|
4ba62c71dd | ||
|
|
265099c586 | ||
|
|
2f4a0110ab | ||
|
|
7a1cb66dae | ||
|
|
9bad2afa14 | ||
|
|
dba22292a3 | ||
|
|
c79173879f | ||
|
|
2c065c0241 | ||
|
|
a08c721118 | ||
|
|
70e0c6d22d | ||
|
|
61bf2eca49 | ||
|
|
59923121f0 | ||
|
|
b5f8e29585 | ||
|
|
307a1f0dde | ||
|
|
ced2d8421c | ||
|
|
d98ff97e1a | ||
|
|
757175516f | ||
|
|
8ae55b7ee4 | ||
|
|
1eb53ead9d | ||
|
72159794f4 | ||
|
|
aaf122f3a6 | ||
|
|
6f823805f2 | ||
|
|
7807aa9f3c | ||
|
|
76924bc923 | ||
|
|
134f89dd41 | ||
|
|
33812f7197 | ||
|
|
bcf17ba3b7 | ||
|
|
98f656ad46 | ||
|
|
7832942752 | ||
|
|
722069a5f8 | ||
|
|
addbdbc1a2 | ||
|
|
004466ed07 | ||
|
|
aeb5bc545c |
5
.gitattributes
vendored
5
.gitattributes
vendored
@@ -1,5 +1,6 @@
|
||||
* text eol=lf
|
||||
|
||||
*.bat text eol=crlf
|
||||
|
||||
*.jar binary
|
||||
*.jpg binary
|
||||
*.png binary
|
||||
*.mmdb binary
|
||||
|
||||
@@ -63,7 +63,7 @@ Compile and test; build all jars, distribution zips, and docs
|
||||
|
||||
You can find the documentation, samples, and guides for using Spring Session on the https://projects.spring.io/spring-session/[Spring Session project site].
|
||||
|
||||
For more in depth information, visit the https://docs.spring.io/spring-session/docs/current/reference/html5/[Spring Session Reference].
|
||||
For more in depth information, visit the https://docs.spring.io/spring-session/reference/[Spring Session Reference].
|
||||
|
||||
== Code of Conduct
|
||||
|
||||
|
||||
@@ -66,7 +66,7 @@ dependencies {
|
||||
implementation 'io.spring.nohttp:nohttp-gradle:0.0.9'
|
||||
implementation 'net.sourceforge.htmlunit:htmlunit:2.37.0'
|
||||
implementation 'org.hidetake:gradle-ssh-plugin:2.10.1'
|
||||
implementation 'org.jfrog.buildinfo:build-info-extractor-gradle:4.24.20'
|
||||
implementation 'org.jfrog.buildinfo:build-info-extractor-gradle:4.29.0'
|
||||
implementation 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7.1'
|
||||
|
||||
testImplementation platform('org.junit:junit-bom:5.8.1')
|
||||
|
||||
@@ -18,6 +18,7 @@ package io.spring.gradle.convention
|
||||
|
||||
import org.gradle.api.Plugin
|
||||
import org.gradle.api.Project
|
||||
import org.gradle.api.publish.maven.plugins.MavenPublishPlugin
|
||||
|
||||
class ArtifactoryPlugin implements Plugin<Project> {
|
||||
|
||||
@@ -37,8 +38,14 @@ class ArtifactoryPlugin implements Plugin<Project> {
|
||||
password = artifactoryPassword
|
||||
}
|
||||
}
|
||||
defaults {
|
||||
publications('mavenJava')
|
||||
}
|
||||
}
|
||||
project.plugins.withType(MavenPublishPlugin) {
|
||||
project.artifactory {
|
||||
publish {
|
||||
defaults {
|
||||
publications('mavenJava')
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -32,6 +32,7 @@ class RootProjectPlugin implements Plugin<Project> {
|
||||
pluginManager.apply(SchemaPlugin)
|
||||
pluginManager.apply(NoHttpPlugin)
|
||||
pluginManager.apply(SpringNexusPublishPlugin)
|
||||
pluginManager.apply(ArtifactoryPlugin)
|
||||
pluginManager.apply("org.sonarqube")
|
||||
|
||||
project.repositories.mavenCentral()
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
org.gradle.jvmargs=-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8
|
||||
org.gradle.parallel=true
|
||||
version=3.0.0-RC1
|
||||
version=3.0.0
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
dependencyManagement {
|
||||
imports {
|
||||
mavenBom 'io.projectreactor:reactor-bom:2022.0.0-RC1'
|
||||
mavenBom 'io.projectreactor:reactor-bom:2022.0.0'
|
||||
mavenBom 'com.fasterxml.jackson:jackson-bom:2.13.4.20221013'
|
||||
mavenBom 'org.junit:junit-bom:5.9.1'
|
||||
mavenBom 'org.mockito:mockito-bom:4.8.1'
|
||||
mavenBom 'org.springframework:spring-framework-bom:6.0.0-RC1'
|
||||
mavenBom 'org.springframework.data:spring-data-bom:2022.0.0-RC1'
|
||||
mavenBom 'org.springframework.security:spring-security-bom:6.0.0-RC1'
|
||||
mavenBom 'org.springframework:spring-framework-bom:6.0.0'
|
||||
mavenBom 'org.springframework.data:spring-data-bom:2022.0.0'
|
||||
mavenBom 'org.springframework.security:spring-security-bom:6.0.0'
|
||||
mavenBom 'org.testcontainers:testcontainers-bom:1.17.3'
|
||||
}
|
||||
|
||||
@@ -22,7 +22,9 @@ dependencyManagement {
|
||||
dependency 'com.zaxxer:HikariCP:5.0.1'
|
||||
dependency 'edu.umd.cs.mtc:multithreadedtc:1.01'
|
||||
dependency 'io.lettuce:lettuce-core:6.2.1.RELEASE'
|
||||
dependency 'jakarta.servlet:jakarta.servlet-api:5.0.0'
|
||||
dependency 'jakarta.servlet:jakarta.servlet-api:6.0.0'
|
||||
dependency 'jakarta.websocket:jakarta.websocket-api:2.1.0'
|
||||
dependency 'jakarta.websocket:jakarta.websocket-client-api:2.1.0'
|
||||
dependency 'mysql:mysql-connector-java:8.0.30'
|
||||
dependencySet(group: 'org.apache.derby', version: '10.16.1.1') {
|
||||
entry 'derby'
|
||||
|
||||
@@ -12,6 +12,7 @@ plugins {
|
||||
|
||||
rootProject.name = 'spring-session-build'
|
||||
|
||||
include 'spring-session-bom'
|
||||
include 'spring-session-core'
|
||||
include 'spring-session-data-mongodb'
|
||||
include 'spring-session-data-redis'
|
||||
|
||||
15
spring-session-bom/spring-session-bom.gradle
Normal file
15
spring-session-bom/spring-session-bom.gradle
Normal file
@@ -0,0 +1,15 @@
|
||||
import io.spring.gradle.convention.SpringModulePlugin
|
||||
|
||||
plugins {
|
||||
id("io.spring.convention.bom")
|
||||
}
|
||||
|
||||
dependencies {
|
||||
constraints {
|
||||
project.rootProject.allprojects { project ->
|
||||
project.plugins.withType(SpringModulePlugin) {
|
||||
api(project)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -98,6 +98,7 @@ public class HeaderHttpSessionIdResolver implements HttpSessionIdResolver {
|
||||
@Override
|
||||
public List<String> resolveSessionIds(HttpServletRequest request) {
|
||||
String headerValue = request.getHeader(this.headerName);
|
||||
System.out.println(headerValue);
|
||||
return (headerValue != null) ? Collections.singletonList(headerValue) : Collections.emptyList();
|
||||
}
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2014-2019 the original author or authors.
|
||||
* Copyright 2014-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -19,14 +19,11 @@ package org.springframework.session.web.http;
|
||||
import java.time.Duration;
|
||||
import java.util.Collections;
|
||||
import java.util.Enumeration;
|
||||
import java.util.NoSuchElementException;
|
||||
import java.util.Set;
|
||||
|
||||
import jakarta.servlet.ServletContext;
|
||||
import jakarta.servlet.http.HttpSession;
|
||||
import jakarta.servlet.http.HttpSessionBindingEvent;
|
||||
import jakarta.servlet.http.HttpSessionBindingListener;
|
||||
import jakarta.servlet.http.HttpSessionContext;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
@@ -41,12 +38,11 @@ import org.springframework.session.Session;
|
||||
* @author Vedran Pavic
|
||||
* @since 1.1
|
||||
*/
|
||||
@SuppressWarnings("deprecation")
|
||||
class HttpSessionAdapter<S extends Session> implements HttpSession {
|
||||
|
||||
private static final Log logger = LogFactory.getLog(HttpSessionAdapter.class);
|
||||
|
||||
private S session;
|
||||
private final S session;
|
||||
|
||||
private final ServletContext servletContext;
|
||||
|
||||
@@ -101,35 +97,18 @@ class HttpSessionAdapter<S extends Session> implements HttpSession {
|
||||
return (int) this.session.getMaxInactiveInterval().getSeconds();
|
||||
}
|
||||
|
||||
@Override
|
||||
public HttpSessionContext getSessionContext() {
|
||||
return NOOP_SESSION_CONTEXT;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object getAttribute(String name) {
|
||||
checkState();
|
||||
return this.session.getAttribute(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object getValue(String name) {
|
||||
return getAttribute(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Enumeration<String> getAttributeNames() {
|
||||
checkState();
|
||||
return Collections.enumeration(this.session.getAttributeNames());
|
||||
}
|
||||
|
||||
@Override
|
||||
public String[] getValueNames() {
|
||||
checkState();
|
||||
Set<String> attrs = this.session.getAttributeNames();
|
||||
return attrs.toArray(new String[0]);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setAttribute(String name, Object value) {
|
||||
checkState();
|
||||
@@ -156,11 +135,6 @@ class HttpSessionAdapter<S extends Session> implements HttpSession {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void putValue(String name, Object value) {
|
||||
setAttribute(name, value);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeAttribute(String name) {
|
||||
checkState();
|
||||
@@ -176,11 +150,6 @@ class HttpSessionAdapter<S extends Session> implements HttpSession {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeValue(String name) {
|
||||
removeAttribute(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void invalidate() {
|
||||
checkState();
|
||||
@@ -203,32 +172,4 @@ class HttpSessionAdapter<S extends Session> implements HttpSession {
|
||||
}
|
||||
}
|
||||
|
||||
private static final HttpSessionContext NOOP_SESSION_CONTEXT = new HttpSessionContext() {
|
||||
|
||||
@Override
|
||||
public HttpSession getSession(String sessionId) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Enumeration<String> getIds() {
|
||||
return EMPTY_ENUMERATION;
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
private static final Enumeration<String> EMPTY_ENUMERATION = new Enumeration<String>() {
|
||||
|
||||
@Override
|
||||
public boolean hasMoreElements() {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String nextElement() {
|
||||
throw new NoSuchElementException("a");
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
@@ -24,7 +24,6 @@ import java.util.Base64;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.NoSuchElementException;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
@@ -40,7 +39,6 @@ import jakarta.servlet.http.HttpServletResponse;
|
||||
import jakarta.servlet.http.HttpSession;
|
||||
import jakarta.servlet.http.HttpSessionBindingEvent;
|
||||
import jakarta.servlet.http.HttpSessionBindingListener;
|
||||
import jakarta.servlet.http.HttpSessionContext;
|
||||
|
||||
import org.assertj.core.data.Offset;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
@@ -80,7 +78,6 @@ import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||
* Tests for {@link SessionRepositoryFilter}.
|
||||
*/
|
||||
@ExtendWith(MockitoExtension.class)
|
||||
@SuppressWarnings("deprecation")
|
||||
class SessionRepositoryFilterTests {
|
||||
|
||||
@Mock
|
||||
@@ -316,52 +313,6 @@ class SessionRepositoryFilterTests {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterValue() throws Exception {
|
||||
final String ATTR = "ATTR";
|
||||
final String VALUE = "VALUE";
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
wrappedRequest.getSession().putValue(ATTR, VALUE);
|
||||
assertThat(wrappedRequest.getSession().getValue(ATTR)).isEqualTo(VALUE);
|
||||
assertThat(Arrays.asList(wrappedRequest.getSession().getValueNames())).containsOnly(ATTR);
|
||||
}
|
||||
});
|
||||
|
||||
nextRequest();
|
||||
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
assertThat(wrappedRequest.getSession().getValue(ATTR)).isEqualTo(VALUE);
|
||||
assertThat(Arrays.asList(wrappedRequest.getSession().getValueNames())).containsOnly(ATTR);
|
||||
}
|
||||
});
|
||||
|
||||
nextRequest();
|
||||
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
assertThat(wrappedRequest.getSession().getValue(ATTR)).isEqualTo(VALUE);
|
||||
|
||||
wrappedRequest.getSession().removeValue(ATTR);
|
||||
|
||||
assertThat(wrappedRequest.getSession().getValue(ATTR)).isNull();
|
||||
}
|
||||
});
|
||||
|
||||
nextRequest();
|
||||
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
assertThat(wrappedRequest.getSession().getValue(ATTR)).isNull();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterIsNewTrue() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@@ -637,27 +588,6 @@ class SessionRepositoryFilterTests {
|
||||
assertThat(session.getSecure()).describedAs("Session Cookie should be marked as Secure").isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterSessionContext() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
HttpSessionContext sessionContext = wrappedRequest.getSession().getSessionContext();
|
||||
assertThat(sessionContext).isNotNull();
|
||||
assertThat(sessionContext.getSession("a")).isNull();
|
||||
assertThat(sessionContext.getIds()).isNotNull();
|
||||
assertThat(sessionContext.getIds().hasMoreElements()).isFalse();
|
||||
|
||||
try {
|
||||
sessionContext.getIds().nextElement();
|
||||
fail("Expected Exception");
|
||||
}
|
||||
catch (NoSuchElementException ignored) {
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
// --- saving
|
||||
|
||||
@Test
|
||||
@@ -741,23 +671,6 @@ class SessionRepositoryFilterTests {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateValueIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
HttpSession session = wrappedRequest.getSession();
|
||||
session.invalidate();
|
||||
try {
|
||||
session.getValue("attr");
|
||||
fail("Expected Exception");
|
||||
}
|
||||
catch (IllegalStateException ignored) {
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateAttributeNamesIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@@ -775,23 +688,6 @@ class SessionRepositoryFilterTests {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateValueNamesIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
HttpSession session = wrappedRequest.getSession();
|
||||
session.invalidate();
|
||||
try {
|
||||
session.getValueNames();
|
||||
fail("Expected Exception");
|
||||
}
|
||||
catch (IllegalStateException ignored) {
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateSetAttributeIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@@ -809,23 +705,6 @@ class SessionRepositoryFilterTests {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidatePutValueIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
HttpSession session = wrappedRequest.getSession();
|
||||
session.invalidate();
|
||||
try {
|
||||
session.putValue("a", "b");
|
||||
fail("Expected Exception");
|
||||
}
|
||||
catch (IllegalStateException ignored) {
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateRemoveAttributeIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@@ -843,23 +722,6 @@ class SessionRepositoryFilterTests {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateRemoveValueIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
HttpSession session = wrappedRequest.getSession();
|
||||
session.invalidate();
|
||||
try {
|
||||
session.removeValue("name");
|
||||
fail("Expected Exception");
|
||||
}
|
||||
catch (IllegalStateException ignored) {
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateNewIllegalState() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@@ -921,20 +783,6 @@ class SessionRepositoryFilterTests {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateSessionContext() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@Override
|
||||
public void doFilter(HttpServletRequest wrappedRequest) {
|
||||
HttpSession session = wrappedRequest.getSession();
|
||||
session.invalidate();
|
||||
|
||||
// no exception
|
||||
session.getSessionContext();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
void doFilterInvalidateMaxInteractiveInterval() throws Exception {
|
||||
doFilter(new DoInFilter() {
|
||||
@@ -1339,8 +1187,9 @@ class SessionRepositoryFilterTests {
|
||||
|
||||
@Test
|
||||
void order() {
|
||||
assertThat(AnnotationAwareOrderComparator.INSTANCE.compare(this.filter,
|
||||
new SessionRepositoryFilterDefaultOrder()));
|
||||
assertThat(
|
||||
AnnotationAwareOrderComparator.INSTANCE.compare(this.filter, new SessionRepositoryFilterDefaultOrder()))
|
||||
.isZero();
|
||||
}
|
||||
|
||||
// We want the filter to work without any dependencies on Spring
|
||||
@@ -1552,7 +1401,7 @@ class SessionRepositoryFilterTests {
|
||||
|
||||
}
|
||||
|
||||
private abstract class DoInFilter {
|
||||
private abstract static class DoInFilter {
|
||||
|
||||
void doFilter(HttpServletRequest wrappedRequest, HttpServletResponse wrappedResponse)
|
||||
throws ServletException, IOException {
|
||||
|
||||
@@ -18,6 +18,8 @@ dependencies {
|
||||
optional "org.mongodb:mongodb-driver-core"
|
||||
testImplementation "org.mongodb:mongodb-driver-sync"
|
||||
testImplementation "org.mongodb:mongodb-driver-reactivestreams"
|
||||
testImplementation 'jakarta.websocket:jakarta.websocket-api'
|
||||
testImplementation 'jakarta.websocket:jakarta.websocket-client-api'
|
||||
integrationTestCompile "org.testcontainers:mongodb"
|
||||
|
||||
// Everything else
|
||||
|
||||
@@ -1,4 +1,2 @@
|
||||
name: ROOT
|
||||
version: '3.0.0-RC1'
|
||||
prerelease: 'true'
|
||||
display_version: '3.0.0-RC1'
|
||||
version: '3.0.0'
|
||||
|
||||
@@ -51,7 +51,7 @@ public class RememberMeSecurityConfiguration {
|
||||
|
||||
return http
|
||||
.formLogin(Customizer.withDefaults())
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
).build();
|
||||
}
|
||||
|
||||
@@ -15,7 +15,6 @@
|
||||
*** xref:guides/boot-webflux-custom-cookie.adoc[Custom Cookie]
|
||||
** Java Configuration
|
||||
** XML Configuration
|
||||
* xref:modules.adoc[Modules]
|
||||
* xref:http-session.adoc[HttpSession Integration]
|
||||
* xref:web-socket.adoc[WebSocket Integration]
|
||||
* xref:web-session.adoc[WebSession Integration]
|
||||
|
||||
@@ -1,22 +0,0 @@
|
||||
[[modules]]
|
||||
= Spring Session Modules
|
||||
|
||||
In Spring Session 1.x, all of the Spring Session's `SessionRepository` implementations were available within the `spring-session` artifact.
|
||||
While convenient, this approach was not sustainable long-term as more features and `SessionRepository` implementations were added to the project.
|
||||
|
||||
With Spring Session 2.0, several modules were split off to be separate modules as well as managed repositories.
|
||||
Spring Session for MongoDB was retired, but was later reactivated as a separate module.
|
||||
As of Spring Session 2.6, Spring Session for MongoDB was merged back into Spring Session.
|
||||
|
||||
Now the situation with the various repositories and modules is as follows:
|
||||
|
||||
* https://github.com/spring-projects/spring-session[`spring-session` repository]
|
||||
** Hosts the Spring Session Core, Spring Session for MongoDB, Spring Session for Redis, Spring Session JDBC, and Spring Session Hazelcast modules.
|
||||
|
||||
* https://github.com/spring-projects/spring-session-data-geode[`spring-session-data-geode` repository]
|
||||
** Hosts the Spring Session Data Geode modules. Spring Session Data Geode has its own user guide, which you can find at the [https://spring.io/projects/spring-session-data-geode#learn site].
|
||||
|
||||
Finally, Spring Session also provides a Maven BOM ("`bill of materials`") module in order to help users with version management concerns:
|
||||
|
||||
* https://github.com/spring-projects/spring-session-bom[`spring-session-bom` repository]
|
||||
** Hosts the Spring Session BOM module
|
||||
@@ -1,4 +1 @@
|
||||
= What's New
|
||||
|
||||
Check also the Spring Session BOM https://github.com/spring-projects/spring-session-bom/wiki#release-notes[release notes]
|
||||
for a list of new and noteworthy features, as well as upgrade instructions for each release.
|
||||
|
||||
@@ -36,7 +36,7 @@ public class SecurityConfig {
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
||||
@@ -35,7 +35,7 @@ public class SecurityConfig {
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
||||
@@ -45,7 +45,7 @@ public class SecurityConfig {
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
||||
@@ -35,7 +35,7 @@ public class SecurityConfig {
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
||||
@@ -36,7 +36,7 @@ public class SecurityConfig {
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
||||
@@ -54,7 +54,7 @@ public class WebSecurityConfig {
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
|
||||
@@ -1,31 +0,0 @@
|
||||
plugins {
|
||||
id "org.gretty" version "4.0.0"
|
||||
id "io.spring.convention.spring-sample-war"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
implementation project(':spring-session-data-redis')
|
||||
implementation "io.lettuce:lettuce-core"
|
||||
implementation "org.springframework:spring-webmvc"
|
||||
implementation "org.springframework.security:spring-security-config"
|
||||
implementation "org.springframework.security:spring-security-web"
|
||||
implementation "com.fasterxml.jackson.core:jackson-databind"
|
||||
implementation "org.slf4j:slf4j-api"
|
||||
implementation "org.slf4j:jcl-over-slf4j"
|
||||
implementation "org.slf4j:log4j-over-slf4j"
|
||||
implementation "ch.qos.logback:logback-classic"
|
||||
implementation "org.testcontainers:testcontainers"
|
||||
|
||||
providedCompile "jakarta.servlet:jakarta.servlet-api"
|
||||
|
||||
testImplementation "org.springframework.security:spring-security-test"
|
||||
testImplementation "org.assertj:assertj-core"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
testImplementation "org.junit.jupiter:junit-jupiter-api"
|
||||
testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine"
|
||||
}
|
||||
|
||||
gretty {
|
||||
jvmArgs = ['-Dspring.profiles.active=embedded-redis']
|
||||
servletContainer = 'tomcat10'
|
||||
}
|
||||
@@ -1,112 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package rest;
|
||||
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.ExtendWith;
|
||||
import org.testcontainers.containers.GenericContainer;
|
||||
import sample.SecurityConfig;
|
||||
import sample.mvc.MvcConfig;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
|
||||
import org.springframework.security.test.context.support.WithMockUser;
|
||||
import org.springframework.session.Session;
|
||||
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
|
||||
import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
|
||||
import org.springframework.session.web.http.HttpSessionIdResolver;
|
||||
import org.springframework.session.web.http.SessionRepositoryFilter;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit.jupiter.SpringExtension;
|
||||
import org.springframework.test.context.web.WebAppConfiguration;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
@ExtendWith(SpringExtension.class)
|
||||
@ContextConfiguration(classes = { RestMockMvcTests.Config.class, SecurityConfig.class, MvcConfig.class })
|
||||
@WebAppConfiguration
|
||||
class RestMockMvcTests {
|
||||
|
||||
private static final String DOCKER_IMAGE = "redis:7.0.4-alpine";
|
||||
|
||||
@Autowired
|
||||
private SessionRepositoryFilter<? extends Session> sessionRepositoryFilter;
|
||||
|
||||
@Autowired
|
||||
private WebApplicationContext context;
|
||||
|
||||
private MockMvc mvc;
|
||||
|
||||
@BeforeEach
|
||||
void setup() {
|
||||
this.mvc = MockMvcBuilders.webAppContextSetup(this.context).alwaysDo(print())
|
||||
.addFilters(this.sessionRepositoryFilter).apply(springSecurity()).build();
|
||||
}
|
||||
|
||||
@Test
|
||||
void noSessionOnNoCredentials() throws Exception {
|
||||
this.mvc.perform(get("/")).andExpect(header().doesNotExist("X-Auth-Token"))
|
||||
.andExpect(status().isUnauthorized());
|
||||
}
|
||||
|
||||
@WithMockUser
|
||||
@Test
|
||||
void autheticatedAnnotation() throws Exception {
|
||||
this.mvc.perform(get("/")).andExpect(content().string("{\"username\":\"user\"}"));
|
||||
}
|
||||
|
||||
@Test
|
||||
void autheticatedRequestPostProcessor() throws Exception {
|
||||
this.mvc.perform(get("/").with(user("user"))).andExpect(content().string("{\"username\":\"user\"}"));
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@EnableRedisHttpSession
|
||||
static class Config {
|
||||
|
||||
@Bean
|
||||
GenericContainer redisContainer() {
|
||||
GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE).withExposedPorts(6379);
|
||||
redisContainer.start();
|
||||
return redisContainer;
|
||||
}
|
||||
|
||||
@Bean
|
||||
LettuceConnectionFactory redisConnectionFactory() {
|
||||
return new LettuceConnectionFactory(redisContainer().getHost(), redisContainer().getFirstMappedPort());
|
||||
}
|
||||
|
||||
@Bean
|
||||
HttpSessionIdResolver httpSessionIdResolver() {
|
||||
return HeaderHttpSessionIdResolver.xAuthToken();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
import java.util.Base64;
|
||||
import java.util.Collections;
|
||||
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import org.springframework.http.HttpEntity;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.client.HttpClientErrorException;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* @author Pool Dolorier
|
||||
*/
|
||||
class RestTests {
|
||||
|
||||
private static final String AUTHORIZATION = "Authorization";
|
||||
|
||||
private static final String BASIC = "Basic ";
|
||||
|
||||
private static final String X_AUTH_TOKEN = "X-Auth-Token";
|
||||
|
||||
private RestTemplate restTemplate;
|
||||
|
||||
private String baseUrl;
|
||||
|
||||
@BeforeEach
|
||||
void setUp() {
|
||||
this.baseUrl = "http://localhost:" + System.getProperty("app.port");
|
||||
this.restTemplate = new RestTemplate();
|
||||
}
|
||||
|
||||
@Test
|
||||
void unauthenticatedUserSentToLogInPage() {
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
|
||||
assertThatExceptionOfType(HttpClientErrorException.class)
|
||||
.isThrownBy(() -> getForUser(this.baseUrl + "/", headers, String.class))
|
||||
.satisfies((e) -> assertThat(e.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED));
|
||||
}
|
||||
|
||||
@Test
|
||||
void authenticateWithBasicWorks() {
|
||||
String auth = getAuth("user", "password");
|
||||
HttpHeaders headers = getHttpHeaders();
|
||||
headers.set(AUTHORIZATION, BASIC + auth);
|
||||
ResponseEntity<User> entity = getForUser(this.baseUrl + "/", headers, User.class);
|
||||
assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
assertThat(entity.getHeaders().containsKey(X_AUTH_TOKEN)).isTrue();
|
||||
assertThat(entity.getBody().getUsername()).isEqualTo("user");
|
||||
}
|
||||
|
||||
@Test
|
||||
void authenticateWithXAuthTokenWorks() {
|
||||
String auth = getAuth("user", "password");
|
||||
HttpHeaders headers = getHttpHeaders();
|
||||
headers.set(AUTHORIZATION, BASIC + auth);
|
||||
ResponseEntity<User> entity = getForUser(this.baseUrl + "/", headers, User.class);
|
||||
|
||||
String token = entity.getHeaders().getFirst(X_AUTH_TOKEN);
|
||||
|
||||
HttpHeaders authTokenHeader = new HttpHeaders();
|
||||
authTokenHeader.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
|
||||
authTokenHeader.set(X_AUTH_TOKEN, token);
|
||||
ResponseEntity<User> authTokenResponse = getForUser(this.baseUrl + "/", authTokenHeader, User.class);
|
||||
assertThat(authTokenResponse.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
assertThat(authTokenResponse.getBody().getUsername()).isEqualTo("user");
|
||||
}
|
||||
|
||||
@Test
|
||||
void logout() {
|
||||
String auth = getAuth("user", "password");
|
||||
HttpHeaders headers = getHttpHeaders();
|
||||
headers.set(AUTHORIZATION, BASIC + auth);
|
||||
ResponseEntity<User> entity = getForUser(this.baseUrl + "/", headers, User.class);
|
||||
|
||||
String token = entity.getHeaders().getFirst(X_AUTH_TOKEN);
|
||||
|
||||
HttpHeaders logoutHeader = getHttpHeaders();
|
||||
logoutHeader.set(X_AUTH_TOKEN, token);
|
||||
ResponseEntity<User> logoutResponse = getForUser(this.baseUrl + "/logout", logoutHeader, User.class);
|
||||
assertThat(logoutResponse.getStatusCode()).isEqualTo(HttpStatus.NO_CONTENT);
|
||||
}
|
||||
|
||||
private <T> ResponseEntity<T> getForUser(String resourceUrl, HttpHeaders headers, Class<T> type) {
|
||||
return this.restTemplate.exchange(resourceUrl, HttpMethod.GET, new HttpEntity<T>(headers), type);
|
||||
}
|
||||
|
||||
private HttpHeaders getHttpHeaders() {
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
|
||||
return headers;
|
||||
}
|
||||
|
||||
private String getAuth(String user, String password) {
|
||||
String auth = user + ":" + password;
|
||||
return Base64.getEncoder().encodeToString(auth.getBytes());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,34 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
/**
|
||||
* @author Pool Dolorier
|
||||
*/
|
||||
public class User {
|
||||
|
||||
private String username;
|
||||
|
||||
public String getUsername() {
|
||||
return this.username;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,46 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
import org.testcontainers.containers.GenericContainer;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
|
||||
|
||||
@Configuration
|
||||
@Profile("embedded-redis")
|
||||
public class EmbeddedRedisConfig {
|
||||
|
||||
private static final String DOCKER_IMAGE = "redis:7.0.4-alpine";
|
||||
|
||||
@Bean
|
||||
public GenericContainer redisContainer() {
|
||||
GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE).withExposedPorts(6379);
|
||||
redisContainer.start();
|
||||
return redisContainer;
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Primary
|
||||
public LettuceConnectionFactory redisConnectionFactory() {
|
||||
return new LettuceConnectionFactory(redisContainer().getHost(), redisContainer().getFirstMappedPort());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,44 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
|
||||
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
|
||||
import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
|
||||
import org.springframework.session.web.http.HttpSessionIdResolver;
|
||||
|
||||
@Import(EmbeddedRedisConfig.class)
|
||||
// tag::class[]
|
||||
@Configuration
|
||||
@EnableRedisHttpSession // <1>
|
||||
public class HttpSessionConfig {
|
||||
|
||||
@Bean
|
||||
public LettuceConnectionFactory connectionFactory() {
|
||||
return new LettuceConnectionFactory(); // <2>
|
||||
}
|
||||
|
||||
@Bean
|
||||
public HttpSessionIdResolver httpSessionIdResolver() {
|
||||
return HeaderHttpSessionIdResolver.xAuthToken(); // <3>
|
||||
}
|
||||
|
||||
}
|
||||
// end::class[]
|
||||
@@ -1,25 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
|
||||
|
||||
// tag::class[]
|
||||
public class Initializer extends AbstractHttpSessionApplicationInitializer {
|
||||
|
||||
}
|
||||
// end::class[]
|
||||
@@ -1,55 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.savedrequest.NullRequestCache;
|
||||
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig {
|
||||
|
||||
// @formatter:off
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.authorizeRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.requestCache((requestCache) -> requestCache
|
||||
.requestCache(new NullRequestCache())
|
||||
)
|
||||
.httpBasic(Customizer.withDefaults())
|
||||
.build();
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
@Autowired
|
||||
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser(User.withUsername("user").password("{noop}password").roles("USER").build());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,26 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample;
|
||||
|
||||
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*/
|
||||
public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {
|
||||
|
||||
}
|
||||
@@ -1,31 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample.mvc;
|
||||
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*/
|
||||
@Configuration
|
||||
@EnableWebMvc
|
||||
@ComponentScan
|
||||
public class MvcConfig {
|
||||
|
||||
}
|
||||
@@ -1,46 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample.mvc;
|
||||
|
||||
import sample.HttpSessionConfig;
|
||||
import sample.SecurityConfig;
|
||||
|
||||
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*/
|
||||
public class MvcInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
|
||||
|
||||
// tag::config[]
|
||||
@Override
|
||||
protected Class<?>[] getRootConfigClasses() {
|
||||
return new Class[] { SecurityConfig.class, HttpSessionConfig.class };
|
||||
}
|
||||
// end::config[]
|
||||
|
||||
@Override
|
||||
protected Class<?>[] getServletConfigClasses() {
|
||||
return new Class[] { MvcConfig.class };
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String[] getServletMappings() {
|
||||
return new String[] { "/" };
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,49 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package sample.mvc;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import jakarta.servlet.http.HttpSession;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.ResponseStatus;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*/
|
||||
@RestController
|
||||
public class RestDemoController {
|
||||
|
||||
@RequestMapping(value = "/", produces = "application/json")
|
||||
public Map<String, String> helloUser(Principal principal) {
|
||||
HashMap<String, String> result = new HashMap<>();
|
||||
result.put("username", principal.getName());
|
||||
return result;
|
||||
}
|
||||
|
||||
@RequestMapping("/logout")
|
||||
@ResponseStatus(HttpStatus.NO_CONTENT)
|
||||
public void logout(HttpSession session) {
|
||||
session.invalidate();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,14 +0,0 @@
|
||||
<configuration>
|
||||
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
|
||||
<encoder>
|
||||
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
|
||||
</encoder>
|
||||
</appender>
|
||||
|
||||
<!-- <logger name="org.springframework.security" level="DEBUG"/> -->
|
||||
|
||||
<root level="INFO">
|
||||
<appender-ref ref="STDOUT" />
|
||||
</root>
|
||||
|
||||
</configuration>
|
||||
@@ -1 +0,0 @@
|
||||
ryuk.container.timeout=120
|
||||
Reference in New Issue
Block a user