Skip to content

hencjo/summer-security

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
2 branches 3 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
src
 
 
.gitignore
 
 
LICENSE
 
 
README.md
 
 
pom.xml
 
 
release.sh
 
 
Summer Security Features Example

README.md

Summer Security

Summer Security is a library/DSL for Java Web Applications that need a simpler authentication mechanism.

Features

  • HTTP Basic Authentication (with or without WWW-Authenticate).
  • Form Login, compatible with Spring Security.
  • No dependencies.
  • Configuration in code. (No XML-configuration.)
  • No ThreadLocal. The logged in user is a function of the HttpRequest.
  • Only authentication. Not authorization.
  • Extendable through RequestMatchers and Responders.

Example

import java.io.IOException;
import javax.servlet.*;
import com.hencjo.summer.security.*;
import com.hencjo.summer.security.api.*;
import static com.hencjo.summer.security.api.Summer.*;

public class AuthenticationFilter extends AbstractFilter {
    private final SummerLogger logger = Loggers.noop();
    private final Authenticator authenticator = Authenticators.allowEveryoneAuthenticator();
	private final ServerSideSession session = new ServerSideSession("username");
	private final HttpBasicAuthenticator httpBasicAuthenticator = new HttpBasicAuthenticator(authenticator, "Realm");
	private final FormBasedLogin formBasedLogin = new FormBasedLogin(logger, authenticator, session.sessionWriter(), 
			"/j_spring_security_check", "/j_spring_security_logout", 
			"j_username", "j_password", 
			redirect("/login.html#?logout=true"), redirect("/login.html#?failure=true"), redirect("/index.html"));

	
	private final SummerFilterDelegate filterDelegate = summer(logger, 
			when(pathBeginsWith("/img/")).thenAllow(),
			when(pathBeginsWith("/lib/")).thenAllow(),
			when(pathEquals("/login.html")).thenAllow(),
			when(pathEquals("/login.js")).thenAllow(),
			when(formBasedLogin.logoutRequest()).then(formBasedLogin.performLogoutRequest()),
			when(formBasedLogin.loginRequest()).then(formBasedLogin.performLoginRequest()),
			when(session.exists()).thenAllow(),
			when(httpBasicAuthenticator.authorizes()).thenAllow(),
			when(header("X-Requested-With").equals("XMLHttpRequest")).then(status(403)),
			otherwise().then(redirect("/login.html"))
		);
	
	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
		filterDelegate.doFilter(request, response, filterChain);
	}
}

Include it in your pom like this:

<dependency>
    <groupId>com.hencjo.summer</groupId>
    <artifactId>summer-security</artifactId>
    <version>1.1.1</version>
</dependency>

Summer Security is free software/open source, and is distributed under the Apache License 2.0.

Summer Security is created and maintained by Henrik Johansson (Twitter: @hencjo)

About

No description, website, or topics provided.

Resources

Readme

License

View license

Stars

2 stars

Watchers

1 watching

Forks

1 fork

Releases

3 tags

Packages

No packages published

Languages