Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Re-organized the project due to security introduction

  • Loading branch information...
commit af9f59de604ca97b6c674b8bcea399a5ba40800b 1 parent b826eea
@kolorobot authored
Showing with 195 additions and 162 deletions.
  1. +3 −3 src/main/resources/archetype-resources/src/main/java/config/RootConfig.java
  2. +1 −2  src/main/resources/archetype-resources/src/main/java/config/WebMvcConfig.java
  3. +0 −52 src/main/resources/archetype-resources/src/main/java/domain/LogEntry.java
  4. +0 −24 src/main/resources/archetype-resources/src/main/java/domain/LogEntryRepository.java
  5. +70 −0 src/main/resources/archetype-resources/src/main/java/domain/User.java
  6. +31 −0 src/main/resources/archetype-resources/src/main/java/domain/UserRepository.java
  7. +34 −0 src/main/resources/archetype-resources/src/main/java/domain/UserService.java
  8. +15 −26 src/main/resources/archetype-resources/src/main/java/web/{HomeController.java → IndexController.java}
  9. +18 −0 src/main/resources/archetype-resources/src/main/java/web/UserController.java
  10. +4 −8 src/main/resources/archetype-resources/src/main/resources/spring-security-context.xml
  11. +7 −10 src/main/resources/archetype-resources/src/main/webapp/WEB-INF/views/index.jsp
  12. +9 −0 src/main/resources/archetype-resources/src/main/webapp/WEB-INF/views/user/index.jsp
  13. +3 −0  src/main/resources/archetype-resources/src/main/webapp/WEB-INF/views/views.xml
  14. +0 −37 src/main/resources/archetype-resources/src/test/java/web/HomeControllerTest.java
View
6 src/main/resources/archetype-resources/src/main/java/config/RootConfig.java
@@ -1,8 +1,8 @@
package ${package}.config;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
+import org.springframework.context.annotation.*;
@Configuration
-@Import(SecurityConfig.class)
+@ComponentScan(basePackages = { "${package}.domain" })
+@Import({ PersistenceConfig.class, SecurityConfig.class })
public class RootConfig {}
View
3  src/main/resources/archetype-resources/src/main/java/config/WebMvcConfig.java
@@ -11,8 +11,7 @@
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
@Configuration
-@ComponentScan(basePackages = { "${package}" })
-@Import(PersistenceConfig.class)
+@ComponentScan(basePackages = { "${package}.web" })
public class WebMvcConfig extends WebMvcConfigurationSupport {
private static final String MESSAGE_SOURCE = "/WEB-INF/classes/messages";
View
52 src/main/resources/archetype-resources/src/main/java/domain/LogEntry.java
@@ -1,52 +0,0 @@
-package ${package}.domain;
-
-import java.util.Date;
-
-import javax.persistence.*;
-
-@Entity
-@Table(name = "log_entry")
-@NamedQuery(name = LogEntry.FIND_ALL, query = "select le from LogEntry le order by le.date desc")
-public class LogEntry {
-
- public static final String FIND_ALL = "LogEntry.FindAll";
-
- @Id
- @GeneratedValue
- private Long id;
-
- @Temporal(TemporalType.TIMESTAMP)
- private Date date;
-
- private String message;
-
- public LogEntry() {
-
- }
-
- public LogEntry(Date date, String message) {
- this.date = date;
- this.message = message;
- }
-
- public Long getId() {
- return id;
- }
-
- public Date getDate() {
- return date;
- }
-
- public void setDate(Date date) {
- this.date = date;
- }
-
- public String getMessage() {
- return message;
- }
-
- public void setMessage(String message) {
- this.message = message;
- }
-
-}
View
24 src/main/resources/archetype-resources/src/main/java/domain/LogEntryRepository.java
@@ -1,24 +0,0 @@
-package ${package}.domain;
-
-import java.util.Date;
-import java.util.List;
-
-import javax.persistence.EntityManager;
-import javax.persistence.PersistenceContext;
-
-import org.springframework.stereotype.Repository;
-
-@Repository
-public class LogEntryRepository {
-
- @PersistenceContext
- private EntityManager entityManager;
-
- public void createLogEntry(String message) {
- entityManager.persist(new LogEntry(new Date(), message));
- }
-
- public List<LogEntry> findAll() {
- return entityManager.createNamedQuery(LogEntry.FIND_ALL, LogEntry.class).getResultList();
- }
-}
View
70 src/main/resources/archetype-resources/src/main/java/domain/User.java
@@ -0,0 +1,70 @@
+package ${package}.domain;
+
+import javax.persistence.*;
+
+@Entity
+@Table(name = "user")
+@NamedQuery(name = User.FIND_BY_USERNAME, query = "select u from User u where u.username = :username")
+public class User {
+
+ public static final String FIND_BY_USERNAME = "User.findByUsername";
+
+ @Id
+ @GeneratedValue
+ private Long id;
+
+ @Column(unique = true)
+ private String username;
+
+ private String password;
+
+ private String role = "ROLE_USER";
+
+ private String name;
+
+ protected User() {
+
+ }
+
+ public User(String username, String password, String role) {
+ this.username = username;
+ this.password = password;
+ this.role = role;
+ }
+
+ public Long getId() {
+ return id;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ public String getRole() {
+ return role;
+ }
+
+ public void setRole(String role) {
+ this.role = role;
+ }
+}
View
31 src/main/resources/archetype-resources/src/main/java/domain/UserRepository.java
@@ -0,0 +1,31 @@
+package ${package}.domain;
+
+import javax.persistence.*;
+
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+@Repository
+@Transactional(readOnly = true)
+public class UserRepository {
+
+ @PersistenceContext
+ private EntityManager entityManager;
+
+ @Transactional
+ public void save(User user) {
+ entityManager.persist(user);
+ }
+
+ public User findByUsername(String username) {
+ try {
+ return entityManager.createNamedQuery(User.FIND_BY_USERNAME, User.class)
+ .setParameter("username", username)
+ .getSingleResult();
+ } catch (PersistenceException e) {
+ return null;
+ }
+ }
+
+
+}
View
34 src/main/resources/archetype-resources/src/main/java/domain/UserService.java
@@ -0,0 +1,34 @@
+package ${package}.domain;
+
+import java.util.Collections;
+
+import javax.annotation.PostConstruct;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.*;
+import org.springframework.stereotype.Service;
+
+@Service("userService")
+public class UserService implements UserDetailsService {
+
+ @Autowired
+ private UserRepository userRepository;
+
+ @PostConstruct
+ protected void initialize() {
+ userRepository.save(new User("user", "demo", "ROLE_USER"));
+ }
+
+ @Override
+ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+ User user = userRepository.findByUsername(username);
+ if(user == null) {
+ throw new UsernameNotFoundException("user not found");
+ }
+ GrantedAuthority authority = new SimpleGrantedAuthority(user.getRole());
+ return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), Collections.singleton(authority));
+ }
+
+}
View
41 ...e-resources/src/main/java/web/HomeController.java → ...-resources/src/main/java/web/IndexController.java
@@ -1,26 +1,15 @@
-package ${package}.web;
-
-import ${package}.domain.*;
-
-import javax.inject.Inject;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.transaction.annotation.Transactional;
-import org.springframework.ui.Model;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-
-@Controller
-@Transactional
-public class HomeController {
-
- @Inject
- private LogEntryRepository repo;
-
- @RequestMapping(value = "/", method = RequestMethod.GET)
- public String index(Model model) {
- repo.createLogEntry("entering index...");
- model.addAttribute("logEntries", repo.findAll());
- return "index";
- }
-}
+package ${package}.web;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+@Controller
+public class IndexController {
+
+ @RequestMapping(value = "/", method = RequestMethod.GET)
+ public String index(Model model) {
+ return "index";
+ }
+}
View
18 src/main/resources/archetype-resources/src/main/java/web/UserController.java
@@ -0,0 +1,18 @@
+package ${package}.web;
+
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+@Controller
+@RequestMapping("user")
+@PreAuthorize("isAuthenticated()")
+public class UserController {
+
+ @RequestMapping(value = "", method = RequestMethod.GET)
+ public String index(Model model) {
+ return "user/index";
+ }
+}
View
12 src/main/resources/archetype-resources/src/main/resources/spring-security-context.xml
@@ -5,7 +5,7 @@
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
+
<security:global-method-security pre-post-annotations="enabled" secured-annotations="enabled" />
<security:http auto-config="true" disable-url-rewriting="true" use-expressions="true">
@@ -13,12 +13,8 @@ http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:intercept-url pattern="/" access="permitAll" />
<security:intercept-url pattern="/**" access="isAuthenticated()" />
</security:http>
-
- <security:authentication-manager>
- <security:authentication-provider>
- <security:user-service>
- <security:user name="user" password="demo" authorities="ROLE_USER" />
- </security:user-service>
- </security:authentication-provider>
+
+ <security:authentication-manager erase-credentials="true" >
+ <security:authentication-provider user-service-ref="userService" />
</security:authentication-manager>
</beans>
View
17 src/main/resources/archetype-resources/src/main/webapp/WEB-INF/views/index.jsp
@@ -1,10 +1,7 @@
-<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
-<%@ taglib uri="http://www.springframework.org/tags" prefix="s"%>
-<h1>Welcome to the Spring MVC application!</h1>
-
-<h2><s:message code="view.index.title" /></h2>
-<ul>
- <c:forEach var="logEntry" items="${logEntries}">
- <li>${logEntry.date} : ${logEntry.message}</li>
- </c:forEach>
-</ul>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib uri="http://www.springframework.org/tags" prefix="s"%>
+<h1><s:message code="view.index.title" /></h1>
+
+<p>
+ Click <a href='<s:url value="user"></s:url>'>here</a> to navigate to the restricted area. Username: <strong>user</strong>, password: <strong>demo</strong>.
+</p>
View
9 src/main/resources/archetype-resources/src/main/webapp/WEB-INF/views/user/index.jsp
@@ -0,0 +1,9 @@
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib uri="http://www.springframework.org/tags" prefix="s"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+<h1>Hello <security:authentication property="principal.username" />!</h1>
+
+<p>
+ Click <a href='<s:url value="/"></s:url>'>here</a> to navigate to home page.
+ Click <a href='<s:url value="/logout"></s:url>'>here</a> to logout.
+</p>
View
3  src/main/resources/archetype-resources/src/main/webapp/WEB-INF/views/views.xml
@@ -3,6 +3,9 @@
"-//Apache Software Foundation//DTD Tiles Configuration 2.1//EN"
"http://tiles.apache.org/dtds/tiles-config_2_1.dtd">
<tiles-definitions>
+ <definition name="*/*" extends="default">
+ <put-attribute name="body" value="/WEB-INF/views/{1}/{2}.jsp"></put-attribute>
+ </definition>
<definition name="*" extends="default">
<put-attribute name="body" value="/WEB-INF/views/{1}.jsp"></put-attribute>
</definition>
View
37 src/main/resources/archetype-resources/src/test/java/web/HomeControllerTest.java
@@ -1,37 +0,0 @@
-package ${package}.web;
-
-import static org.junit.Assert.*;
-import static org.mockito.Mockito.*;
-
-import ${package}.domain.*;
-
-import java.util.Collections;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.*;
-import org.mockito.runners.MockitoJUnitRunner;
-import org.springframework.ui.*;
-
-@RunWith(MockitoJUnitRunner.class)
-public class HomeControllerTest {
-
- @InjectMocks
- private HomeController controller = new HomeController();
-
- @Mock
- private LogEntryRepository repositoryMock;
-
- @Test
- public void index() {
- // arrange
- Model model = new ExtendedModelMap();
- when(repositoryMock.findAll()).thenReturn(Collections.<LogEntry> emptyList());
-
- // act
- controller.index(model);
-
- // assert
- assertTrue(model.containsAttribute("logEntries"));
- }
-}
Please sign in to comment.
Something went wrong with that request. Please try again.