Skip to content

l3r8yJ/spring-x-roles-authorities-starter

Repository files navigation

Spring X-Roles Authorities starter

maven central License

This starter allows you to test your role model for non-production scenarios.

Link to blog post.

How to

  1. Add a dependency
<dependency>
    <groupId>ru.l3r8y</groupId>
    <artifactId>spring-x-roles-authorities-starter</artifactId>
    <version><!-- latest --></version>
</dependency>
  1. Add to application.yaml
x-roles:
  enabled: true

Done! Now starter provides an ability to extract authorities from X-Roles header:

// Basic authentication
GET https://example.com/endpoint
Authorization: // any auth
X-Roles: my-role, another-role

Allows hitting this endpoint:

import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
final class Controller {

    @GetMapping("/endpoint")
    @PreAuthorize("hasAnyAuthority('my-role')")
    public ResponseEntity<String> sayHi() {
        return "Hi!";
    }
}

How to Contribute

Fork repository, make changes, then send us a pull request. We will review your changes and apply them to the master branch shortly, provided they don't violate our quality standards. To avoid frustration, before sending us your pull request please run full Maven build:

mvn clean install

You will need Maven 3.3+ and Java 8+ installed.