More content for Part VI

basic/README.md

@@ -333,14 +333,14 @@ Run the application again (or just reload the home page in the browser), and you
 
 The interactions between the browser and the backend can be seen in your browser if you use some developer tools (usually F12 opens this up, works in Chrome by default, requires a plugin in Firefox). Here's a summary:
 
-Verb | Path    | Status | Response
------|---------|--------|---------
-GET  | /       | 401    | Browser prompts for authentication
-GET  | /       | 200    | index.html
+Verb | Path             | Status | Response
+-----|------------------|--------|---------
+GET  | /                | 401    | Browser prompts for authentication
+GET  | /                | 200    | index.html
 GET  | /css/angular-bootstrap.css | 200 | Twitter bootstrap CSS
 GET  | /js/angular-bootstrap.js  | 200 | Bootstrap and Angular JS
-GET  | /js/hello.js              | 200 | Application logic
-GET  | /resource                 | 200 | JSON greeting
+GET  | /js/hello.js     | 200 | Application logic
+GET  | /resource        | 200 | JSON greeting
 
 You might not see the 401 because the browser treats the home page load as a single interaction, and you might see 2 requests for "/resource" because there is a [CORS](http://en.wikipedia.org/wiki/Cross-origin_resource_sharing) negotiation.
 

double/admin/src/main/java/demo/AdminApplication.java

@@ -5,9 +5,8 @@
 import java.util.Map;
 
 import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.security.SecurityProperties;
-import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -18,9 +17,7 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-@Configuration
-@ComponentScan
-@EnableAutoConfiguration
+@SpringBootApplication
 @RestController
 @EnableRedisHttpSession
 public class AdminApplication {

double/gateway/src/main/java/demo/GatewayApplication.java

@@ -65,7 +65,7 @@ protected static class SecurityConfiguration extends WebSecurityConfigurerAdapte
 		public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
 			// @formatter:off	
 			auth.inMemoryAuthentication()
-				.withUser("user").password("user").roles("USER")
+				.withUser("user").password("password").roles("USER")
 			.and()
 				.withUser("admin").password("admin").roles("USER", "ADMIN", "READER", "WRITER")
 			.and()
@@ -82,7 +82,7 @@ protected void configure(HttpSecurity http) throws Exception {
 				.logout()
 			.and()
 				.authorizeRequests()
-					.antMatchers("/index.html", "/").permitAll()
+					.antMatchers("/index.html", "/login", "/").permitAll()
 					.anyRequest().authenticated()
 			.and()
 				.csrf().csrfTokenRepository(csrfTokenRepository())

double/gateway/src/main/resources/application.yml

@@ -2,17 +2,13 @@ logging:
   level:
     org.springframework.security: DEBUG
 security:
-  user:
-    password: password
+  sessions: ALWAYS
 zuul:
   routes:
-    message:
-      path: /message/**
+    ui:
       url: http://localhost:8081
     admin:
-      path: /admin/**
       url: http://localhost:8082
     resource:
-      path: /resource/**
       url: http://localhost:9000
 

double/gateway/src/main/resources/static/index.html

@@ -44,10 +44,7 @@
 		</form>
 	</div>
 	<div class="container" ng-show="authenticated">
-		<ul>
-			<li><a href="/message/">Message</a></li>
-			<li><a href="/admin/">Admin</a></li>
-		</ul>
+		<a class="btn btn-primary" href="/ui/">Go To User Interface</a>
 	</div>
 	<script src="js/angular-bootstrap.js" type="text/javascript"></script>
 	<script src="js/hello.js" type="text/javascript"></script>

double/gateway/src/main/resources/static/js/hello.js

@@ -4,7 +4,7 @@ angular.module('hello', []).config(function($httpProvider) {
 
 }).controller('navigation',
 
-function($scope, $http, $location) {
+function($scope, $http) {
 
 	var authenticate = function(credentials, callback) {
 
@@ -14,18 +14,20 @@ function($scope, $http, $location) {
 							+ credentials.password)
 		} : {};
 
+		$scope.user = ''
 		$http.get('user', {
 			headers : headers
 		}).success(function(data) {
 			if (data.name) {
 				$scope.authenticated = true;
+				$scope.user = data.name
 			} else {
 				$scope.authenticated = false;
 			}
-			callback && callback();
+			callback && callback(true);
 		}).error(function() {
 			$scope.authenticated = false;
-			callback && callback();
+			callback && callback(false);
 		});
 
 	}
@@ -34,25 +36,15 @@ function($scope, $http, $location) {
 
 	$scope.credentials = {};
 	$scope.login = function() {
-		authenticate($scope.credentials, function() {
-			if ($scope.authenticated) {
-				console.log("Login succeeded")
-				$location.path("/");
-				$scope.error = false;
-				$scope.authenticated = true;
-			} else {
-				console.log("Login failed")
-				$location.path("/login");
-				$scope.error = true;
-				$scope.authenticated = false;
-			}
+		authenticate($scope.credentials, function(authenticated) {
+			$scope.authenticated = authenticated;
+			$scope.error = !authenticated;
 		})
 	};
 
 	$scope.logout = function() {
 		$http.post('logout', {}).success(function() {
 			$scope.authenticated = false;
-			$location.path("/");
 		}).error(function(data) {
 			console.log("Logout failed")
 			$scope.authenticated = false;

double/pom.xml

@@ -10,9 +10,9 @@
 
 	<modules>
 		<module>gateway</module>
-		<module>message</module>
-		<module>dashboard</module>
+		<module>ui</module>
 		<module>resource</module>
+		<module>admin</module>
 	</modules>
 
 </project>

double/message/pom.xml → double/ui/pom.xml

@@ -4,11 +4,11 @@
 	<modelVersion>4.0.0</modelVersion>
 
 	<groupId>org.test</groupId>
-	<artifactId>double-message</artifactId>
+	<artifactId>double-ui</artifactId>
 	<version>0.0.1-SNAPSHOT</version>
 	<packaging>jar</packaging>
 
-	<name>double-message</name>
+	<name>double-ui</name>
 	<description>Demo project for Spring Boot</description>
 
 	<parent>

double/message/src/main/java/demo/MessageApplication.java → double/ui/src/main/java/demo/UiApplication.java

@@ -21,15 +21,15 @@
 @EnableAutoConfiguration
 @RestController
 @EnableRedisHttpSession
-public class MessageApplication {
+public class UiApplication {
 
 	@RequestMapping("/user")
 	public Map<String, String> user(Principal user) {
 		return Collections.singletonMap("name", user.getName());
 	}
 
 	public static void main(String[] args) {
-		SpringApplication.run(MessageApplication.class, args);
+		SpringApplication.run(UiApplication.class, args);
 	}
 
 	@Configuration
@@ -41,7 +41,7 @@ protected void configure(HttpSecurity http) throws Exception {
 			http
 				.authorizeRequests()
 					.antMatchers("/index.html", "/").permitAll()
-					.anyRequest().hasRole("ADMIN");
+					.anyRequest().hasRole("USER");
 			// @formatter:on
 		}
 	}

double/ui/src/main/resources/application.yml

@@ -0,0 +1,2 @@
+server:
+  port: 8081

double/message/src/main/resources/static/index.html → double/ui/src/main/resources/static/index.html

@@ -12,7 +12,7 @@
 </style>
 </head>
 
-<body ng-app="message" ng-cloak class="ng-cloak" ng-controller="home">
+<body ng-app="hello" ng-cloak class="ng-cloak" ng-controller="home">
 	<nav class="navbar navbar-default">
 		<div class="container">
 			<p>
@@ -34,6 +34,6 @@ <h1>Message</h1>
 		</div>
 	</div>
 	<script src="js/angular-bootstrap.js" type="text/javascript"></script>
-	<script src="js/message.js" type="text/javascript"></script>
+	<script src="js/hello.js" type="text/javascript"></script>
 </body>
 </html>

double/message/src/main/resources/static/js/message.js → double/ui/src/main/resources/static/js/hello.js

@@ -1,4 +1,4 @@
-angular.module('message', []).controller('home',
+angular.module('hello', []).controller('home',
 
 function($scope, $http) {
 

double/message/src/test/java/demo/ApplicationTests.java → double/ui/src/test/java/demo/ApplicationTests.java

@@ -24,7 +24,7 @@
 import org.springframework.web.client.RestTemplate;
 
 @RunWith(SpringJUnit4ClassRunner.class)
-@SpringApplicationConfiguration(classes = MessageApplication.class)
+@SpringApplicationConfiguration(classes = UiApplication.class)
 @WebAppConfiguration
 @IntegrationTest("server.port:0")
 public class ApplicationTests {

single/README.md

@@ -425,4 +425,4 @@ If that was your response to the last section, then read it again because maybe
 
 The application we have now is close to what a user might expect in a "real" application in a live environment, and it probably could be used as a template for building out into a more feature rich application with that architecture (single server with static content and JSON resources). We are using the `HttpSession` for storing security data, relying on our clients to respect and use the cookies we send them, and we are comfortable with that because it lets us concentrate on our own business domain. In the [next article][third] we expand the architecture to a separate authentication and UI server, plus a standalone resource server for the JSON. This is obviously easily generalised to multiple resource servers. We are also going to introduce Spring Session into the stack and show how that can be used to share authentication data.
 
-[third]: https://spring.io/blog/2015/01/20/the-resource-server-angular-js-and-spring-security-part-iii (THird Article in the Series)
+[third]: https://spring.io/blog/2015/01/20/the-resource-server-angular-js-and-spring-security-part-iii (Third Article in the Series)