Fix MVC
This commit is contained in:
Paulo Gustavo Veiga
@@ -1,18 +1,35 @@
|
||||
package com.wisemapping.config;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import com.wisemapping.config.mvc.MvcAppConfig;
|
||||
import com.wisemapping.config.mvc.MvcSecurityConfig;
|
||||
import com.wisemapping.config.mvc.ServletConfig;
|
||||
import com.wisemapping.config.rest.RestAppConfig;
|
||||
import org.springframework.boot.WebApplicationType;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.ImportResource;
|
||||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
import org.springframework.security.web.firewall.StrictHttpFirewall;
|
||||
|
||||
@EnableTransactionManagement
|
||||
@SpringBootApplication
|
||||
@EnableJpaRepositories("com.wisemapping.model")
|
||||
@ImportResource("classpath:spring/wisemapping-common.xml")
|
||||
@ImportResource(value = {"classpath:spring/wisemapping-service.xml"})
|
||||
@ComponentScan({"com.wisemapping.security", "com.wisemapping.service", "com.wisemapping.dao", "com.wisemapping.util"})
|
||||
public class Application {
|
||||
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(Application.class, args);
|
||||
|
||||
new SpringApplicationBuilder()
|
||||
.parent(Application.class, HibernateConfig.class, MethodSecurityConfig.class).web(WebApplicationType.NONE)
|
||||
.child(MvcAppConfig.class, MvcSecurityConfig.class, ServletConfig.class).web(WebApplicationType.SERVLET)
|
||||
.sibling(RestAppConfig.class).web(WebApplicationType.SERVLET)
|
||||
.run(args);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public StrictHttpFirewall httpFirewall() {
|
||||
StrictHttpFirewall firewall = new StrictHttpFirewall();
|
||||
firewall.setAllowSemicolon(true);
|
||||
return firewall;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
package com.wisemapping.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
|
||||
@Configuration
|
||||
@EnableTransactionManagement
|
||||
@EnableJpaRepositories("com.wisemapping.model")
|
||||
public class HibernateConfig {
|
||||
// @Value("${database.hibernate.dialect}")
|
||||
// private String dbDialect;
|
||||
|
||||
@@ -1,159 +0,0 @@
|
||||
package com.wisemapping.config;
|
||||
|
||||
import com.wisemapping.security.AuthenticationSuccessHandler;
|
||||
import com.wisemapping.security.UserDetailsService;
|
||||
import com.wisemapping.service.UserService;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.firewall.StrictHttpFirewall;
|
||||
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
|
||||
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
||||
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig {
|
||||
@Autowired
|
||||
UserService userService;
|
||||
|
||||
@Value("${admin.user}")
|
||||
String adminUser;
|
||||
|
||||
@Bean
|
||||
public StrictHttpFirewall httpFirewall() {
|
||||
StrictHttpFirewall firewall = new StrictHttpFirewall();
|
||||
firewall.setAllowSemicolon(true);
|
||||
return firewall;
|
||||
}
|
||||
@Bean
|
||||
@Order(1)
|
||||
public SecurityFilterChain embeddedDisabledXOrigin(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final MvcRequestMatcher.Builder mvcMatcher = new MvcRequestMatcher.Builder(introspector).servletPath("/c");
|
||||
http
|
||||
.securityMatchers((matchers) ->
|
||||
matchers.requestMatchers(mvcMatcher.pattern(("/maps/*/embed"))))
|
||||
.authorizeHttpRequests(
|
||||
(auth) -> auth.requestMatchers(mvcMatcher.pattern("/maps/*/embed")).permitAll())
|
||||
.headers((header -> header.frameOptions()
|
||||
.disable()
|
||||
))
|
||||
.csrf(AbstractHttpConfigurer::disable);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Order(2)
|
||||
SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final MvcRequestMatcher.Builder serviceMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/service");
|
||||
return http
|
||||
.securityMatchers((matchers) ->
|
||||
matchers.requestMatchers(serviceMapper.pattern(("/**"))))
|
||||
.authorizeHttpRequests(auth ->
|
||||
auth
|
||||
.requestMatchers(serviceMapper.pattern("/users/")).permitAll()
|
||||
.requestMatchers(serviceMapper.pattern("/users/resetPassword")).permitAll()
|
||||
.requestMatchers(serviceMapper.pattern("/oauth2/googlecallback")).permitAll()
|
||||
.requestMatchers(serviceMapper.pattern("/oauth2/confirmaccountsync")).permitAll()
|
||||
.requestMatchers(serviceMapper.pattern("/admin/**")).hasAnyRole("ADMIN")
|
||||
.requestMatchers(serviceMapper.pattern("/**")).hasAnyRole("USER", "ADMIN")
|
||||
)
|
||||
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.httpBasic(httpBasic -> {
|
||||
})
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Order(3)
|
||||
public SecurityFilterChain mvcFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final AuthenticationSuccessHandler authenticationSuccessHandler = new AuthenticationSuccessHandler();
|
||||
authenticationSuccessHandler.setAlwaysUseDefaultTargetUrl(false);
|
||||
authenticationSuccessHandler.setDefaultTargetUrl("/c/maps/");
|
||||
|
||||
final MvcRequestMatcher.Builder restfullMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/c/restful");
|
||||
final MvcRequestMatcher.Builder mvcMatcher = new MvcRequestMatcher.Builder(introspector).servletPath("/c");
|
||||
|
||||
http
|
||||
.securityMatchers((matchers) ->
|
||||
matchers.requestMatchers(restfullMapper.pattern(("/**"))).
|
||||
requestMatchers(mvcMatcher.pattern(("/**"))))
|
||||
.authorizeHttpRequests(
|
||||
(auth) ->
|
||||
auth
|
||||
.requestMatchers(mvcMatcher.pattern("/login")).permitAll()
|
||||
.requestMatchers(mvcMatcher.pattern("/logout")).permitAll()
|
||||
|
||||
.requestMatchers(mvcMatcher.pattern("/registration")).permitAll()
|
||||
.requestMatchers(mvcMatcher.pattern("/registration-success")).permitAll()
|
||||
.requestMatchers(mvcMatcher.pattern("/registration-google")).permitAll()
|
||||
|
||||
.requestMatchers(mvcMatcher.pattern("/forgot-password")).permitAll()
|
||||
.requestMatchers(mvcMatcher.pattern("/forgot-password-success")).permitAll()
|
||||
.requestMatchers(mvcMatcher.pattern("/maps/*/try")).permitAll()
|
||||
.requestMatchers(mvcMatcher.pattern("/maps/*/public")).permitAll()
|
||||
.requestMatchers(restfullMapper.pattern("/maps/*/document/xml-pub")).permitAll()
|
||||
.requestMatchers(mvcMatcher.pattern("/**")).hasAnyRole("USER", "ADMIN")
|
||||
.requestMatchers(restfullMapper.pattern("/**")).hasAnyRole("USER", "ADMIN")
|
||||
.anyRequest().authenticated())
|
||||
.formLogin((loginForm) ->
|
||||
loginForm.loginPage("/c/login")
|
||||
.loginProcessingUrl("/c/perform-login")
|
||||
.defaultSuccessUrl("/c/maps/")
|
||||
.failureUrl("/c/login?login_error=2"))
|
||||
.logout((logout) ->
|
||||
logout
|
||||
.logoutUrl("/c/logout")
|
||||
.logoutSuccessUrl("/c/login")
|
||||
.invalidateHttpSession(true)
|
||||
.deleteCookies("JSESSIONID")
|
||||
.permitAll()
|
||||
).rememberMe(remember ->
|
||||
remember
|
||||
.tokenValiditySeconds(2419200)
|
||||
.rememberMeParameter("remember-me"
|
||||
).authenticationSuccessHandler(authenticationSuccessHandler)
|
||||
).headers((header -> header.frameOptions()
|
||||
.disable()
|
||||
))
|
||||
.csrf((csrf) ->
|
||||
csrf.ignoringRequestMatchers(mvcMatcher.pattern("/logout")));
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Order(4)
|
||||
public SecurityFilterChain shareResourcesFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final MvcRequestMatcher.Builder restfullMapper = new MvcRequestMatcher.Builder(introspector);
|
||||
|
||||
return http.authorizeHttpRequests(
|
||||
(auth) ->
|
||||
auth.requestMatchers(restfullMapper.pattern("/static/**")).permitAll().
|
||||
requestMatchers(restfullMapper.pattern("/css/**")).permitAll().
|
||||
requestMatchers(restfullMapper.pattern("/js/**")).permitAll().
|
||||
requestMatchers(restfullMapper.pattern("/images/**")).permitAll().
|
||||
requestMatchers(restfullMapper.pattern("/*")).permitAll()
|
||||
).build();
|
||||
}
|
||||
|
||||
|
||||
|
||||
@Bean
|
||||
public UserDetailsService userDetailsService() {
|
||||
final UserDetailsService result = new UserDetailsService();
|
||||
result.setUserService(userService);
|
||||
result.setAdminUser(adminUser);
|
||||
return result;
|
||||
}
|
||||
}
|
||||
@@ -1,30 +1,34 @@
|
||||
package com.wisemapping.config;
|
||||
package com.wisemapping.config.mvc;
|
||||
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.ImportResource;
|
||||
import org.springframework.web.servlet.HandlerExceptionResolver;
|
||||
import org.springframework.web.servlet.ViewResolver;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver;
|
||||
import org.springframework.web.servlet.view.InternalResourceViewResolver;
|
||||
import org.springframework.web.servlet.view.JstlView;
|
||||
|
||||
@Configuration
|
||||
|
||||
@SpringBootApplication
|
||||
@EnableWebMvc
|
||||
public class MvcConfig implements WebMvcConfigurer {
|
||||
@Override
|
||||
public void addResourceHandlers(ResourceHandlerRegistry registry) {
|
||||
registry
|
||||
.addResourceHandler("/**")
|
||||
.addResourceLocations("classpath:/public/");
|
||||
}
|
||||
@ImportResource(value = {"classpath:spring/wisemapping-servlet.xml"})
|
||||
@ComponentScan("com.wisemapping.webmvc")
|
||||
public class MvcAppConfig implements WebMvcConfigurer {
|
||||
// @Override
|
||||
// public void addResourceHandlers(ResourceHandlerRegistry registry) {
|
||||
// registry
|
||||
// .addResourceHandler("/**")
|
||||
// .addResourceLocations("classpath:/public/");
|
||||
// }
|
||||
|
||||
@Bean
|
||||
public ViewResolver viewResolver() {
|
||||
InternalResourceViewResolver resolver = new InternalResourceViewResolver();
|
||||
resolver.setPrefix("/views/");
|
||||
resolver.setPrefix("/WEB-INF/jsp/");
|
||||
resolver.setSuffix(".jsp");
|
||||
resolver.setViewClass(JstlView.class);
|
||||
return resolver;
|
||||
@@ -0,0 +1,101 @@
|
||||
package com.wisemapping.config.mvc;
|
||||
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
|
||||
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
||||
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class MvcSecurityConfig {
|
||||
|
||||
@Bean
|
||||
@Order(1)
|
||||
public SecurityFilterChain embeddedDisabledXOrigin(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector);
|
||||
|
||||
http
|
||||
.securityMatchers((matchers) ->
|
||||
matchers.requestMatchers(matcher.pattern("c/maps/*/embed")))
|
||||
.authorizeHttpRequests(
|
||||
(auth) -> auth.requestMatchers(matcher.pattern(("c/maps/*/embed"))).permitAll())
|
||||
.headers((header -> header.frameOptions()
|
||||
.disable()
|
||||
))
|
||||
.csrf(AbstractHttpConfigurer::disable);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Order(2)
|
||||
public SecurityFilterChain mvcFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector);
|
||||
http
|
||||
.securityMatchers((matchers) ->
|
||||
matchers.requestMatchers(matcher.pattern("/c/**")))
|
||||
.authorizeHttpRequests(
|
||||
(auth) ->
|
||||
auth
|
||||
.requestMatchers(matcher.pattern("/c/login")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/logout")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/registration")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/registration-success")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/registration-google")).permitAll()
|
||||
|
||||
.requestMatchers(matcher.pattern("/c/forgot-password")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/forgot-password-success")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/maps/*/try")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/maps/*/public")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/c/**")).hasAnyRole("USER", "ADMIN")
|
||||
.anyRequest().authenticated())
|
||||
.formLogin((loginForm) ->
|
||||
loginForm.loginPage("/c/login")
|
||||
.loginProcessingUrl("/c/perform-login")
|
||||
.defaultSuccessUrl("/c/maps/")
|
||||
.failureUrl("/c/login?login_error=2"))
|
||||
.logout((logout) ->
|
||||
logout
|
||||
.logoutUrl("/c/logout")
|
||||
.logoutSuccessUrl("/c/login")
|
||||
.invalidateHttpSession(true)
|
||||
.deleteCookies("JSESSIONID")
|
||||
.permitAll()
|
||||
).rememberMe(remember ->
|
||||
remember
|
||||
.tokenValiditySeconds(2419200)
|
||||
.rememberMeParameter("remember-me"
|
||||
)
|
||||
).headers((header -> header.frameOptions()
|
||||
.disable()
|
||||
))
|
||||
.csrf((csrf) ->
|
||||
csrf.ignoringRequestMatchers(matcher.pattern("/c/logout")));
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Order(3)
|
||||
public SecurityFilterChain shareResourcesFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector);
|
||||
|
||||
return http.authorizeHttpRequests(
|
||||
(auth) ->
|
||||
auth.requestMatchers(matcher.pattern("/static/**")).permitAll().
|
||||
requestMatchers(matcher.pattern("/css/**")).permitAll().
|
||||
requestMatchers(matcher.pattern("/js/**")).permitAll().
|
||||
// @todo: Wht this is required ...
|
||||
requestMatchers(matcher.pattern("/WEB-INF/jsp/*.jsp")).permitAll().
|
||||
requestMatchers(matcher.pattern("/images/**")).permitAll().
|
||||
requestMatchers(matcher.pattern("/*")).permitAll()
|
||||
).build();
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,12 @@
|
||||
package com.wisemapping.config.mvc;
|
||||
|
||||
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
|
||||
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
public class ServletConfig implements WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> {
|
||||
public void customize(ConfigurableServletWebServerFactory factory){
|
||||
factory.setPort(8081);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,44 @@
|
||||
package com.wisemapping.config.rest;
|
||||
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
|
||||
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
||||
|
||||
|
||||
@SpringBootApplication
|
||||
@EnableWebSecurity
|
||||
@ComponentScan("com.wisemapping.rest")
|
||||
public class RestAppConfig {
|
||||
@Bean
|
||||
@Order(2)
|
||||
SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
|
||||
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector).servletPath("/service");
|
||||
return http
|
||||
.securityMatchers((matchers) ->
|
||||
matchers.requestMatchers(matcher.pattern(("/**"))))
|
||||
.authorizeHttpRequests(auth ->
|
||||
auth
|
||||
.requestMatchers(matcher.pattern("/users/")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/users/resetPassword")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/oauth2/googlecallback")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/oauth2/confirmaccountsync")).permitAll()
|
||||
.requestMatchers(matcher.pattern("/admin/**")).hasAnyRole("ADMIN")
|
||||
.requestMatchers(matcher.pattern("/**")).hasAnyRole("USER", "ADMIN")
|
||||
)
|
||||
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.httpBasic(httpBasic -> {
|
||||
})
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
.build();
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user