Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableWebMvc
- @ComponentScan(basePackages = {"ru.mightynoobs.springhibernate.controller",
- "ru.mightynoobs.springhibernate.service"})
- @Import({HibernateConfiguration.class, SpringSecurityConfig.class})
- public class SpringServletConfig extends WebMvcConfigurerAdapter {
- @Bean
- public SpringResourceTemplateResolver templateResolver() {
- SpringResourceTemplateResolver templateResolver = new SpringResourceTemplateResolver();
- templateResolver.setPrefix("/WEB-INF/templates/");
- templateResolver.setSuffix(".html");
- templateResolver.setTemplateMode(TemplateMode.HTML);
- templateResolver.setCacheable(true);
- return templateResolver;
- }
- @Bean
- public SpringTemplateEngine templateEngine() {
- SpringTemplateEngine templateEngine = new SpringTemplateEngine();
- templateEngine.setEnableSpringELCompiler(true);
- templateEngine.setTemplateResolver(templateResolver());
- templateEngine.setDialect(new SpringSecurityDialect());
- return templateEngine;
- }
- @Bean
- public ViewResolver viewResolver() {
- ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
- viewResolver.setTemplateEngine(templateEngine());
- return viewResolver;
- }
- @Override
- public void addResourceHandlers(ResourceHandlerRegistry registry) {
- registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
- }
- @Override
- public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
- configurer.enable();
- }
- }
- @Configuration
- @EnableTransactionManagement
- @ComponentScan({"ru.mightynoobs.springhibernate.dao.note",
- "ru.mightynoobs.springhibernate.dao.user"})
- @PropertySource(value = { "classpath:application.properties" })
- public class HibernateConfiguration {
- private Environment environment;
- @Bean
- public LocalSessionFactoryBean sessionFactory() {
- LocalSessionFactoryBean sessionFactory = new LocalSessionFactoryBean();
- sessionFactory.setDataSource(dataSource());
- sessionFactory.setPackagesToScan("ru.mightynoobs.springhibernate.model");
- sessionFactory.setHibernateProperties(hibernateProperties());
- return sessionFactory;
- }
- @Bean
- public BasicDataSource dataSource() {
- BasicDataSource dataSource = new BasicDataSource();
- dataSource.setDriverClassName(environment.getRequiredProperty("jdbc.driverClassName"));
- dataSource.setUrl(environment.getProperty("jdbc.url"));
- dataSource.setUsername(environment.getRequiredProperty("jdbc.username"));
- dataSource.setPassword(environment.getRequiredProperty("jdbc.password"));
- return dataSource;
- }
- private Properties hibernateProperties() {
- Properties properties = new Properties();
- properties.put("hibernate.dialect", environment.getRequiredProperty("hibernate.dialect"));
- properties.put("hibernate.show_sql", environment.getRequiredProperty("hibernate.show_sql"));
- properties.put("hibernate.format_sql", environment.getRequiredProperty("hibernate.format_sql"));
- return properties;
- }
- @Bean
- @Autowired
- public HibernateTransactionManager transactionManager(SessionFactory s) {
- HibernateTransactionManager txManager = new HibernateTransactionManager();
- txManager.setSessionFactory(s);
- return txManager;
- }
- @Autowired
- public void setEnvironment(Environment environment) {
- this.environment = environment;
- }
- }
- @Configuration
- @EnableWebSecurity
- @ComponentScan(basePackages = {"ru.mightynoobs.springhibernate.security",
- "ru.mightynoobs.springhibernate.dao.security",
- "ru.mightynoobs.springhibernate.service.user"})
- public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
- private PersistentTokenRepository tokenRepository;
- @Autowired
- public void setTokenRepository(PersistentTokenRepository tokenRepository) {
- this.tokenRepository = tokenRepository;
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.authenticationProvider(authenticationProvider());
- }
- @Override
- protected void configure(HttpSecurity httpSecurity) throws Exception {
- httpSecurity
- .formLogin()
- .loginPage("/login.html")
- .failureUrl("/login-error.html")
- .and()
- .logout()
- .logoutSuccessUrl("/index.html")
- .and()
- .authorizeRequests()
- .antMatchers("/home.html")
- .access("hasRole('USER') or hasRole('ADMIN') or hasRole('DBA')")
- .and()
- .rememberMe().rememberMeParameter("remember-me").tokenRepository(tokenRepository)
- .tokenValiditySeconds(86400)
- .and()
- .exceptionHandling()
- .accessDeniedPage("/access_denied.html");
- }
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
- @Bean
- public PersistentTokenBasedRememberMeServices persistentTokenBasedRememberMeServices() throws Exception{
- return new PersistentTokenBasedRememberMeServices("remember-me", userDetailsServiceBean(), tokenRepository);
- }
- @Override
- @Bean
- public UserDetailsService userDetailsServiceBean() throws Exception {
- return new CustomUserDetailsService();
- }
- @Bean
- public DaoAuthenticationProvider authenticationProvider() throws Exception{
- DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
- daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
- daoAuthenticationProvider.setUserDetailsService(userDetailsServiceBean());
- return daoAuthenticationProvider;
- }
- }
- public class SpringMainInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
- public SpringMainInitializer() {
- super();
- }
- @Override
- protected Class<?>[] getRootConfigClasses() {
- return new Class[]{HibernateConfiguration.class, SpringSecurityConfig.class};
- }
- @Override
- protected Class<?>[] getServletConfigClasses() {
- return new Class[] {SpringServletConfig.class};
- }
- @Override
- protected String[] getServletMappings() {
- return new String[]{"/"};
- }
- }
- public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
- }
- @Service
- public class CustomUserDetailsService implements UserDetailsService {
- private static final Logger log = LoggerFactory.getLogger(CustomUserDetailsService.class);
- private UserService userService;
- @Override
- @Transactional(readOnly = true)
- public UserDetails loadUserByUsername(String login) throws UsernameNotFoundException {
- User user = userService.getUserByLogin(login);
- log.info("User : {}", user);
- if (user == null) {
- log.info("User not found");
- throw new UsernameNotFoundException("User not found");
- }
- return new org.springframework.security.core.userdetails.User(user.getLogin(), user.getPassword(),
- true, true, true, true, getGrantedAuthorities(user));
- }
- private List<GrantedAuthority> getGrantedAuthorities(User user) {
- List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
- for (Role role : user.getRoles()) {
- log.info("UserProfile : {}", role);
- grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_"+role.getRoleName()));
- }
- log.info("authorities : {}", grantedAuthorities);
- return grantedAuthorities;
- }
- @Autowired
- public void setUserService(UserService userService) {
- this.userService = userService;
- }
- }
- @Controller
- @SessionAttributes("roles")
- public class SecurityController {
- private UserService userService;
- private RoleService roleService;
- private MessageSource messageSource;
- private PersistentTokenBasedRememberMeServices persistentTokenBasedRememberMeServices;
- @RequestMapping("/")
- public String login(Model model) {
- return "redirect:/index.html";
- }
- @RequestMapping("/login.html")
- public String login() {
- return "login";
- }
- @RequestMapping("/login-error.html")
- public String refuse(Model model) {
- /*System.out.println(model.containsAttribute("loginError"));
- model.addAttribute("loginError", true);
- System.out.println(model.containsAttribute("loginError"));*/
- return "login";
- }
- @RequestMapping("/index.html")
- public String index() {
- return "index";
- }
- @RequestMapping("/home.html")
- public String home() {
- return "home";
- }
- @RequestMapping("/access_denied.html")
- public String denied() {
- return "access_denied";
- }
- @Autowired
- @Qualifier("userService")
- public void setUserService(UserService userService) {
- this.userService = userService;
- }
- @Autowired
- @Qualifier("roleService")
- public void setRoleService(RoleService roleService) {
- this.roleService = roleService;
- }
- @Autowired
- public void setMessageSource(MessageSource messageSource) {
- this.messageSource = messageSource;
- }
- @Autowired
- public void setPersistentTokenBasedRememberMeServices(PersistentTokenBasedRememberMeServices persistentTokenBasedRememberMeServices) {
- this.persistentTokenBasedRememberMeServices = persistentTokenBasedRememberMeServices;
- }
- }
- <!DOCTYPE html>
- <html xmlns:th="http://www.thymeleaf.org">
- <head>
- <title>Login page</title>
- </head>
- <body>
- <p th:if="${loginError}" class="error">Wrong user or password</p>
- <form th:action="@{/login}" method="post">
- <div>Username: <input type="text" name="username"/> </div>
- <div>Password: <input type="password" name="password"/> </div>
- <div>Remember Me: <input type="checkbox" name="remember-me" /> </div>
- <div><input type="submit" value="Sign In"/></div>
- </form>
- </body>
- </html>
- <!DOCTYPE html>
- <html xmlns:th="http://www.thymeleaf.org">
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Oh my god!</title>
- </head>
- <body>
- <h1>IT WORKS!</h1>
- <div>Go to <a href="home.html" th:href="@{/home.html}">Home</a></div>
- </body>
- </html>
- <!DOCTYPE html>
- <html xmlns:th="http://www.thymeleaf.org">
- <head>
- <title>Our notes app</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
- </head>
- <body>
- <script type="text/javascript" th:src="@{/resources/js/test.js}"></script>
- <p>Welcome to our Notes App!</p>
- </body>
- </html>
- <!DOCTYPE html>
- <html xmlns:th="http://www.thymeleaf.org">
- <head>
- <title>Error page</title>
- <meta charset="utf-8" />
- </head>
- <body>
- <h1>FORBIDDEN</h1>
- <a href="index.html" th:href="@{/index.html}">Back to Home Page</a>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement