Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?xml version="1.0" encoding="UTF-8"?>
- <beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
- xmlns:jpa="http://www.springframework.org/schema/data/jpa"
- xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
- xmlns:security="http://www.springframework.org/schema/security"
- xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
- http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd
- http://www.springframework.org/schema/data/jpa http://www.springframework.org/schema/data/jpa/spring-jpa-1.8.xsd">
- <context:annotation-config base-package="hello.*"></context:annotation-config>
- <context:component-scan base-package="hello.*" />
- <jpa:repositories base-package="hello.*"></jpa:repositories>
- <bean id="dataSource"
- class="org.springframework.jdbc.datasource.DriverManagerDataSource">
- <property name="driverClassName" value="com.mysql.jdbc.Driver"></property>
- <property name="url" value="jdbc:mysql://localhost:3306/test20"></property>
- <property name="username" value="root"></property>
- <property name="password" value=""></property>
- </bean>
- <bean id="persistenceUnitManager"
- class="org.springframework.orm.jpa.persistenceunit.DefaultPersistenceUnitManager">
- <property name="persistenceXmlLocations">
- <list>
- <value>classpath*:META-INF/persistence.xml</value>
- </list>
- </property>
- <property name="defaultDataSource" ref="dataSource"></property>
- </bean>
- <bean id="entityManagerFactory"
- class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
- <property name="persistenceUnitManager" ref="persistenceUnitManager"></property>
- <property name="persistenceUnitName" value="MY_P"></property>
- </bean>
- <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
- <property name="entityManagerFactory" ref="entityManagerFactory"></property>
- </bean>
- <?xml version="1.0" encoding="UTF-8"?>
- <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
- <!-- The definition of the Root Spring Container shared by all Servlets
- and Filters -->
- <context-param>
- <param-name>contextConfigLocation</param-name>
- <param-value>classpath*:applicationContext.xml</param-value>
- </context-param>
- <!-- Creates the Spring Container shared by all Servlets and Filters -->
- <listener>
- <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
- </listener>
- <!-- Processes application requests -->
- <servlet>
- <servlet-name>appServlet</servlet-name>
- <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
- <init-param>
- <param-name>contextConfigLocation</param-name>
- <param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
- </init-param>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>appServlet</servlet-name>
- <url-pattern>/</url-pattern>
- </servlet-mapping>
- </web-app>
- package hello;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.beans.factory.annotation.Qualifier;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.context.annotation.Primary;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
- import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
- import org.springframework.security.oauth2.provider.token.TokenStore;
- import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
- @Configuration
- public class OAuth2ServerConfiguration {
- private static final String RESOURCE_ID = "restservice";
- @Configuration
- @EnableResourceServer
- protected static class ResourceServerConfiguration extends
- ResourceServerConfigurerAdapter {
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) {
- // @formatter:off
- resources
- .resourceId(RESOURCE_ID);
- // @formatter:on
- }
- @Override
- public void configure(HttpSecurity http) throws Exception {
- // @formatter:off
- http
- .authorizeRequests()
- .antMatchers("/users").hasRole("ADMIN")
- .antMatchers("/greeting").authenticated();
- // @formatter:on
- }
- }
- @Configuration
- @EnableAuthorizationServer
- protected static class AuthorizationServerConfiguration extends
- AuthorizationServerConfigurerAdapter {
- private TokenStore tokenStore = new InMemoryTokenStore();
- @Autowired
- @Qualifier("authenticationManagerBean")
- private AuthenticationManager authenticationManager;
- @Autowired
- private CustomUserDetailsService userDetailsService;
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints)
- throws Exception {
- // @formatter:off
- endpoints
- .tokenStore(this.tokenStore)
- .authenticationManager(this.authenticationManager)
- .userDetailsService(userDetailsService).prefix("/greeting");
- // @formatter:on
- }
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- // @formatter:off
- clients
- .inMemory()
- .withClient("clientapp")
- .authorizedGrantTypes("password", "refresh_token")
- .authorities("USER")
- .scopes("read", "write")
- .resourceIds(RESOURCE_ID)
- .secret("123456");
- // @formatter:on
- }
- @Bean
- @Primary
- public DefaultTokenServices tokenServices() {
- DefaultTokenServices tokenServices = new DefaultTokenServices();
- tokenServices.setSupportRefreshToken(true);
- tokenServices.setTokenStore(this.tokenStore);
- return tokenServices;
- }
- }
- }
- package hello;
- import java.util.concurrent.atomic.AtomicLong;
- import org.springframework.security.core.annotation.AuthenticationPrincipal;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RestController;
- import hello.data.User;
- @RestController
- public class GreetingController {
- private static final String template = "Hello, %s!";
- private final AtomicLong counter = new AtomicLong();
- @RequestMapping("/greeting")
- public Greeting greeting(@AuthenticationPrincipal User user) {
- return new Greeting(counter.incrementAndGet(),
- String.format(template, user.getName()));
- }
- }
- package hello;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- @Configuration
- @EnableWebSecurity
- public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
- @Autowired
- private CustomUserDetailsService userDetailsService;
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userDetailsService);
- }
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- }
- INFO : org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping - Mapped "{[/oauth/authorize],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map<java.lang.String, java.lang.Object>,java.util.Map<java.lang.String, java.lang.String>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
- INFO : org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping - Mapped "{[/oauth/authorize],methods=[POST],params=[user_oauth_approval],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map<java.lang.String, java.lang.String>,java.util.Map<java.lang.String, ?>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
- INFO : org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping - Mapped "{[/oauth/token],methods=[GET],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException
- INFO : org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping - Mapped "{[/oauth/token],methods=[POST],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.postAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException
- INFO : org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping - Mapped "{[/oauth/check_token],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public java.util.Map<java.lang.String, ?> org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint.checkToken(java.lang.String)
- INFO : org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping - Mapped "{[/oauth/confirm_access],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map<java.lang.String, java.lang.Object>,javax.servlet.http.HttpServletRequest) throws java.lang.Exception
- INFO : org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping - Mapped "{[/oauth/error],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelErrorEndpoint.handleError(javax.servlet.http.HttpServletRequest)
- INFO : org.springframework.security.web.DefaultSecurityFilterChain - Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/greeting/oauth/token'], Ant [pattern='/greeting/oauth/token_key'], Ant [pattern='/greeting/oauth/check_token']]], [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@e555f9, org.springframework.security.web.context.SecurityContextPersistenceFilter@179c9de, org.springframework.security.web.header.HeaderWriterFilter@830445, org.springframework.security.web.authentication.logout.LogoutFilter@e1780f, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@171fcc8, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@bdb1b1, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@1c75f90, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@547ea0, org.springframework.security.web.session.SessionManagementFilter@f74cf7, org.springframework.security.web.access.ExceptionTranslationFilter@1ba730d, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@584d1e]
- INFO : org.springframework.security.web.DefaultSecurityFilterChain - Creating filter chain: org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration$NotOAuthRequestMatcher@1b995c6, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1191e9a, org.springframework.security.web.context.SecurityContextPersistenceFilter@ff732a, org.springframework.security.web.header.HeaderWriterFilter@6d6ad5, org.springframework.security.web.authentication.logout.LogoutFilter@41633b, org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter@55c77a, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@d2289a, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@144df97, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@1b924e6, org.springframework.security.web.session.SessionManagementFilter@36f11d, org.springframework.security.web.access.ExceptionTranslationFilter@2b42c5, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@10f33b3]
- INFO : org.springframework.security.web.DefaultSecurityFilterChain - Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@3b8bb3, org.springframework.security.web.context.SecurityContextPersistenceFilter@60c3ae, org.springframework.security.web.header.HeaderWriterFilter@cee322, org.springframework.security.web.csrf.CsrfFilter@1584f4a, org.springframework.security.web.authentication.logout.LogoutFilter@f6d56e, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@1948232, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@8512a3, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@10515f3, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@762e46, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@1d410d9, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@1a842fe, org.springframework.security.web.session.SessionManagementFilter@149de2e, org.springframework.security.web.access.ExceptionTranslationFilter@ca00c4, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@19a7f7]
- INFO : org.springframework.web.servlet.DispatcherServlet - FrameworkServlet 'appServlet': initialization completed in 6167 ms
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement