security work

eugenp · eugenp · commit 1696627374a4 · 2013-06-02T19:27:41.000+03:00
diff --git a/spring-security-custom/src/main/java/org/baeldung/spring/MvcConfig.java b/spring-security-custom/src/main/java/org/baeldung/spring/MvcConfig.java
@@ -23,7 +23,7 @@ public MvcConfig() {
     public void addViewControllers(final ViewControllerRegistry registry) {
         super.addViewControllers(registry);
 
-        // registry.addViewController("/login.html");
+        registry.addViewController("/login.html");
         registry.addViewController("/homepage.html");
     }
 
diff --git a/spring-security-custom/src/main/resources/webSecurityConfig.xml b/spring-security-custom/src/main/resources/webSecurityConfig.xml
@@ -1,24 +1,31 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
-    xmlns:sec="http://www.springframework.org/schema/security"
     xsi:schemaLocation="
-      http://www.springframework.org/schema/security
-      http://www.springframework.org/schema/security/spring-security-3.1.xsd
-      http://www.springframework.org/schema/beans
-      http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
+        http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security-3.1.xsd
+        http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
 
-    <http use-expressions="true" entry-point-ref="restAuthenticationEntryPoint">
-        <intercept-url pattern="/api/**" access="isAuthenticated()" />
+    <http use-expressions="true">
+        <intercept-url pattern="/anonymous*" access="isAnonymous()" />
+        <intercept-url pattern="/login*" access="permitAll" />
+        <intercept-url pattern="/**" access="isAuthenticated()" />
 
-        <sec:form-login authentication-success-handler-ref="mySuccessHandler" />
+        <form-login login-page='/login.html' login-processing-url="/perform_login" default-target-url="/homepage.html" authentication-failure-url="/login.html?error=true"
+            always-use-default-target="true" />
 
-        <logout />
     </http>
 
-    <beans:bean id="mySuccessHandler" class="org.baeldung.security.MySavedRequestAwareAuthenticationSuccessHandler" />
-
     <authentication-manager>
-        <authentication-provider ref="customAuthenticationProvider" />
+        <authentication-provider>
+            <user-service>
+                <user name="user1" password="user1Pass" authorities="ROLE_USER" />
+            </user-service>
+        </authentication-provider>
     </authentication-manager>
 
+    <!-- <authentication-manager> -->
+    <!-- <authentication-provider ref="customAuthenticationProvider" /> -->
+    <!-- </authentication-manager> -->
+
 </beans:beans>
diff --git a/spring-security-custom/src/main/webapp/WEB-INF/view/login.jsp b/spring-security-custom/src/main/webapp/WEB-INF/view/login.jsp
@@ -0,0 +1,26 @@
+<html>
+<head></head>
+
+<body>
+	<h1>Login</h1>
+
+	<form name='f' action="perform_login" method='POST'>
+
+		<table>
+			<tr>
+				<td>User:</td>
+				<td><input type='text' name='j_username' value=''></td>
+			</tr>
+			<tr>
+				<td>Password:</td>
+				<td><input type='password' name='j_password' /></td>
+			</tr>
+			<tr>
+				<td><input name="submit" type="submit" value="submit" /></td>
+			</tr>
+		</table>
+
+	</form>
+
+</body>
+</html>
diff --git a/spring-security-login/src/main/resources/webSecurityConfig.xml b/spring-security-login/src/main/resources/webSecurityConfig.xml
@@ -2,16 +2,14 @@
 <beans:beans xmlns="http://www.springframework.org/schema/security"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
 	xsi:schemaLocation="
-		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
-		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
+		http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security-3.1.xsd
+		http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
 
-    <debug/>
-    
 	<http use-expressions="true" >
 		<intercept-url pattern="/anonymous*" access="isAnonymous()" />
-		
         <intercept-url pattern="/login*" access="permitAll" />
-        
         <intercept-url pattern="/**" access="isAuthenticated()" />
 
 		<form-login 
@@ -28,7 +26,7 @@
             
 	</http>
     
-    <beans:bean name="customLogoutSuccessHandler" class="org.baeldung.spring.security.CustomLogoutSuccessHandler" />
+    <beans:bean name="customLogoutSuccessHandler" class="org.baeldung.security.CustomLogoutSuccessHandler" />
 
 	<authentication-manager>
 		<authentication-provider>

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ public MvcConfig() {`
`23`	`23`	`public void addViewControllers(final ViewControllerRegistry registry) {`
`24`	`24`	`super.addViewControllers(registry);`
`25`	`25`
`26`		`- // registry.addViewController("/login.html");`
	`26`	`+ registry.addViewController("/login.html");`
`27`	`27`	`registry.addViewController("/homepage.html");`
`28`	`28`	`}`
`29`	`29`