From 771c27021c033f5b6b9a3d9fdcd4048f9d8023af Mon Sep 17 00:00:00 2001
From: Alexander Alexeev
Date: Mon, 21 Nov 2016 13:38:27 +0700
Subject: spring-www project skeleton

---
 .../juick/www/configuration/WebSecurityConfig.java | 85 ++++++++++++++++++++++
 .../juick/www/configuration/WwwInitializer.java    | 26 +++++--
 .../www/configuration/WwwServletConfiguration.java | 18 ++---
 3 files changed, 109 insertions(+), 20 deletions(-)
 create mode 100644 juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java

(limited to 'juick-spring-www/src/main/java/com/juick/www/configuration')

diff --git a/juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
new file mode 100644
index 00000000..65d07dba
--- /dev/null
+++ b/juick-spring-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -0,0 +1,85 @@
+package com.juick.www.configuration;
+
+import com.juick.service.UserService;
+import com.juick.www.entity.JuickUser;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.env.Environment;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+import javax.annotation.Resource;
+
+/**
+ * Created by aalexeev on 11/21/16.
+ */
+@EnableWebSecurity
+@PropertySource("classpath:juick.conf")
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+    @Resource
+    private Environment env;
+    @Resource
+    private UserService userService;
+
+    protected WebSecurityConfig() {
+        super(true);
+    }
+
+    @Bean("authManager")
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    @Bean("userDetailsService")
+    @Override
+    public UserDetailsService userDetailsServiceBean() throws Exception {
+        return username -> {
+            if (StringUtils.isBlank(username))
+                throw new UsernameNotFoundException("Invalid user name " + username);
+
+            com.juick.User user = userService.getUserByName(username);
+
+            if (user != null)
+                return new JuickUser(user);
+
+            throw new UsernameNotFoundException("The username " + username + " is not found");
+        };
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                .antMatchers("/settings", "/pm/**").authenticated()
+                .anyRequest().authenticated()
+                .and()
+                .anonymous()
+                .authorities("ROLE_ANONYM")
+                .and()
+                .logout()
+                .invalidateHttpSession(true)
+                .logoutUrl("/logout")
+                .logoutSuccessUrl("/")
+                .and()
+                .formLogin()
+                .loginPage("/login")
+                .permitAll()
+                .defaultSuccessUrl("/")
+                .failureForwardUrl("/login")
+                .and()
+                .rememberMe()
+                .tokenValiditySeconds(6 * 30 * 24 * 3600)
+                .alwaysRemember(true)
+                .useSecureCookie(true)
+                .rememberMeCookieName(env.getProperty("auth_cookie_name", "hash"))
+                .rememberMeCookieDomain(env.getProperty("web_domain", "juick.com"))
+                .and()
+                .csrf().disable();
+    }
+}
diff --git a/juick-spring-www/src/main/java/com/juick/www/configuration/WwwInitializer.java b/juick-spring-www/src/main/java/com/juick/www/configuration/WwwInitializer.java
index 852ec554..6b7b4ebc 100644
--- a/juick-spring-www/src/main/java/com/juick/www/configuration/WwwInitializer.java
+++ b/juick-spring-www/src/main/java/com/juick/www/configuration/WwwInitializer.java
@@ -6,6 +6,9 @@ import org.springframework.web.filter.CharacterEncodingFilter;
 import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
 
 import javax.servlet.Filter;
+import javax.servlet.FilterRegistration;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
 
 /**
  * Created by aalexeev on 11/20/16.
@@ -14,7 +17,7 @@ public class WwwInitializer extends AbstractAnnotationConfigDispatcherServletIni
 
     @Override
     protected Class<?>[] getRootConfigClasses() {
-        return new Class<?>[]{DataConfiguration.class, SearchConfiguration.class};
+        return new Class<?>[]{DataConfiguration.class, SearchConfiguration.class, WebSecurityConfig.class};
     }
 
     @Override
@@ -28,16 +31,23 @@ public class WwwInitializer extends AbstractAnnotationConfigDispatcherServletIni
     }
 
     @Override
-    protected Filter[] getServletFilters() {
-        CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
-        characterEncodingFilter.setEncoding("UTF-8");
-
-        return new Filter[]{characterEncodingFilter};
+    protected String getServletName() {
+        return "WWW-spring dispatcher servlet";
     }
 
     @Override
-    protected String getServletName() {
-        return "WWW-spring dispatcher servlet";
+    public void onStartup(ServletContext servletContext) throws ServletException {
+        super.onStartup(servletContext);
+
+        CharacterEncodingFilter encodingFilter = new CharacterEncodingFilter();
+
+        encodingFilter.setEncoding("UTF-8");
+        encodingFilter.setForceEncoding(true);
+
+        FilterRegistration.Dynamic registration = servletContext.addFilter(
+                "encodingFilter",                new CharacterEncodingFilter());
+
+        registration.addMappingForUrlPatterns(null, true, "/*");
     }
 }
 
diff --git a/juick-spring-www/src/main/java/com/juick/www/configuration/WwwServletConfiguration.java b/juick-spring-www/src/main/java/com/juick/www/configuration/WwwServletConfiguration.java
index 8edc1b6c..01cee39f 100644
--- a/juick-spring-www/src/main/java/com/juick/www/configuration/WwwServletConfiguration.java
+++ b/juick-spring-www/src/main/java/com/juick/www/configuration/WwwServletConfiguration.java
@@ -6,14 +6,13 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
-import org.springframework.context.support.ReloadableResourceBundleMessageSource;
 import org.springframework.context.support.ResourceBundleMessageSource;
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
-import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
 import org.thymeleaf.spring4.SpringTemplateEngine;
 import org.thymeleaf.spring4.templateresolver.SpringResourceTemplateResolver;
 import org.thymeleaf.spring4.view.ThymeleafViewResolver;
@@ -64,19 +63,9 @@ public class WwwServletConfiguration extends WebMvcConfigurationSupport {
     public ThymeleafViewResolver viewResolver() {
         ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
         viewResolver.setTemplateEngine(templateEngine());
-        // NOTE 'order' and 'viewNames' are optional
-        viewResolver.setOrder(1);
-        viewResolver.setViewNames(new String[]{".html", ".xhtml"});
         return viewResolver;
     }
 
-    @Override
-    public RequestMappingHandlerMapping requestMappingHandlerMapping() {
-        RequestMappingHandlerMapping mapping = super.requestMappingHandlerMapping();
-        mapping.setUseSuffixPatternMatch(false);
-        return mapping;
-    }
-
     @Override
     protected void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
         Jackson2ObjectMapperBuilder builder = new Jackson2ObjectMapperBuilder()
@@ -97,6 +86,7 @@ public class WwwServletConfiguration extends WebMvcConfigurationSupport {
         registry.setOrder(0);
         registry.addResourceHandler("/scripts.js").addResourceLocations("/");
         registry.addResourceHandler("/style.css").addResourceLocations("/");
+        registry.addResourceHandler("/favicon.ico").addResourceLocations("/static/favicon.ico");
     }
 
     @Bean
@@ -109,4 +99,8 @@ public class WwwServletConfiguration extends WebMvcConfigurationSupport {
 
         return messageSource;
     }
+
+    @Override
+    protected void addViewControllers(ViewControllerRegistry registry) {
+    }
 }
-- 
cgit v1.2.3