├── .gitignore ├── pom.xml └── src ├── main ├── java │ └── sec │ │ └── project │ │ ├── CyberSecurityBaseProjectApplication.java │ │ ├── config │ │ ├── CustomUserDetailsService.java │ │ └── SecurityConfiguration.java │ │ ├── controller │ │ └── SignupController.java │ │ ├── domain │ │ └── Signup.java │ │ └── repository │ │ └── SignupRepository.java └── resources │ └── templates │ ├── done.html │ └── form.html └── test └── java └── sec └── project └── SampleTest.java /.gitignore: -------------------------------------------------------------------------------- 1 | /target/ -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | sec 5 | cybersecuritybase-project 6 | 1.0-SNAPSHOT 7 | jar 8 | 9 | UTF-8 10 | 1.8 11 | 1.8 12 | 13 | 14 | org.springframework.boot 15 | spring-boot-starter-parent 16 | 1.4.2.RELEASE 17 | 18 | 19 | 20 | org.springframework.boot 21 | spring-boot-starter-thymeleaf 22 | 23 | 24 | org.springframework.boot 25 | spring-boot-starter-data-jpa 26 | 27 | 28 | org.springframework.boot 29 | spring-boot-starter-security 30 | 31 | 32 | org.springframework.boot 33 | spring-boot-starter-test 34 | 35 | 36 | org.springframework.security 37 | spring-security-test 38 | 39 | 40 | com.h2database 41 | h2 42 | 43 | 44 | org.springframework.boot 45 | spring-boot-devtools 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | org.springframework.boot 54 | spring-boot-maven-plugin 55 | 56 | true 57 | 58 | 59 | 60 | org.codehaus.mojo 61 | cobertura-maven-plugin 62 | 2.7 63 | 64 | 65 | true 66 | 67 | 68 | html 69 | xml 70 | 71 | 72 | 73 | 74 | 75 | -------------------------------------------------------------------------------- /src/main/java/sec/project/CyberSecurityBaseProjectApplication.java: -------------------------------------------------------------------------------- 1 | package sec.project; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class CyberSecurityBaseProjectApplication { 8 | 9 | public static void main(String[] args) throws Throwable { 10 | SpringApplication.run(CyberSecurityBaseProjectApplication.class); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/sec/project/config/CustomUserDetailsService.java: -------------------------------------------------------------------------------- 1 | package sec.project.config; 2 | 3 | import java.util.Arrays; 4 | import java.util.Map; 5 | import java.util.TreeMap; 6 | import javax.annotation.PostConstruct; 7 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 8 | import org.springframework.security.core.userdetails.UserDetails; 9 | import org.springframework.security.core.userdetails.UserDetailsService; 10 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 11 | import org.springframework.stereotype.Service; 12 | 13 | @Service 14 | public class CustomUserDetailsService implements UserDetailsService { 15 | 16 | private Map accountDetails; 17 | 18 | @PostConstruct 19 | public void init() { 20 | // this data would typically be retrieved from a database 21 | this.accountDetails = new TreeMap<>(); 22 | this.accountDetails.put("ted", "$2a$06$rtacOjuBuSlhnqMO2GKxW.Bs8J6KI0kYjw/gtF0bfErYgFyNTZRDm"); 23 | } 24 | 25 | @Override 26 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 27 | if (!this.accountDetails.containsKey(username)) { 28 | throw new UsernameNotFoundException("No such user: " + username); 29 | } 30 | 31 | return new org.springframework.security.core.userdetails.User( 32 | username, 33 | this.accountDetails.get(username), 34 | true, 35 | true, 36 | true, 37 | true, 38 | Arrays.asList(new SimpleGrantedAuthority("USER"))); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /src/main/java/sec/project/config/SecurityConfiguration.java: -------------------------------------------------------------------------------- 1 | package sec.project.config; 2 | 3 | import org.springframework.beans.factory.annotation.Autowired; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 8 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 9 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 10 | import org.springframework.security.core.userdetails.UserDetailsService; 11 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 12 | import org.springframework.security.crypto.password.PasswordEncoder; 13 | 14 | @Configuration 15 | @EnableWebSecurity 16 | public class SecurityConfiguration extends WebSecurityConfigurerAdapter { 17 | 18 | @Autowired 19 | private UserDetailsService userDetailsService; 20 | 21 | @Override 22 | protected void configure(HttpSecurity http) throws Exception { 23 | // no real security at the moment 24 | http.authorizeRequests() 25 | .anyRequest().permitAll(); 26 | } 27 | 28 | @Autowired 29 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { 30 | auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); 31 | } 32 | 33 | @Bean 34 | public PasswordEncoder passwordEncoder() { 35 | return new BCryptPasswordEncoder(); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /src/main/java/sec/project/controller/SignupController.java: -------------------------------------------------------------------------------- 1 | package sec.project.controller; 2 | 3 | import org.springframework.beans.factory.annotation.Autowired; 4 | import org.springframework.stereotype.Controller; 5 | import org.springframework.web.bind.annotation.RequestMapping; 6 | import org.springframework.web.bind.annotation.RequestMethod; 7 | import org.springframework.web.bind.annotation.RequestParam; 8 | import sec.project.domain.Signup; 9 | import sec.project.repository.SignupRepository; 10 | 11 | @Controller 12 | public class SignupController { 13 | 14 | @Autowired 15 | private SignupRepository signupRepository; 16 | 17 | @RequestMapping("*") 18 | public String defaultMapping() { 19 | return "redirect:/form"; 20 | } 21 | 22 | @RequestMapping(value = "/form", method = RequestMethod.GET) 23 | public String loadForm() { 24 | return "form"; 25 | } 26 | 27 | @RequestMapping(value = "/form", method = RequestMethod.POST) 28 | public String submitForm(@RequestParam String name, @RequestParam String address) { 29 | signupRepository.save(new Signup(name, address)); 30 | return "done"; 31 | } 32 | 33 | } 34 | -------------------------------------------------------------------------------- /src/main/java/sec/project/domain/Signup.java: -------------------------------------------------------------------------------- 1 | package sec.project.domain; 2 | 3 | import javax.persistence.Entity; 4 | import org.springframework.data.jpa.domain.AbstractPersistable; 5 | 6 | @Entity 7 | public class Signup extends AbstractPersistable { 8 | 9 | private String name; 10 | private String address; 11 | 12 | public Signup() { 13 | super(); 14 | } 15 | 16 | public Signup(String name, String address) { 17 | this(); 18 | this.name = name; 19 | this.address = address; 20 | } 21 | 22 | public String getName() { 23 | return name; 24 | } 25 | 26 | public void setName(String name) { 27 | this.name = name; 28 | } 29 | 30 | public String getAddress() { 31 | return address; 32 | } 33 | 34 | public void setAddress(String address) { 35 | this.address = address; 36 | } 37 | 38 | } 39 | -------------------------------------------------------------------------------- /src/main/java/sec/project/repository/SignupRepository.java: -------------------------------------------------------------------------------- 1 | package sec.project.repository; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | import sec.project.domain.Signup; 5 | 6 | public interface SignupRepository extends JpaRepository { 7 | 8 | } 9 | -------------------------------------------------------------------------------- /src/main/resources/templates/done.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Thank you! 5 | 6 | 7 | 8 |

Thank you! You have been signed up to the event!

9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /src/main/resources/templates/form.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Sign up form 5 | 6 | 7 | 8 |

Sign up to the event using this form

9 | 10 |
11 |

:

12 |

:

13 |

14 |
15 | 16 |

17 | 18 | 19 | -------------------------------------------------------------------------------- /src/test/java/sec/project/SampleTest.java: -------------------------------------------------------------------------------- 1 | package sec.project; 2 | 3 | import static org.junit.Assert.assertEquals; 4 | import static org.junit.Assert.assertTrue; 5 | import org.junit.Before; 6 | import org.junit.Test; 7 | import org.junit.runner.RunWith; 8 | import org.springframework.beans.factory.annotation.Autowired; 9 | import org.springframework.boot.test.context.SpringBootTest; 10 | import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors; 11 | import org.springframework.test.context.junit4.SpringRunner; 12 | import org.springframework.test.web.servlet.MockMvc; 13 | import org.springframework.test.web.servlet.MvcResult; 14 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; 15 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; 16 | import org.springframework.test.web.servlet.setup.MockMvcBuilders; 17 | import org.springframework.web.context.WebApplicationContext; 18 | import sec.project.repository.SignupRepository; 19 | 20 | @RunWith(SpringRunner.class) 21 | @SpringBootTest 22 | public class SampleTest { 23 | 24 | @Autowired 25 | private WebApplicationContext webAppContext; 26 | 27 | @Autowired 28 | private SignupRepository signupRepository; 29 | 30 | private MockMvc mockMvc; 31 | 32 | @Before 33 | public void setUp() { 34 | this.mockMvc = MockMvcBuilders.webAppContextSetup(webAppContext).build(); 35 | } 36 | 37 | @Test 38 | public void signupAddsDataToDatabase() throws Throwable { 39 | mockMvc.perform(post("/form").param("name", "Testname").param("address", "Testaddress")).andReturn(); 40 | assertEquals(1L, signupRepository.findAll().stream().filter(s -> s.getName().equals("Testname") && s.getAddress().equals("Testaddress")).count()); 41 | } 42 | } 43 | --------------------------------------------------------------------------------