├── spring.security.custom.rest.api
    ├── target
    │   ├── maven-status
    │   │   └── maven-compiler-plugin
    │   │   │   ├── testCompile
    │   │   │       └── default-testCompile
    │   │   │       │   └── inputFiles.lst
    │   │   │   └── compile
    │   │   │       └── default-compile
    │   │   │           ├── createdFiles.lst
    │   │   │           └── inputFiles.lst
    │   ├── maven-archiver
    │   │   └── pom.properties
    │   ├── spring-security-custom-rest-api
    │   │   └── WEB-INF
    │   │   │   ├── api-servlet.xml
    │   │   │   ├── classes
    │   │   │       ├── logback.xml
    │   │   │       └── webSecurityConfig.xml
    │   │   │   └── web.xml
    │   └── classes
    │   │   ├── logback.xml
    │   │   └── webSecurityConfig.xml
    ├── .DS_Store
    ├── src
    │   ├── .DS_Store
    │   └── main
    │   │   ├── webapp
    │   │       └── WEB-INF
    │   │       │   ├── api-servlet.xml
    │   │       │   └── web.xml
    │   │   ├── resources
    │   │       ├── logback.xml
    │   │       └── webSecurityConfig.xml
    │   │   └── java
    │   │       └── spring
    │   │           └── security
    │   │               └── custom
    │   │                   └── rest
    │   │                       └── api
    │   │                           ├── SpringSecurityConfig.java
    │   │                           ├── WebConfig.java
    │   │                           ├── entity
    │   │                               └── CustomerDetails.java
    │   │                           ├── security
    │   │                               ├── RestAuthenticationAccessDeniedHandler.java
    │   │                               ├── RestAuthenticationEntryPoint.java
    │   │                               ├── RestAuthenticationSuccessHandler.java
    │   │                               ├── CustomUserData.java
    │   │                               └── CustomUserDetailsService.java
    │   │                           └── service
    │   │                               └── CustomerDetailService.java
    ├── .settings
    │   ├── org.eclipse.m2e.core.prefs
    │   ├── org.eclipse.core.resources.prefs
    │   └── org.eclipse.jdt.core.prefs
    ├── .classpath
    ├── .project
    └── pom.xml
├── spring.security.rest.api
    ├── src
    │   ├── .DS_Store
    │   └── main
    │   │   ├── webapp
    │   │       └── WEB-INF
    │   │       │   ├── api-servlet.xml
    │   │       │   └── web.xml
    │   │   ├── resources
    │   │       ├── logback.xml
    │   │       └── webSecurityConfig.xml
    │   │   └── java
    │   │       └── spring
    │   │           └── security
    │   │               └── rest
    │   │                   └── api
    │   │                       ├── SpringSecurityConfig.java
    │   │                       ├── WebConfig.java
    │   │                       ├── entity
    │   │                           └── CustomerDetails.java
    │   │                       ├── security
    │   │                           ├── RestAuthenticationEntryPoint.java
    │   │                           └── RestAuthenticationSuccessHandler.java
    │   │                       └── service
    │   │                           └── CustomerDetailService.java
    └── pom.xml
└── .gitignore


/spring.security.custom.rest.api/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/spring.security.rest.api/src/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/malalanayake/spring-security/HEAD/spring.security.rest.api/src/.DS_Store


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/malalanayake/spring-security/HEAD/spring.security.custom.rest.api/.DS_Store


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/malalanayake/spring-security/HEAD/spring.security.custom.rest.api/src/.DS_Store


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/.settings/org.eclipse.m2e.core.prefs:
--------------------------------------------------------------------------------
1 | activeProfiles=
2 | eclipse.preferences.version=1
3 | resolveWorkspaceProjects=true
4 | version=1
5 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/maven-archiver/pom.properties:
--------------------------------------------------------------------------------
1 | #Generated by Maven
2 | #Sun Jun 29 23:45:06 CDT 2014
3 | version=0.0.1-SNAPSHOT
4 | groupId=spring
5 | artifactId=spring.security.custom.rest.api
6 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/.settings/org.eclipse.core.resources.prefs:
--------------------------------------------------------------------------------
1 | eclipse.preferences.version=1
2 | encoding//src/main/java=UTF-8
3 | encoding//src/main/resources=UTF-8
4 | encoding//src/test/java=UTF-8
5 | encoding/<project>=UTF-8
6 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | *.class
 2 | 
 3 | # Mobile Tools for Java (J2ME)
 4 | .mtj.tmp/
 5 | 
 6 | # Package Files #
 7 | *.jar
 8 | *.war
 9 | *.ear
10 | 
11 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
12 | hs_err_pid*
13 | 


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/webapp/WEB-INF/api-servlet.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <beans xmlns="http://www.springframework.org/schema/beans"
3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 |   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd" >
5 | 
6 | </beans>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/webapp/WEB-INF/api-servlet.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <beans xmlns="http://www.springframework.org/schema/beans"
3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 |   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd" >
5 | 
6 | </beans>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/spring-security-custom-rest-api/WEB-INF/api-servlet.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <beans xmlns="http://www.springframework.org/schema/beans"
3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 |   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd" >
5 | 
6 | </beans>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/.classpath:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <classpath>
 3 | 	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
 4 | 	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
 5 | 	<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
 6 | 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7"/>
 7 | 	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER"/>
 8 | 	<classpathentry kind="output" path="target/classes"/>
 9 | </classpath>
10 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/.project:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <projectDescription>
 3 | 	<name>security.rest.api</name>
 4 | 	<comment></comment>
 5 | 	<projects>
 6 | 	</projects>
 7 | 	<buildSpec>
 8 | 		<buildCommand>
 9 | 			<name>org.eclipse.jdt.core.javabuilder</name>
10 | 			<arguments>
11 | 			</arguments>
12 | 		</buildCommand>
13 | 		<buildCommand>
14 | 			<name>org.eclipse.m2e.core.maven2Builder</name>
15 | 			<arguments>
16 | 			</arguments>
17 | 		</buildCommand>
18 | 	</buildSpec>
19 | 	<natures>
20 | 		<nature>org.eclipse.jdt.core.javanature</nature>
21 | 		<nature>org.eclipse.m2e.core.maven2Nature</nature>
22 | 	</natures>
23 | </projectDescription>
24 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/classes/logback.xml:
--------------------------------------------------------------------------------
 1 | <configuration>
 2 | 
 3 | 	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
 4 | 		<encoder>
 5 | 			<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
 6 | 			</pattern>
 7 | 		</encoder>
 8 | 	</appender>
 9 | 
10 | 	<logger name="org.springframework" level="WARN" />
11 | 	<logger name="org.springframework.transaction" level="WARN" />
12 | 
13 | 	<!-- in order to debug some marshalling issues, this needs to be TRACE -->
14 | 	<logger name="org.springframework.web.servlet.mvc" level="WARN" />
15 | 
16 | 	<root level="INFO">
17 | 		<appender-ref ref="STDOUT" />
18 | 	</root>
19 | 
20 | </configuration>


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
 1 | <configuration>
 2 | 
 3 | 	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
 4 | 		<encoder>
 5 | 			<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
 6 | 			</pattern>
 7 | 		</encoder>
 8 | 	</appender>
 9 | 
10 | 	<logger name="org.springframework" level="WARN" />
11 | 	<logger name="org.springframework.transaction" level="WARN" />
12 | 
13 | 	<!-- in order to debug some marshalling issues, this needs to be TRACE -->
14 | 	<logger name="org.springframework.web.servlet.mvc" level="WARN" />
15 | 
16 | 	<root level="INFO">
17 | 		<appender-ref ref="STDOUT" />
18 | 	</root>
19 | 
20 | </configuration>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/resources/logback.xml:
--------------------------------------------------------------------------------
 1 | <configuration>
 2 | 
 3 | 	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
 4 | 		<encoder>
 5 | 			<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
 6 | 			</pattern>
 7 | 		</encoder>
 8 | 	</appender>
 9 | 
10 | 	<logger name="org.springframework" level="WARN" />
11 | 	<logger name="org.springframework.transaction" level="WARN" />
12 | 
13 | 	<!-- in order to debug some marshalling issues, this needs to be TRACE -->
14 | 	<logger name="org.springframework.web.servlet.mvc" level="WARN" />
15 | 
16 | 	<root level="INFO">
17 | 		<appender-ref ref="STDOUT" />
18 | 	</root>
19 | 
20 | </configuration>


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/java/spring/security/rest/api/SpringSecurityConfig.java:
--------------------------------------------------------------------------------
 1 | package spring.security.rest.api;
 2 | 
 3 | import org.springframework.context.annotation.ComponentScan;
 4 | import org.springframework.context.annotation.Configuration;
 5 | import org.springframework.context.annotation.ImportResource;
 6 | 
 7 | 
 8 | /**
 9 |  * Expose the Spring Security Configuration
10 |  * 
11 |  * @author malalanayake
12 |  * 
13 |  */
14 | @Configuration
15 | @ImportResource({ "classpath:webSecurityConfig.xml" })
16 | @ComponentScan("spring.security.rest.api.security")
17 | public class SpringSecurityConfig {
18 | 
19 | 	public SpringSecurityConfig() {
20 | 		super();
21 | 	}
22 | 
23 | }
24 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/SpringSecurityConfig.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api;
 2 | 
 3 | import org.springframework.context.annotation.ComponentScan;
 4 | import org.springframework.context.annotation.Configuration;
 5 | import org.springframework.context.annotation.ImportResource;
 6 | 
 7 | /**
 8 |  * Expose the Spring Security Configuration
 9 |  * 
10 |  * @author malalanayake
11 |  * 
12 |  */
13 | @Configuration
14 | @ImportResource({ "classpath:webSecurityConfig.xml" })
15 | @ComponentScan("spring.security.custom.rest.api.security")
16 | public class SpringSecurityConfig {
17 | 
18 | 	public SpringSecurityConfig() {
19 | 		super();
20 | 	}
21 | 
22 | }
23 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/spring-security-custom-rest-api/WEB-INF/classes/logback.xml:
--------------------------------------------------------------------------------
 1 | <configuration>
 2 | 
 3 | 	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
 4 | 		<encoder>
 5 | 			<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
 6 | 			</pattern>
 7 | 		</encoder>
 8 | 	</appender>
 9 | 
10 | 	<logger name="org.springframework" level="WARN" />
11 | 	<logger name="org.springframework.transaction" level="WARN" />
12 | 
13 | 	<!-- in order to debug some marshalling issues, this needs to be TRACE -->
14 | 	<logger name="org.springframework.web.servlet.mvc" level="WARN" />
15 | 
16 | 	<root level="INFO">
17 | 		<appender-ref ref="STDOUT" />
18 | 	</root>
19 | 
20 | </configuration>


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/java/spring/security/rest/api/WebConfig.java:
--------------------------------------------------------------------------------
 1 | package spring.security.rest.api;
 2 | 
 3 | import org.springframework.context.annotation.ComponentScan;
 4 | import org.springframework.context.annotation.Configuration;
 5 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 6 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 7 | 
 8 | /**
 9 |  * Web Configuration expose the all services
10 |  * 
11 |  * @author malalanayake
12 |  * 
13 |  */
14 | @Configuration
15 | @ComponentScan("spring.security.rest.api.service")
16 | @EnableWebMvc
17 | public class WebConfig extends WebMvcConfigurerAdapter {
18 | 
19 | 	public WebConfig() {
20 | 		super();
21 | 	}
22 | 
23 | }
24 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/.settings/org.eclipse.jdt.core.prefs:
--------------------------------------------------------------------------------
 1 | eclipse.preferences.version=1
 2 | org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
 3 | org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
 4 | org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
 5 | org.eclipse.jdt.core.compiler.compliance=1.7
 6 | org.eclipse.jdt.core.compiler.debug.lineNumber=generate
 7 | org.eclipse.jdt.core.compiler.debug.localVariable=generate
 8 | org.eclipse.jdt.core.compiler.debug.sourceFile=generate
 9 | org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
10 | org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
11 | org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
12 | org.eclipse.jdt.core.compiler.source=1.7
13 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/WebConfig.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api;
 2 | 
 3 | import org.springframework.context.annotation.ComponentScan;
 4 | import org.springframework.context.annotation.Configuration;
 5 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 6 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 7 | 
 8 | /**
 9 |  * Web Configuration expose the all services
10 |  * 
11 |  * @author malalanayake
12 |  * 
13 |  */
14 | @Configuration
15 | @ComponentScan("spring.security.custom.rest.api.service")
16 | @EnableWebMvc
17 | public class WebConfig extends WebMvcConfigurerAdapter {
18 | 
19 | 	public WebConfig() {
20 | 		super();
21 | 	}
22 | 
23 | }
24 | 


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/java/spring/security/rest/api/entity/CustomerDetails.java:
--------------------------------------------------------------------------------
 1 | package spring.security.rest.api.entity;
 2 | 
 3 | import java.io.Serializable;
 4 | 
 5 | /**
 6 |  * Customer details persistence entity
 7 |  * 
 8 |  * @author malalanayake
 9 |  * 
10 |  */
11 | public class CustomerDetails implements Serializable {
12 | 	private long id;
13 | 
14 | 	private String name;
15 | 
16 | 	public CustomerDetails() {
17 | 		super();
18 | 	}
19 | 
20 | 	public CustomerDetails(final String name) {
21 | 		super();
22 | 
23 | 		this.name = name;
24 | 	}
25 | 
26 | 	public long getId() {
27 | 		return id;
28 | 	}
29 | 
30 | 	public void setId(final long id) {
31 | 		this.id = id;
32 | 	}
33 | 
34 | 	public String getName() {
35 | 		return name;
36 | 	}
37 | 
38 | 	public void setName(final String name) {
39 | 		this.name = name;
40 | 	}
41 | 
42 | }
43 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/entity/CustomerDetails.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api.entity;
 2 | 
 3 | import java.io.Serializable;
 4 | 
 5 | /**
 6 |  * Customer details persistence entity
 7 |  * 
 8 |  * @author malalanayake
 9 |  * 
10 |  */
11 | public class CustomerDetails implements Serializable {
12 | 	private long id;
13 | 
14 | 	private String name;
15 | 
16 | 	public CustomerDetails() {
17 | 		super();
18 | 	}
19 | 
20 | 	public CustomerDetails(final String name) {
21 | 		super();
22 | 
23 | 		this.name = name;
24 | 	}
25 | 
26 | 	public long getId() {
27 | 		return id;
28 | 	}
29 | 
30 | 	public void setId(final long id) {
31 | 		this.id = id;
32 | 	}
33 | 
34 | 	public String getName() {
35 | 		return name;
36 | 	}
37 | 
38 | 	public void setName(final String name) {
39 | 		this.name = name;
40 | 	}
41 | 
42 | }
43 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst:
--------------------------------------------------------------------------------
 1 | spring/security/custom/rest/api/SpringSecurityConfig.class
 2 | spring/security/custom/rest/api/security/RestAuthenticationAccessDeniedHandler.class
 3 | spring/security/custom/rest/api/entity/CustomerDetails.class
 4 | spring/security/custom/rest/api/security/CustomUserDetailsService$1.class
 5 | spring/security/custom/rest/api/service/CustomerDetailService.class
 6 | spring/security/custom/rest/api/security/CustomUserDetailsService$CustomRole.class
 7 | spring/security/custom/rest/api/WebConfig.class
 8 | spring/security/custom/rest/api/security/RestAuthenticationSuccessHandler.class
 9 | spring/security/custom/rest/api/security/CustomUserDetailsService.class
10 | spring/security/custom/rest/api/security/RestAuthenticationEntryPoint.class
11 | spring/security/custom/rest/api/security/CustomUserData.class
12 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/RestAuthenticationAccessDeniedHandler.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api.security;
 2 | 
 3 | import java.io.IOException;
 4 | 
 5 | import javax.servlet.ServletException;
 6 | import javax.servlet.http.HttpServletRequest;
 7 | import javax.servlet.http.HttpServletResponse;
 8 | 
 9 | import org.springframework.security.access.AccessDeniedException;
10 | import org.springframework.security.core.AuthenticationException;
11 | import org.springframework.security.web.access.AccessDeniedHandler;
12 | import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
13 | 
14 | public class RestAuthenticationAccessDeniedHandler implements AccessDeniedHandler {
15 | 
16 | 	@Override
17 | 	public void handle(HttpServletRequest request, HttpServletResponse response,
18 | 			AccessDeniedException arg2) throws IOException, ServletException {
19 | 		response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
20 | 
21 | 	}
22 | }
23 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/RestAuthenticationEntryPoint.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api.security;
 2 | 
 3 | import java.io.IOException;
 4 | 
 5 | import javax.servlet.ServletException;
 6 | import javax.servlet.http.HttpServletRequest;
 7 | import javax.servlet.http.HttpServletResponse;
 8 | 
 9 | import org.springframework.security.core.AuthenticationException;
10 | import org.springframework.security.web.AuthenticationEntryPoint;
11 | import org.springframework.stereotype.Component;
12 | 
13 | /**
14 |  * This entry point is called once the request missing their authentication.
15 |  * 
16 |  * @author malalanayake
17 |  * 
18 |  */
19 | @Component
20 | public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
21 | 
22 | 	@Override
23 | 	public void commence(HttpServletRequest arg0, HttpServletResponse arg1,
24 | 			AuthenticationException arg2) throws IOException, ServletException {
25 | 		arg1.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
26 | 
27 | 	}
28 | 
29 | }
30 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/RestAuthenticationSuccessHandler.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api.security;
 2 | 
 3 | import java.io.IOException;
 4 | 
 5 | import javax.servlet.ServletException;
 6 | import javax.servlet.http.HttpServletRequest;
 7 | import javax.servlet.http.HttpServletResponse;
 8 | 
 9 | import org.springframework.security.core.Authentication;
10 | import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
11 | 
12 | /**
13 |  * This will call once the request is authenticated. If it is not, the request
14 |  * will be redirected to authenticate entry point
15 |  * 
16 |  * @author malalanayake
17 |  * 
18 |  */
19 | public class RestAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
20 | 
21 | 	@Override
22 | 	public void onAuthenticationSuccess(final HttpServletRequest request,
23 | 			final HttpServletResponse response, final Authentication authentication)
24 | 			throws ServletException, IOException {
25 | 		// You can do something here for which is success requests
26 | 	}
27 | 
28 | }
29 | 


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/java/spring/security/rest/api/security/RestAuthenticationEntryPoint.java:
--------------------------------------------------------------------------------
 1 | package spring.security.rest.api.security;
 2 | 
 3 | import java.io.IOException;
 4 | 
 5 | import javax.servlet.ServletException;
 6 | import javax.servlet.http.HttpServletRequest;
 7 | import javax.servlet.http.HttpServletResponse;
 8 | 
 9 | import org.springframework.security.core.AuthenticationException;
10 | import org.springframework.security.web.AuthenticationEntryPoint;
11 | import org.springframework.stereotype.Component;
12 | 
13 | /**
14 |  * This entry point is called once the request missing the authentication but if
15 |  * the request dosn't have the cookie then we send the unauthorized response.
16 |  * 
17 |  * @author malalanayake
18 |  * 
19 |  */
20 | @Component("restAuthenticationEntryPoint")
21 | public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
22 | 
23 | 	@Override
24 | 	public void commence(HttpServletRequest arg0, HttpServletResponse arg1,
25 | 			AuthenticationException arg2) throws IOException, ServletException {
26 | 		arg1.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
27 | 
28 | 	}
29 | 
30 | }
31 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst:
--------------------------------------------------------------------------------
 1 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/RestAuthenticationSuccessHandler.java
 2 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/service/CustomerDetailService.java
 3 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/WebConfig.java
 4 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/RestAuthenticationEntryPoint.java
 5 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/RestAuthenticationAccessDeniedHandler.java
 6 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/entity/CustomerDetails.java
 7 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/CustomUserData.java
 8 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/SpringSecurityConfig.java
 9 | /Volumes/Dev/Git/spring-security/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/CustomUserDetailsService.java
10 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/CustomUserData.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api.security;
 2 | 
 3 | import java.util.ArrayList;
 4 | import java.util.Collection;
 5 | 
 6 | import org.springframework.security.core.GrantedAuthority;
 7 | import org.springframework.security.core.userdetails.UserDetails;
 8 | 
 9 | /**
10 |  * This class is provide the user details which is needed for authentication
11 |  * 
12 |  * @author malalanayake
13 |  * 
14 |  */
15 | public class CustomUserData implements UserDetails {
16 | 	Collection<? extends GrantedAuthority> list = null;
17 | 	String userName = null;
18 | 	String password = null;
19 | 	boolean status = false;
20 | 
21 | 	public CustomUserData() {
22 | 		list = new ArrayList<GrantedAuthority>();
23 | 	}
24 | 
25 | 	@Override
26 | 	public Collection<? extends GrantedAuthority> getAuthorities() {
27 | 		return this.list;
28 | 	}
29 | 
30 | 	public void setAuthorities(Collection<? extends GrantedAuthority> roles) {
31 | 		this.list = roles;
32 | 	}
33 | 
34 | 	public void setAuthentication(boolean status) {
35 | 		this.status = status;
36 | 	}
37 | 
38 | 	@Override
39 | 	public String getPassword() {
40 | 		return this.password;
41 | 	}
42 | 
43 | 	public void setPassword(String pass) {
44 | 		this.password = pass;
45 | 	}
46 | 
47 | 	@Override
48 | 	public String getUsername() {
49 | 		return this.userName;
50 | 	}
51 | 
52 | 	@Override
53 | 	public boolean isAccountNonExpired() {
54 | 		return true;
55 | 	}
56 | 
57 | 	@Override
58 | 	public boolean isAccountNonLocked() {
59 | 		return true;
60 | 	}
61 | 
62 | 	@Override
63 | 	public boolean isCredentialsNonExpired() {
64 | 		return true;
65 | 	}
66 | 
67 | 	@Override
68 | 	public boolean isEnabled() {
69 | 		return true;
70 | 	}
71 | 
72 | }
73 | 


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 | 	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 4 | 	xsi:schemaLocation="
 5 |       http://java.sun.com/xml/ns/javaee
 6 |       http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 7 | 	id="WebApp_ID" version="3.0">
 8 | 
 9 | 	<display-name>Spring MVC Application</display-name>
10 | 	<session-config>
11 | 		<session-timeout>1</session-timeout>
12 | 	</session-config>
13 | 	
14 | 	<!-- Spring root -->
15 | 	<context-param>
16 | 		<param-name>contextClass</param-name>
17 | 		<param-value>
18 |          org.springframework.web.context.support.AnnotationConfigWebApplicationContext
19 |       </param-value>
20 | 	</context-param>
21 | 	<context-param>
22 | 		<param-name>contextConfigLocation</param-name>
23 | 		<param-value>spring.security.rest.api</param-value>
24 | 	</context-param>
25 | 
26 | 	<listener>
27 | 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
28 | 	</listener>
29 | 
30 | 	<!-- Spring child -->
31 | 	<servlet>
32 | 		<servlet-name>api</servlet-name>
33 | 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
34 | 		<load-on-startup>1</load-on-startup>
35 | 	</servlet>
36 | 	<servlet-mapping>
37 | 		<servlet-name>api</servlet-name>
38 | 		<url-pattern>/api/*</url-pattern>
39 | 	</servlet-mapping>
40 | 
41 | 	<!-- Spring Security -->
42 | 	<filter>
43 | 		<filter-name>springSecurityFilterChain</filter-name>
44 | 		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
45 | 	</filter>
46 | 	<filter-mapping>
47 | 		<filter-name>springSecurityFilterChain</filter-name>
48 | 		<url-pattern>/*</url-pattern>
49 | 	</filter-mapping>
50 | 
51 | </web-app>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 | 	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 4 | 	xsi:schemaLocation="
 5 |       http://java.sun.com/xml/ns/javaee
 6 |       http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 7 | 	id="WebApp_ID" version="3.0">
 8 | 
 9 | 	<display-name>Spring MVC Application</display-name>
10 | 	<session-config>
11 | 		<session-timeout>1</session-timeout>
12 | 	</session-config>
13 | 	
14 | 	<!-- Spring root -->
15 | 	<context-param>
16 | 		<param-name>contextClass</param-name>
17 | 		<param-value>
18 |          org.springframework.web.context.support.AnnotationConfigWebApplicationContext
19 |       </param-value>
20 | 	</context-param>
21 | 	<context-param>
22 | 		<param-name>contextConfigLocation</param-name>
23 | 		<param-value>spring.security.custom.rest.api</param-value>
24 | 	</context-param>
25 | 
26 | 	<listener>
27 | 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
28 | 	</listener>
29 | 
30 | 	<!-- Spring child -->
31 | 	<servlet>
32 | 		<servlet-name>api</servlet-name>
33 | 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
34 | 		<load-on-startup>1</load-on-startup>
35 | 	</servlet>
36 | 	<servlet-mapping>
37 | 		<servlet-name>api</servlet-name>
38 | 		<url-pattern>/api/*</url-pattern>
39 | 	</servlet-mapping>
40 | 
41 | 	<!-- Spring Security -->
42 | 	<filter>
43 | 		<filter-name>springSecurityFilterChain</filter-name>
44 | 		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
45 | 	</filter>
46 | 	<filter-mapping>
47 | 		<filter-name>springSecurityFilterChain</filter-name>
48 | 		<url-pattern>/*</url-pattern>
49 | 	</filter-mapping>
50 | 
51 | </web-app>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/spring-security-custom-rest-api/WEB-INF/web.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 | 	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 4 | 	xsi:schemaLocation="
 5 |       http://java.sun.com/xml/ns/javaee
 6 |       http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 7 | 	id="WebApp_ID" version="3.0">
 8 | 
 9 | 	<display-name>Spring MVC Application</display-name>
10 | 	<session-config>
11 | 		<session-timeout>1</session-timeout>
12 | 	</session-config>
13 | 	
14 | 	<!-- Spring root -->
15 | 	<context-param>
16 | 		<param-name>contextClass</param-name>
17 | 		<param-value>
18 |          org.springframework.web.context.support.AnnotationConfigWebApplicationContext
19 |       </param-value>
20 | 	</context-param>
21 | 	<context-param>
22 | 		<param-name>contextConfigLocation</param-name>
23 | 		<param-value>spring.security.custom.rest.api</param-value>
24 | 	</context-param>
25 | 
26 | 	<listener>
27 | 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
28 | 	</listener>
29 | 
30 | 	<!-- Spring child -->
31 | 	<servlet>
32 | 		<servlet-name>api</servlet-name>
33 | 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
34 | 		<load-on-startup>1</load-on-startup>
35 | 	</servlet>
36 | 	<servlet-mapping>
37 | 		<servlet-name>api</servlet-name>
38 | 		<url-pattern>/api/*</url-pattern>
39 | 	</servlet-mapping>
40 | 
41 | 	<!-- Spring Security -->
42 | 	<filter>
43 | 		<filter-name>springSecurityFilterChain</filter-name>
44 | 		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
45 | 	</filter>
46 | 	<filter-mapping>
47 | 		<filter-name>springSecurityFilterChain</filter-name>
48 | 		<url-pattern>/*</url-pattern>
49 | 	</filter-mapping>
50 | 
51 | </web-app>


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/resources/webSecurityConfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <beans:beans xmlns="http://www.springframework.org/schema/security"
 3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
 4 | 	xmlns:sec="http://www.springframework.org/schema/security"
 5 | 	xsi:schemaLocation="
 6 |       http://www.springframework.org/schema/security
 7 |       http://www.springframework.org/schema/security/spring-security-3.2.xsd
 8 |       http://www.springframework.org/schema/beans
 9 |       http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
10 | 
11 | 	<!-- Rest authentication entry point configuration -->
12 | 	<http use-expressions="true" entry-point-ref="restAuthenticationEntryPoint">
13 | 		<intercept-url pattern="/api/**" />
14 | 		<sec:form-login authentication-success-handler-ref="mySuccessHandler"
15 | 			authentication-failure-handler-ref="myFailureHandler" />
16 | 
17 | 		<logout />
18 | 	</http>
19 | 
20 | 	<!-- Connect the custom authentication success handler -->
21 | 	<beans:bean id="mySuccessHandler"
22 | 		class="spring.security.rest.api.security.RestAuthenticationSuccessHandler" />
23 | 	<!-- Using default failure handler -->
24 | 	<beans:bean id="myFailureHandler"
25 | 		class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" />
26 | 
27 | 	<!-- Authentication manager -->
28 | 	<authentication-manager alias="authenticationManager">
29 | 		<authentication-provider>
30 | 			<user-service>
31 | 				<user name="temporary" password="temporary" authorities="ROLE_ADMIN" />
32 | 				<user name="user" password="userPass" authorities="ROLE_USER" />
33 | 			</user-service>
34 | 		</authentication-provider>
35 | 	</authentication-manager>
36 | 
37 | 	<!-- Enable the annotations for defining the secure role -->
38 | 	<global-method-security secured-annotations="enabled" />
39 | 
40 | </beans:beans>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/service/CustomerDetailService.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api.service;
 2 | 
 3 | import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
 4 | 
 5 | import java.util.List;
 6 | 
 7 | import javax.servlet.http.HttpServletResponse;
 8 | 
 9 | import org.springframework.beans.factory.annotation.Autowired;
10 | import org.springframework.context.ApplicationEventPublisher;
11 | import org.springframework.security.access.annotation.Secured;
12 | import org.springframework.stereotype.Controller;
13 | import org.springframework.web.bind.annotation.PathVariable;
14 | import org.springframework.web.bind.annotation.RequestMapping;
15 | import org.springframework.web.bind.annotation.RequestMethod;
16 | import org.springframework.web.bind.annotation.ResponseBody;
17 | import org.springframework.web.util.UriComponentsBuilder;
18 | 
19 | import spring.security.custom.rest.api.entity.CustomerDetails;
20 | 
21 | import com.google.common.collect.Lists;
22 | 
23 | /**
24 |  * Customer details exposing as a service. This is secured by spring role base
25 |  * security. This service is only for ROLE_ADMIN
26 |  * 
27 |  * @author malalanayake
28 |  * 
29 |  */
30 | @Controller
31 | @RequestMapping(value = "/customer")
32 | @Secured("ROLE_ADMIN")
33 | public class CustomerDetailService {
34 | 
35 | 	@Autowired
36 | 	private ApplicationEventPublisher eventPublisher;
37 | 
38 | 	public CustomerDetailService() {
39 | 		super();
40 | 	}
41 | 
42 | 	@RequestMapping(value = "/{id}", method = RequestMethod.GET)
43 | 	@ResponseBody
44 | 	public CustomerDetails findById(@PathVariable("id") final Long id,
45 | 			final UriComponentsBuilder uriBuilder, final HttpServletResponse response) {
46 | 		return new CustomerDetails(randomAlphabetic(6));
47 | 	}
48 | 
49 | 	@RequestMapping(method = RequestMethod.GET)
50 | 	@ResponseBody
51 | 	public List<CustomerDetails> findAll() {
52 | 		return Lists.newArrayList(new CustomerDetails(randomAlphabetic(6)));
53 | 	}
54 | 
55 | }
56 | 


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/java/spring/security/rest/api/service/CustomerDetailService.java:
--------------------------------------------------------------------------------
 1 | package spring.security.rest.api.service;
 2 | 
 3 | import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
 4 | import java.util.List;
 5 | import javax.servlet.http.HttpServletResponse;
 6 | import org.springframework.beans.factory.annotation.Autowired;
 7 | import org.springframework.context.ApplicationEventPublisher;
 8 | import org.springframework.http.MediaType;
 9 | import org.springframework.security.access.annotation.Secured;
10 | import org.springframework.stereotype.Controller;
11 | import org.springframework.web.bind.annotation.PathVariable;
12 | import org.springframework.web.bind.annotation.RequestMapping;
13 | import org.springframework.web.bind.annotation.RequestMethod;
14 | import org.springframework.web.bind.annotation.ResponseBody;
15 | import org.springframework.web.util.UriComponentsBuilder;
16 | 
17 | import spring.security.rest.api.entity.CustomerDetails;
18 | 
19 | import com.google.common.collect.Lists;
20 | 
21 | /**
22 |  * Customer details exposing as a service. This is secured by spring role base
23 |  * security. This service is only for ROLE_ADMIN
24 |  * 
25 |  * @author malalanayake
26 |  * 
27 |  */
28 | @Controller
29 | @RequestMapping(value = "/customer")
30 | @Secured("ROLE_ADMIN")
31 | public class CustomerDetailService {
32 | 
33 | 	@Autowired
34 | 	private ApplicationEventPublisher eventPublisher;
35 | 
36 | 	public CustomerDetailService() {
37 | 		super();
38 | 	}
39 | 
40 | 	@RequestMapping(value = "/{id}", method = RequestMethod.GET, consumes = { MediaType.APPLICATION_JSON_VALUE })
41 | 	@ResponseBody
42 | 	public CustomerDetails findById(@PathVariable("id") final Long id,
43 | 			final UriComponentsBuilder uriBuilder, final HttpServletResponse response) {
44 | 		return new CustomerDetails(randomAlphabetic(6));
45 | 	}
46 | 
47 | 	@RequestMapping(method = RequestMethod.GET, consumes = { MediaType.APPLICATION_JSON_VALUE })
48 | 	@ResponseBody
49 | 	public List<CustomerDetails> findAll() {
50 | 		return Lists.newArrayList(new CustomerDetails(randomAlphabetic(6)));
51 | 	}
52 | 
53 | }
54 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/classes/webSecurityConfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <beans:beans xmlns="http://www.springframework.org/schema/security"
 3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
 4 | 	xmlns:sec="http://www.springframework.org/schema/security"
 5 | 	xsi:schemaLocation="
 6 |       http://www.springframework.org/schema/security
 7 |       http://www.springframework.org/schema/security/spring-security-3.2.xsd
 8 |       http://www.springframework.org/schema/beans
 9 |       http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
10 | 
11 | 	<!-- Rest authentication entry point configuration -->
12 | 	<http use-expressions="true" create-session="stateless"
13 | 		entry-point-ref="restServicesEntryPoint" authentication-manager-ref="authenticationManagerForRest">
14 | 		<intercept-url pattern="/api/**" />
15 | 		<sec:form-login authentication-success-handler-ref="mySuccessHandler" />
16 | 		<sec:access-denied-handler ref="myAuthenticationAccessDeniedHandler" />
17 | 		<http-basic />
18 | 	</http>
19 | 
20 | 	<!-- Entry point for REST service. -->
21 | 	<beans:bean id="restServicesEntryPoint"
22 | 		class="spring.security.custom.rest.api.security.RestAuthenticationEntryPoint" />
23 | 
24 | 	<!-- Custom User details service which is provide the user data -->
25 | 	<beans:bean id="customUserDetailsService"
26 | 		class="spring.security.custom.rest.api.security.CustomUserDetailsService" />
27 | 
28 | 	<!-- Connect the custom authentication success handler -->
29 | 	<beans:bean id="mySuccessHandler"
30 | 		class="spring.security.custom.rest.api.security.RestAuthenticationSuccessHandler" />
31 | 
32 | 	<!-- Using Authentication Access Denied handler -->
33 | 	<beans:bean id="myAuthenticationAccessDeniedHandler"
34 | 		class="spring.security.custom.rest.api.security.RestAuthenticationAccessDeniedHandler" />
35 | 
36 | 	<!-- Authentication manager -->
37 | 	<authentication-manager alias="authenticationManagerForRest">
38 | 		<authentication-provider user-service-ref="customUserDetailsService" />
39 | 	</authentication-manager>
40 | 
41 | 	<!-- Enable the annotations for defining the secure role -->
42 | 	<global-method-security secured-annotations="enabled" />
43 | 
44 | </beans:beans>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/resources/webSecurityConfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <beans:beans xmlns="http://www.springframework.org/schema/security"
 3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
 4 | 	xmlns:sec="http://www.springframework.org/schema/security"
 5 | 	xsi:schemaLocation="
 6 |       http://www.springframework.org/schema/security
 7 |       http://www.springframework.org/schema/security/spring-security-3.2.xsd
 8 |       http://www.springframework.org/schema/beans
 9 |       http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
10 | 
11 | 	<!-- Rest authentication entry point configuration -->
12 | 	<http use-expressions="true" create-session="stateless"
13 | 		entry-point-ref="restServicesEntryPoint" authentication-manager-ref="authenticationManagerForRest">
14 | 		<intercept-url pattern="/api/**" />
15 | 		<sec:form-login authentication-success-handler-ref="mySuccessHandler" />
16 | 		<sec:access-denied-handler ref="myAuthenticationAccessDeniedHandler" />
17 | 		<http-basic />
18 | 	</http>
19 | 
20 | 	<!-- Entry point for REST service. -->
21 | 	<beans:bean id="restServicesEntryPoint"
22 | 		class="spring.security.custom.rest.api.security.RestAuthenticationEntryPoint" />
23 | 
24 | 	<!-- Custom User details service which is provide the user data -->
25 | 	<beans:bean id="customUserDetailsService"
26 | 		class="spring.security.custom.rest.api.security.CustomUserDetailsService" />
27 | 
28 | 	<!-- Connect the custom authentication success handler -->
29 | 	<beans:bean id="mySuccessHandler"
30 | 		class="spring.security.custom.rest.api.security.RestAuthenticationSuccessHandler" />
31 | 
32 | 	<!-- Using Authentication Access Denied handler -->
33 | 	<beans:bean id="myAuthenticationAccessDeniedHandler"
34 | 		class="spring.security.custom.rest.api.security.RestAuthenticationAccessDeniedHandler" />
35 | 
36 | 	<!-- Authentication manager -->
37 | 	<authentication-manager alias="authenticationManagerForRest">
38 | 		<authentication-provider user-service-ref="customUserDetailsService" />
39 | 	</authentication-manager>
40 | 
41 | 	<!-- Enable the annotations for defining the secure role -->
42 | 	<global-method-security secured-annotations="enabled" />
43 | 
44 | </beans:beans>


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/target/spring-security-custom-rest-api/WEB-INF/classes/webSecurityConfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <beans:beans xmlns="http://www.springframework.org/schema/security"
 3 | 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
 4 | 	xmlns:sec="http://www.springframework.org/schema/security"
 5 | 	xsi:schemaLocation="
 6 |       http://www.springframework.org/schema/security
 7 |       http://www.springframework.org/schema/security/spring-security-3.2.xsd
 8 |       http://www.springframework.org/schema/beans
 9 |       http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
10 | 
11 | 	<!-- Rest authentication entry point configuration -->
12 | 	<http use-expressions="true" create-session="stateless"
13 | 		entry-point-ref="restServicesEntryPoint" authentication-manager-ref="authenticationManagerForRest">
14 | 		<intercept-url pattern="/api/**" />
15 | 		<sec:form-login authentication-success-handler-ref="mySuccessHandler" />
16 | 		<sec:access-denied-handler ref="myAuthenticationAccessDeniedHandler" />
17 | 		<http-basic />
18 | 	</http>
19 | 
20 | 	<!-- Entry point for REST service. -->
21 | 	<beans:bean id="restServicesEntryPoint"
22 | 		class="spring.security.custom.rest.api.security.RestAuthenticationEntryPoint" />
23 | 
24 | 	<!-- Custom User details service which is provide the user data -->
25 | 	<beans:bean id="customUserDetailsService"
26 | 		class="spring.security.custom.rest.api.security.CustomUserDetailsService" />
27 | 
28 | 	<!-- Connect the custom authentication success handler -->
29 | 	<beans:bean id="mySuccessHandler"
30 | 		class="spring.security.custom.rest.api.security.RestAuthenticationSuccessHandler" />
31 | 
32 | 	<!-- Using default failure handler -->
33 | 	<beans:bean id="myAuthenticationAccessDeniedHandler"
34 | 		class="spring.security.custom.rest.api.security.RestAuthenticationAccessDeniedHandler" />
35 | 
36 | 	<!-- Authentication manager -->
37 | 	<authentication-manager alias="authenticationManagerForRest">
38 | 		<authentication-provider user-service-ref="customUserDetailsService" />
39 | 	</authentication-manager>
40 | 
41 | 	<!-- Enable the annotations for defining the secure role -->
42 | 	<global-method-security secured-annotations="enabled" />
43 | 
44 | </beans:beans>


--------------------------------------------------------------------------------
/spring.security.rest.api/src/main/java/spring/security/rest/api/security/RestAuthenticationSuccessHandler.java:
--------------------------------------------------------------------------------
 1 | package spring.security.rest.api.security;
 2 | 
 3 | import java.io.IOException;
 4 | 
 5 | import javax.servlet.ServletException;
 6 | import javax.servlet.http.HttpServletRequest;
 7 | import javax.servlet.http.HttpServletResponse;
 8 | 
 9 | import org.springframework.security.core.Authentication;
10 | import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
11 | import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
12 | import org.springframework.security.web.savedrequest.RequestCache;
13 | import org.springframework.security.web.savedrequest.SavedRequest;
14 | import org.springframework.util.StringUtils;
15 | 
16 | /**
17 |  * This will call once the request is authenticated. If it is not, the request
18 |  * will be redirected to authenticate entry point
19 |  * 
20 |  * @author malalanayake
21 |  * 
22 |  */
23 | public class RestAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
24 | 	private RequestCache requestCache = new HttpSessionRequestCache();
25 | 
26 | 	@Override
27 | 	public void onAuthenticationSuccess(final HttpServletRequest request,
28 | 			final HttpServletResponse response, final Authentication authentication)
29 | 			throws ServletException, IOException {
30 | 		final SavedRequest savedRequest = requestCache.getRequest(request, response);
31 | 
32 | 		if (savedRequest == null) {
33 | 			clearAuthenticationAttributes(request);
34 | 			return;
35 | 		}
36 | 		final String targetUrlParameter = getTargetUrlParameter();
37 | 		if (isAlwaysUseDefaultTargetUrl()
38 | 				|| (targetUrlParameter != null && StringUtils.hasText(request
39 | 						.getParameter(targetUrlParameter)))) {
40 | 			requestCache.removeRequest(request, response);
41 | 			clearAuthenticationAttributes(request);
42 | 			return;
43 | 		}
44 | 
45 | 		clearAuthenticationAttributes(request);
46 | 
47 | 		// Use the DefaultSavedRequest URL
48 | 		// final String targetUrl = savedRequest.getRedirectUrl();
49 | 		// logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl);
50 | 		// getRedirectStrategy().sendRedirect(request, response, targetUrl);
51 | 	}
52 | 
53 | 	public void setRequestCache(final RequestCache requestCache) {
54 | 		this.requestCache = requestCache;
55 | 	}
56 | }
57 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/src/main/java/spring/security/custom/rest/api/security/CustomUserDetailsService.java:
--------------------------------------------------------------------------------
 1 | package spring.security.custom.rest.api.security;
 2 | 
 3 | import java.util.ArrayList;
 4 | import java.util.Collection;
 5 | 
 6 | import org.springframework.security.core.GrantedAuthority;
 7 | import org.springframework.security.core.userdetails.UserDetails;
 8 | import org.springframework.security.core.userdetails.UserDetailsService;
 9 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
10 | 
11 | /**
12 |  * CustomUserDetailsService provides the connection point to external data
13 |  * source
14 |  * 
15 |  * @author malalanayake
16 |  * 
17 |  */
18 | public class CustomUserDetailsService implements UserDetailsService {
19 | 	private String USER_ADMIN = "admin";
20 | 	private String PASS_ADMIN = "adminpass";
21 | 
22 | 	private String USER = "user";
23 | 	private String PASS = "userpass";
24 | 
25 | 	@Override
26 | 	public UserDetails loadUserByUsername(String authentication) throws UsernameNotFoundException {
27 | 		CustomUserData customUserData = new CustomUserData();
28 | 		// You can talk to any of your user details service and get the
29 | 		// authentication data and return as CustomUserData object then spring
30 | 		// framework will take care of the authentication
31 | 		if (USER_ADMIN.equals(authentication)) {
32 | 			customUserData.setAuthentication(true);
33 | 			customUserData.setPassword(PASS_ADMIN);
34 | 			Collection<CustomRole> roles = new ArrayList<CustomRole>();
35 | 			CustomRole customRole = new CustomRole();
36 | 			customRole.setAuthority("ROLE_ADMIN");
37 | 			roles.add(customRole);
38 | 			customUserData.setAuthorities(roles);
39 | 			return customUserData;
40 | 		} else if (USER.equals(authentication)) {
41 | 			customUserData.setAuthentication(true);
42 | 			customUserData.setPassword(PASS);
43 | 			Collection<CustomRole> roles = new ArrayList<CustomRole>();
44 | 			CustomRole customRole = new CustomRole();
45 | 			customRole.setAuthority("ROLE_USER");
46 | 			roles.add(customRole);
47 | 			customUserData.setAuthorities(roles);
48 | 			return customUserData;
49 | 		} else {
50 | 			return null;
51 | 		}
52 | 	}
53 | 
54 | 	/**
55 | 	 * Custom Role class for manage the authorities
56 | 	 * 
57 | 	 * @author malalanayake
58 | 	 * 
59 | 	 */
60 | 	private class CustomRole implements GrantedAuthority {
61 | 		String role = null;
62 | 
63 | 		@Override
64 | 		public String getAuthority() {
65 | 			return role;
66 | 		}
67 | 
68 | 		public void setAuthority(String roleName) {
69 | 			this.role = roleName;
70 | 		}
71 | 
72 | 	}
73 | 
74 | }
75 | 


--------------------------------------------------------------------------------
/spring.security.rest.api/pom.xml:
--------------------------------------------------------------------------------
  1 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  2 | 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  3 | 	<modelVersion>4.0.0</modelVersion>
  4 | 
  5 | 	<groupId>spring</groupId>
  6 | 	<artifactId>spring.security.rest.api</artifactId>
  7 | 	<version>0.0.1-SNAPSHOT</version>
  8 | 
  9 | 	<name>spring.security.rest.api</name>
 10 | 	<packaging>war</packaging>
 11 | 
 12 | 	<properties>
 13 | 		<!-- Make platform independant -->
 14 | 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 15 | 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 16 | 
 17 | 		<!-- Spring -->
 18 | 		<org.springframework.version>4.0.5.RELEASE</org.springframework.version>
 19 | 		<org.springframework.security.version>3.2.4.RELEASE</org.springframework.security.version>
 20 | 
 21 | 		<!-- persistence -->
 22 | 		<hibernate.version>4.3.5.Final</hibernate.version>
 23 | 		<mysql-connector-java.version>5.1.30</mysql-connector-java.version>
 24 | 
 25 | 		<!-- logging -->
 26 | 		<org.slf4j.version>1.7.6</org.slf4j.version>
 27 | 		<logback.version>1.1.1</logback.version>
 28 | 
 29 | 		<!-- various -->
 30 | 		<hibernate-validator.version>5.1.1.Final</hibernate-validator.version>
 31 | 
 32 | 		<!-- util -->
 33 | 		<guava.version>17.0</guava.version>
 34 | 		<commons-lang3.version>3.3.2</commons-lang3.version>
 35 | 
 36 | 		<!-- testing -->
 37 | 		<org.hamcrest.version>1.3</org.hamcrest.version>
 38 | 		<junit.version>4.11</junit.version>
 39 | 		<mockito.version>1.9.5</mockito.version>
 40 | 
 41 | 		<httpcore.version>4.3.2</httpcore.version>
 42 | 		<httpclient.version>4.3.3</httpclient.version>
 43 | 
 44 | 		<rest-assured.version>2.3.1</rest-assured.version>
 45 | 
 46 | 		<!-- Maven plugins -->
 47 | 		<maven-compiler-plugin.version>3.1</maven-compiler-plugin.version>
 48 | 		<maven-war-plugin.version>2.4</maven-war-plugin.version>
 49 | 		<maven-surefire-plugin.version>2.17</maven-surefire-plugin.version>
 50 | 		<cargo-maven2-plugin.version>1.4.8</cargo-maven2-plugin.version>
 51 | 	</properties>
 52 | 
 53 | 	<dependencies>
 54 | 
 55 | 		<!-- Spring Security -->
 56 | 
 57 | 		<dependency>
 58 | 			<groupId>org.springframework.security</groupId>
 59 | 			<artifactId>spring-security-web</artifactId>
 60 | 			<version>${org.springframework.security.version}</version>
 61 | 		</dependency>
 62 | 		<dependency>
 63 | 			<groupId>org.springframework.security</groupId>
 64 | 			<artifactId>spring-security-config</artifactId>
 65 | 			<version>${org.springframework.security.version}</version>
 66 | 		</dependency>
 67 | 
 68 | 		<!-- Spring -->
 69 | 
 70 | 		<dependency>
 71 | 			<groupId>org.springframework</groupId>
 72 | 			<artifactId>spring-core</artifactId>
 73 | 			<version>${org.springframework.version}</version>
 74 | 			<exclusions>
 75 | 				<exclusion>
 76 | 					<artifactId>commons-logging</artifactId>
 77 | 					<groupId>commons-logging</groupId>
 78 | 				</exclusion>
 79 | 			</exclusions>
 80 | 		</dependency>
 81 | 		<dependency>
 82 | 			<groupId>org.springframework</groupId>
 83 | 			<artifactId>spring-context</artifactId>
 84 | 			<version>${org.springframework.version}</version>
 85 | 		</dependency>
 86 | 		<dependency>
 87 | 			<groupId>org.springframework</groupId>
 88 | 			<artifactId>spring-jdbc</artifactId>
 89 | 			<version>${org.springframework.version}</version>
 90 | 		</dependency>
 91 | 		<dependency>
 92 | 			<groupId>org.springframework</groupId>
 93 | 			<artifactId>spring-beans</artifactId>
 94 | 			<version>${org.springframework.version}</version>
 95 | 		</dependency>
 96 | 		<dependency>
 97 | 			<groupId>org.springframework</groupId>
 98 | 			<artifactId>spring-aop</artifactId>
 99 | 			<version>${org.springframework.version}</version>
100 | 		</dependency>
101 | 		<dependency>
102 | 			<groupId>org.springframework</groupId>
103 | 			<artifactId>spring-tx</artifactId>
104 | 			<version>${org.springframework.version}</version>
105 | 		</dependency>
106 | 		<dependency>
107 | 			<groupId>org.springframework</groupId>
108 | 			<artifactId>spring-expression</artifactId>
109 | 			<version>${org.springframework.version}</version>
110 | 		</dependency>
111 | 
112 | 		<dependency>
113 | 			<groupId>org.springframework</groupId>
114 | 			<artifactId>spring-web</artifactId>
115 | 			<version>${org.springframework.version}</version>
116 | 		</dependency>
117 | 		<dependency>
118 | 			<groupId>org.springframework</groupId>
119 | 			<artifactId>spring-webmvc</artifactId>
120 | 			<version>${org.springframework.version}</version>
121 | 		</dependency>
122 | 
123 | 		<!-- web -->
124 | 
125 | 		<dependency>
126 | 			<groupId>javax.servlet</groupId>
127 | 			<artifactId>javax.servlet-api</artifactId>
128 | 			<version>3.0.1</version>
129 | 			<scope>provided</scope>
130 | 		</dependency>
131 | 
132 | 		<dependency>
133 | 			<groupId>javax.servlet</groupId>
134 | 			<artifactId>jstl</artifactId>
135 | 			<version>1.2</version>
136 | 			<scope>runtime</scope>
137 | 		</dependency>
138 | 
139 | 		<!-- marshalling -->
140 | 
141 | 		<dependency>
142 | 			<groupId>com.fasterxml.jackson.core</groupId>
143 | 			<artifactId>jackson-databind</artifactId>
144 | 			<version>2.2.2</version>
145 | 		</dependency>
146 | 
147 | 		<!-- util -->
148 | 
149 | 		<dependency>
150 | 			<groupId>com.google.guava</groupId>
151 | 			<artifactId>guava</artifactId>
152 | 			<version>${guava.version}</version>
153 | 		</dependency>
154 | 		<dependency>
155 | 			<groupId>org.apache.commons</groupId>
156 | 			<artifactId>commons-lang3</artifactId>
157 | 			<version>3.1</version>
158 | 		</dependency>
159 | 		<!-- logging -->
160 | 
161 | 		<dependency>
162 | 			<groupId>org.slf4j</groupId>
163 | 			<artifactId>slf4j-api</artifactId>
164 | 			<version>${org.slf4j.version}</version>
165 | 		</dependency>
166 | 		<dependency>
167 | 			<groupId>ch.qos.logback</groupId>
168 | 			<artifactId>logback-classic</artifactId>
169 | 			<version>${logback.version}</version>
170 | 			<!-- <scope>runtime</scope> -->
171 | 		</dependency>
172 | 		<dependency>
173 | 			<groupId>org.slf4j</groupId>
174 | 			<artifactId>jcl-over-slf4j</artifactId>
175 | 			<version>${org.slf4j.version}</version>
176 | 			<!-- <scope>runtime</scope> --> <!-- some spring dependencies need to compile against jcl -->
177 | 		</dependency>
178 | 		<dependency> <!-- needed to bridge to slf4j for projects that use the log4j APIs directly -->
179 | 			<groupId>org.slf4j</groupId>
180 | 			<artifactId>log4j-over-slf4j</artifactId>
181 | 			<version>${org.slf4j.version}</version>
182 | 		</dependency>
183 | 
184 | 		<!-- test scoped -->
185 | 
186 | 		<!-- <dependency> <groupId>junit</groupId> <artifactId>junit-dep</artifactId> 
187 | 			<version>${junit.version}</version> <scope>test</scope> </dependency> <dependency> 
188 | 			<groupId>org.hamcrest</groupId> <artifactId>hamcrest-core</artifactId> <version>${org.hamcrest.version}</version> 
189 | 			<scope>test</scope> </dependency> <dependency> <groupId>org.hamcrest</groupId> 
190 | 			<artifactId>hamcrest-library</artifactId> <version>${org.hamcrest.version}</version> 
191 | 			<scope>test</scope> </dependency> <dependency> <groupId>org.mockito</groupId> 
192 | 			<artifactId>mockito-core</artifactId> <version>${mockito.version}</version> 
193 | 			<scope>test</scope> </dependency> -->
194 | 
195 | 	</dependencies>
196 | 
197 | 	<build>
198 | 		<finalName>spring-security-rest-api</finalName>
199 | 		<resources>
200 | 			<resource>
201 | 				<directory>src/main/resources</directory>
202 | 				<filtering>true</filtering>
203 | 			</resource>
204 | 		</resources>
205 | 
206 | 		<plugins>
207 | 
208 | 			<plugin>
209 | 				<groupId>org.apache.maven.plugins</groupId>
210 | 				<artifactId>maven-compiler-plugin</artifactId>
211 | 				<version>3.1</version>
212 | 				<configuration>
213 | 					<source>1.7</source>
214 | 					<target>1.7</target>
215 | 				</configuration>
216 | 			</plugin>
217 | 
218 | 			<plugin>
219 | 				<groupId>org.apache.maven.plugins</groupId>
220 | 				<artifactId>maven-war-plugin</artifactId>
221 | 				<version>${maven-war-plugin.version}</version>
222 | 			</plugin>
223 | 
224 | 			<plugin>
225 | 				<groupId>org.apache.maven.plugins</groupId>
226 | 				<artifactId>maven-surefire-plugin</artifactId>
227 | 				<version>${maven-surefire-plugin.version}</version>
228 | 				<configuration>
229 | 					<excludes>
230 | 						<!-- <exclude>**/*ProductionTest.java</exclude> -->
231 | 					</excludes>
232 | 					<systemPropertyVariables>
233 | 						<!-- <provPersistenceTarget>h2</provPersistenceTarget> -->
234 | 					</systemPropertyVariables>
235 | 				</configuration>
236 | 			</plugin>
237 | 
238 | 			<plugin>
239 | 				<groupId>org.codehaus.cargo</groupId>
240 | 				<artifactId>cargo-maven2-plugin</artifactId>
241 | 				<version>${cargo-maven2-plugin.version}</version>
242 | 				<configuration>
243 | 					<wait>true</wait>
244 | 					<container>
245 | 						<containerId>jetty8x</containerId>
246 | 						<type>embedded</type>
247 | 						<systemProperties>
248 | 							<!-- <provPersistenceTarget>cargo</provPersistenceTarget> -->
249 | 						</systemProperties>
250 | 					</container>
251 | 					<configuration>
252 | 						<properties>
253 | 							<cargo.servlet.port>8082</cargo.servlet.port>
254 | 						</properties>
255 | 					</configuration>
256 | 				</configuration>
257 | 			</plugin>
258 | 
259 | 		</plugins>
260 | 
261 | 	</build>
262 | 
263 | </project>
264 | 


--------------------------------------------------------------------------------
/spring.security.custom.rest.api/pom.xml:
--------------------------------------------------------------------------------
  1 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  2 | 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  3 | 	<modelVersion>4.0.0</modelVersion>
  4 | 
  5 | 	<groupId>spring</groupId>
  6 | 	<artifactId>spring.security.custom.rest.api</artifactId>
  7 | 	<version>0.0.1-SNAPSHOT</version>
  8 | 
  9 | 	<name>spring.security.custom.rest.api</name>
 10 | 	<packaging>war</packaging>
 11 | 
 12 | 	<properties>
 13 | 		<!-- Make platform independant -->
 14 | 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 15 | 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 16 | 
 17 | 		<!-- Spring -->
 18 | 		<org.springframework.version>4.0.5.RELEASE</org.springframework.version>
 19 | 		<org.springframework.security.version>3.2.4.RELEASE</org.springframework.security.version>
 20 | 
 21 | 		<!-- persistence -->
 22 | 		<hibernate.version>4.3.5.Final</hibernate.version>
 23 | 		<mysql-connector-java.version>5.1.30</mysql-connector-java.version>
 24 | 
 25 | 		<!-- logging -->
 26 | 		<org.slf4j.version>1.7.6</org.slf4j.version>
 27 | 		<logback.version>1.1.1</logback.version>
 28 | 
 29 | 		<!-- various -->
 30 | 		<hibernate-validator.version>5.1.1.Final</hibernate-validator.version>
 31 | 
 32 | 		<!-- util -->
 33 | 		<guava.version>17.0</guava.version>
 34 | 		<commons-lang3.version>3.3.2</commons-lang3.version>
 35 | 
 36 | 		<!-- testing -->
 37 | 		<org.hamcrest.version>1.3</org.hamcrest.version>
 38 | 		<junit.version>4.11</junit.version>
 39 | 		<mockito.version>1.9.5</mockito.version>
 40 | 
 41 | 		<httpcore.version>4.3.2</httpcore.version>
 42 | 		<httpclient.version>4.3.3</httpclient.version>
 43 | 
 44 | 		<rest-assured.version>2.3.1</rest-assured.version>
 45 | 
 46 | 		<!-- Maven plugins -->
 47 | 		<maven-compiler-plugin.version>3.1</maven-compiler-plugin.version>
 48 | 		<maven-war-plugin.version>2.4</maven-war-plugin.version>
 49 | 		<maven-surefire-plugin.version>2.17</maven-surefire-plugin.version>
 50 | 		<cargo-maven2-plugin.version>1.4.8</cargo-maven2-plugin.version>
 51 | 	</properties>
 52 | 
 53 | 	<dependencies>
 54 | 
 55 | 		<!-- Spring Security -->
 56 | 
 57 | 		<dependency>
 58 | 			<groupId>org.springframework.security</groupId>
 59 | 			<artifactId>spring-security-web</artifactId>
 60 | 			<version>${org.springframework.security.version}</version>
 61 | 		</dependency>
 62 | 		<dependency>
 63 | 			<groupId>org.springframework.security</groupId>
 64 | 			<artifactId>spring-security-config</artifactId>
 65 | 			<version>${org.springframework.security.version}</version>
 66 | 		</dependency>
 67 | 
 68 | 		<!-- Spring -->
 69 | 
 70 | 		<dependency>
 71 | 			<groupId>org.springframework</groupId>
 72 | 			<artifactId>spring-core</artifactId>
 73 | 			<version>${org.springframework.version}</version>
 74 | 			<exclusions>
 75 | 				<exclusion>
 76 | 					<artifactId>commons-logging</artifactId>
 77 | 					<groupId>commons-logging</groupId>
 78 | 				</exclusion>
 79 | 			</exclusions>
 80 | 		</dependency>
 81 | 		<dependency>
 82 | 			<groupId>org.springframework</groupId>
 83 | 			<artifactId>spring-context</artifactId>
 84 | 			<version>${org.springframework.version}</version>
 85 | 		</dependency>
 86 | 		<dependency>
 87 | 			<groupId>org.springframework</groupId>
 88 | 			<artifactId>spring-jdbc</artifactId>
 89 | 			<version>${org.springframework.version}</version>
 90 | 		</dependency>
 91 | 		<dependency>
 92 | 			<groupId>org.springframework</groupId>
 93 | 			<artifactId>spring-beans</artifactId>
 94 | 			<version>${org.springframework.version}</version>
 95 | 		</dependency>
 96 | 		<dependency>
 97 | 			<groupId>org.springframework</groupId>
 98 | 			<artifactId>spring-aop</artifactId>
 99 | 			<version>${org.springframework.version}</version>
100 | 		</dependency>
101 | 		<dependency>
102 | 			<groupId>org.springframework</groupId>
103 | 			<artifactId>spring-tx</artifactId>
104 | 			<version>${org.springframework.version}</version>
105 | 		</dependency>
106 | 		<dependency>
107 | 			<groupId>org.springframework</groupId>
108 | 			<artifactId>spring-expression</artifactId>
109 | 			<version>${org.springframework.version}</version>
110 | 		</dependency>
111 | 
112 | 		<dependency>
113 | 			<groupId>org.springframework</groupId>
114 | 			<artifactId>spring-web</artifactId>
115 | 			<version>${org.springframework.version}</version>
116 | 		</dependency>
117 | 		<dependency>
118 | 			<groupId>org.springframework</groupId>
119 | 			<artifactId>spring-webmvc</artifactId>
120 | 			<version>${org.springframework.version}</version>
121 | 		</dependency>
122 | 
123 | 		<!-- web -->
124 | 
125 | 		<dependency>
126 | 			<groupId>javax.servlet</groupId>
127 | 			<artifactId>javax.servlet-api</artifactId>
128 | 			<version>3.0.1</version>
129 | 			<scope>provided</scope>
130 | 		</dependency>
131 | 
132 | 		<dependency>
133 | 			<groupId>javax.servlet</groupId>
134 | 			<artifactId>jstl</artifactId>
135 | 			<version>1.2</version>
136 | 			<scope>runtime</scope>
137 | 		</dependency>
138 | 
139 | 		<!-- marshalling -->
140 | 
141 | 		<dependency>
142 | 			<groupId>com.fasterxml.jackson.core</groupId>
143 | 			<artifactId>jackson-databind</artifactId>
144 | 			<version>2.2.2</version>
145 | 		</dependency>
146 | 
147 | 		<!-- util -->
148 | 
149 | 		<dependency>
150 | 			<groupId>com.google.guava</groupId>
151 | 			<artifactId>guava</artifactId>
152 | 			<version>${guava.version}</version>
153 | 		</dependency>
154 | 		<dependency>
155 | 			<groupId>org.apache.commons</groupId>
156 | 			<artifactId>commons-lang3</artifactId>
157 | 			<version>3.1</version>
158 | 		</dependency>
159 | 		<!-- logging -->
160 | 
161 | 		<dependency>
162 | 			<groupId>org.slf4j</groupId>
163 | 			<artifactId>slf4j-api</artifactId>
164 | 			<version>${org.slf4j.version}</version>
165 | 		</dependency>
166 | 		<dependency>
167 | 			<groupId>ch.qos.logback</groupId>
168 | 			<artifactId>logback-classic</artifactId>
169 | 			<version>${logback.version}</version>
170 | 			<!-- <scope>runtime</scope> -->
171 | 		</dependency>
172 | 		<dependency>
173 | 			<groupId>org.slf4j</groupId>
174 | 			<artifactId>jcl-over-slf4j</artifactId>
175 | 			<version>${org.slf4j.version}</version>
176 | 			<!-- <scope>runtime</scope> --> <!-- some spring dependencies need to compile against jcl -->
177 | 		</dependency>
178 | 		<dependency> <!-- needed to bridge to slf4j for projects that use the log4j APIs directly -->
179 | 			<groupId>org.slf4j</groupId>
180 | 			<artifactId>log4j-over-slf4j</artifactId>
181 | 			<version>${org.slf4j.version}</version>
182 | 		</dependency>
183 | 
184 | 		<!-- test scoped -->
185 | 
186 | 		<!-- <dependency> <groupId>junit</groupId> <artifactId>junit-dep</artifactId> 
187 | 			<version>${junit.version}</version> <scope>test</scope> </dependency> <dependency> 
188 | 			<groupId>org.hamcrest</groupId> <artifactId>hamcrest-core</artifactId> <version>${org.hamcrest.version}</version> 
189 | 			<scope>test</scope> </dependency> <dependency> <groupId>org.hamcrest</groupId> 
190 | 			<artifactId>hamcrest-library</artifactId> <version>${org.hamcrest.version}</version> 
191 | 			<scope>test</scope> </dependency> <dependency> <groupId>org.mockito</groupId> 
192 | 			<artifactId>mockito-core</artifactId> <version>${mockito.version}</version> 
193 | 			<scope>test</scope> </dependency> -->
194 | 
195 | 	</dependencies>
196 | 
197 | 	<build>
198 | 		<finalName>spring-security-custom-rest-api</finalName>
199 | 		<resources>
200 | 			<resource>
201 | 				<directory>src/main/resources</directory>
202 | 				<filtering>true</filtering>
203 | 			</resource>
204 | 		</resources>
205 | 
206 | 		<plugins>
207 | 
208 | 			<plugin>
209 | 				<groupId>org.apache.maven.plugins</groupId>
210 | 				<artifactId>maven-compiler-plugin</artifactId>
211 | 				<version>3.1</version>
212 | 				<configuration>
213 | 					<source>1.7</source>
214 | 					<target>1.7</target>
215 | 				</configuration>
216 | 			</plugin>
217 | 
218 | 			<plugin>
219 | 				<groupId>org.apache.maven.plugins</groupId>
220 | 				<artifactId>maven-war-plugin</artifactId>
221 | 				<version>${maven-war-plugin.version}</version>
222 | 			</plugin>
223 | 
224 | 			<plugin>
225 | 				<groupId>org.apache.maven.plugins</groupId>
226 | 				<artifactId>maven-surefire-plugin</artifactId>
227 | 				<version>${maven-surefire-plugin.version}</version>
228 | 				<configuration>
229 | 					<excludes>
230 | 						<!-- <exclude>**/*ProductionTest.java</exclude> -->
231 | 					</excludes>
232 | 					<systemPropertyVariables>
233 | 						<!-- <provPersistenceTarget>h2</provPersistenceTarget> -->
234 | 					</systemPropertyVariables>
235 | 				</configuration>
236 | 			</plugin>
237 | 
238 | 			<plugin>
239 | 				<groupId>org.codehaus.cargo</groupId>
240 | 				<artifactId>cargo-maven2-plugin</artifactId>
241 | 				<version>${cargo-maven2-plugin.version}</version>
242 | 				<configuration>
243 | 					<wait>true</wait>
244 | 					<container>
245 | 						<containerId>jetty8x</containerId>
246 | 						<type>embedded</type>
247 | 						<systemProperties>
248 | 							<!-- <provPersistenceTarget>cargo</provPersistenceTarget> -->
249 | 						</systemProperties>
250 | 					</container>
251 | 					<configuration>
252 | 						<properties>
253 | 							<cargo.servlet.port>8082</cargo.servlet.port>
254 | 						</properties>
255 | 					</configuration>
256 | 				</configuration>
257 | 			</plugin>
258 | 
259 | 		</plugins>
260 | 
261 | 	</build>
262 | 
263 | </project>
264 | 


--------------------------------------------------------------------------------