├── .gitignore
├── CONTRIBUTING.markdown
├── LICENSE.txt
├── NOTICE.txt
├── README.markdown
├── pom.xml
└── src
├── assembly
└── sources.xml
└── main
├── java
└── thymeleafexamples
│ └── springsecurity
│ ├── SpringSecurityWebApplicationInitializer.java
│ ├── SpringWebApplicationInitializer.java
│ ├── security
│ └── SpringSecurityConfig.java
│ └── web
│ ├── SpringWebConfig.java
│ └── controller
│ ├── ErrorController.java
│ └── MainController.java
├── resources
└── log4j.properties
└── webapp
├── WEB-INF
└── templates
│ ├── 403.html
│ ├── admin
│ └── index.html
│ ├── error.html
│ ├── index.html
│ ├── login.html
│ ├── shared
│ └── index.html
│ └── user
│ └── index.html
└── css
└── main.css
/.gitignore:
--------------------------------------------------------------------------------
1 | .classpath
2 | .project
3 | target/
4 | bin/
5 | .settings/
6 | .idea/
7 | *.iml
8 |
9 |
--------------------------------------------------------------------------------
/CONTRIBUTING.markdown:
--------------------------------------------------------------------------------
1 | # Contributing to Thymeleaf
2 |
3 | Thymeleaf is released under the Apache 2.0 license. If you would like to
4 | contribute something, or want to hack on the code this document should help you
5 | get started.
6 |
7 |
8 | ## Code of Conduct
9 |
10 | This project adheres to the Contributor Covenant
11 | [code of conduct][code-of-coduct].
12 | By participating, you are expected to uphold this code. Please report
13 | unacceptable behavior to [the project leads][thymeleaf-team].
14 |
15 |
16 | ## Using GitHub Issues
17 |
18 | We use GitHub issues to track bugs and enhancements.
19 | If you have a general usage question please ask on
20 | [Stack Overflow][stackoverflow].
21 | The Thymeleaf team and the broader community monitor the
22 | [`thymeleaf`][stackoverflow-thymeleaf] tag.
23 |
24 | If you are reporting a bug, please help to speed up problem diagnosis by
25 | providing as much information as possible.
26 | Ideally, that would include a small sample project that reproduces the problem.
27 |
28 |
29 | ## Before submitting a Contribution
30 |
31 | Before submitting a contribution that is not an obvious or trivial fix,
32 | get in contact with the [the project leads][thymeleaf-team] about your
33 | ideas (an email should do). Let us discuss the possibilities with you so that
34 | we make sure your contribution goes in the right direction and aligns with the
35 | project's standards, intentions and roadmap.
36 |
37 | Please understand that *not all contributions will be accepted and merged into
38 | the project's repositories*. Talking about your planned contributions with the
39 | project maintainers before creating pull requests can maximize the possibility
40 | of your contributions being accepted.
41 |
42 |
43 |
44 | ## Signing the Contributor License Agreement
45 |
46 | Before we accept a non-trivial patch or pull request we will need you to
47 | sign a **Contributor License Agreement**.
48 |
49 | There are two versions of the CLA:
50 |
51 | * **Individual CLA**: For individuals acting on their own behalf, i.e. not
52 | being backed by any company or government, and not making their
53 | contributions potentially under the effect of any contracts, agreements or
54 | laws that could cause their employeer (or any other entities) claim
55 | any rights on their contribution.
56 | * **Corporate CLA**: For corporate entities allowing some of their employees
57 | to contribute to Thymeleaf on the entity's behalf.
58 |
59 | For more information on the CLA and the (very easy) process involving this
60 | step, please have a look at the [Thymeleaf CLA repository][cla].
61 |
62 |
63 |
64 | ## Conventions and Housekeeping
65 |
66 | ### General Guidelines:
67 |
68 | - Obviously, **your code must both compile and work correctly**.
69 | - All your code should be easy to read and understand by a human. The same
70 | requirement applies to documentation.
71 | - Unless for specific artifacts such as documentation translations, all
72 | code, comments, documentation, names of classes and variables,
73 | log messages, etc. must be **in English**.
74 | - All contribured files must include the standard Thymeleaf copyright header.
75 | - Maximum recommended line length is 120 characters. This is not strictly
76 | enforced.
77 | - Indentation should be made with 4 spaces, not tabs. Line feeds should be
78 | UNIX-like (`\n`).
79 | - All source files should be pure ASCII, except `.properties` files which
80 | should be ISO-8859-1.
81 | - You shall add yourself as _author_ (e.g. Javadoc `@author`) to any files
82 | that you create or modify substantially (more than cosmetic changes).
83 |
84 | ### Specific Java Code Gudelines:
85 |
86 | - All your code should compile and run in the current minimum Java version
87 | of the project.
88 | - All your code should follow the Java Code Conventions regarding
89 | variable/method/class naming.
90 | - Number autoboxing and/or autounboxing is forbidden.
91 | - Every class should define a constructor, even if it is the no-argument
92 | constructor, and include a call to `super()`.
93 | - All method parameters should be declared as `final` so that they cannot be
94 | changed or reassigned in the method.
95 | - All non-nullable parameters in public methods should be first validated for
96 | non-nullity inside the code.
97 | - Existing Javadoc must be maintained along with performed changes. Addition
98 | of new Javadoc for public methods or code comments for any non-trivial
99 | algorithms is always welcome.
100 | - Writing unit tests for new, existing and modified code is always welcome
101 | too. For any new algorithms or functionality contributed, or substantial
102 | modifications made to existing ones, the team might consider these a
103 | requirement.
104 |
105 |
106 |
107 |
108 | [cla]: https://github.com/thymeleaf/thymeleaf-org/blob/CLA_CURRENT/CLA/
109 | [code-of-coduct]: https://github.com/thymeleaf/thymeleaf-org/blob/CoC_CURRENT/CoC/THYMELEAF_CODE_OF_CONDUCT.markdown
110 | [thymeleaf-team]: https://www.thymeleaf.org/team.html
111 | [stackoverflow]: https://stackoverflow.com
112 | [stackoverflow-thymeleaf]: https://stackoverflow.com/tags/thymeleaf
113 |
--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
1 |
2 | Apache License
3 | Version 2.0, January 2004
4 | http://www.apache.org/licenses/
5 |
6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
7 |
8 | 1. Definitions.
9 |
10 | "License" shall mean the terms and conditions for use, reproduction,
11 | and distribution as defined by Sections 1 through 9 of this document.
12 |
13 | "Licensor" shall mean the copyright owner or entity authorized by
14 | the copyright owner that is granting the License.
15 |
16 | "Legal Entity" shall mean the union of the acting entity and all
17 | other entities that control, are controlled by, or are under common
18 | control with that entity. For the purposes of this definition,
19 | "control" means (i) the power, direct or indirect, to cause the
20 | direction or management of such entity, whether by contract or
21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
22 | outstanding shares, or (iii) beneficial ownership of such entity.
23 |
24 | "You" (or "Your") shall mean an individual or Legal Entity
25 | exercising permissions granted by this License.
26 |
27 | "Source" form shall mean the preferred form for making modifications,
28 | including but not limited to software source code, documentation
29 | source, and configuration files.
30 |
31 | "Object" form shall mean any form resulting from mechanical
32 | transformation or translation of a Source form, including but
33 | not limited to compiled object code, generated documentation,
34 | and conversions to other media types.
35 |
36 | "Work" shall mean the work of authorship, whether in Source or
37 | Object form, made available under the License, as indicated by a
38 | copyright notice that is included in or attached to the work
39 | (an example is provided in the Appendix below).
40 |
41 | "Derivative Works" shall mean any work, whether in Source or Object
42 | form, that is based on (or derived from) the Work and for which the
43 | editorial revisions, annotations, elaborations, or other modifications
44 | represent, as a whole, an original work of authorship. For the purposes
45 | of this License, Derivative Works shall not include works that remain
46 | separable from, or merely link (or bind by name) to the interfaces of,
47 | the Work and Derivative Works thereof.
48 |
49 | "Contribution" shall mean any work of authorship, including
50 | the original version of the Work and any modifications or additions
51 | to that Work or Derivative Works thereof, that is intentionally
52 | submitted to Licensor for inclusion in the Work by the copyright owner
53 | or by an individual or Legal Entity authorized to submit on behalf of
54 | the copyright owner. For the purposes of this definition, "submitted"
55 | means any form of electronic, verbal, or written communication sent
56 | to the Licensor or its representatives, including but not limited to
57 | communication on electronic mailing lists, source code control systems,
58 | and issue tracking systems that are managed by, or on behalf of, the
59 | Licensor for the purpose of discussing and improving the Work, but
60 | excluding communication that is conspicuously marked or otherwise
61 | designated in writing by the copyright owner as "Not a Contribution."
62 |
63 | "Contributor" shall mean Licensor and any individual or Legal Entity
64 | on behalf of whom a Contribution has been received by Licensor and
65 | subsequently incorporated within the Work.
66 |
67 | 2. Grant of Copyright License. Subject to the terms and conditions of
68 | this License, each Contributor hereby grants to You a perpetual,
69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
70 | copyright license to reproduce, prepare Derivative Works of,
71 | publicly display, publicly perform, sublicense, and distribute the
72 | Work and such Derivative Works in Source or Object form.
73 |
74 | 3. Grant of Patent License. Subject to the terms and conditions of
75 | this License, each Contributor hereby grants to You a perpetual,
76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
77 | (except as stated in this section) patent license to make, have made,
78 | use, offer to sell, sell, import, and otherwise transfer the Work,
79 | where such license applies only to those patent claims licensable
80 | by such Contributor that are necessarily infringed by their
81 | Contribution(s) alone or by combination of their Contribution(s)
82 | with the Work to which such Contribution(s) was submitted. If You
83 | institute patent litigation against any entity (including a
84 | cross-claim or counterclaim in a lawsuit) alleging that the Work
85 | or a Contribution incorporated within the Work constitutes direct
86 | or contributory patent infringement, then any patent licenses
87 | granted to You under this License for that Work shall terminate
88 | as of the date such litigation is filed.
89 |
90 | 4. Redistribution. You may reproduce and distribute copies of the
91 | Work or Derivative Works thereof in any medium, with or without
92 | modifications, and in Source or Object form, provided that You
93 | meet the following conditions:
94 |
95 | (a) You must give any other recipients of the Work or
96 | Derivative Works a copy of this License; and
97 |
98 | (b) You must cause any modified files to carry prominent notices
99 | stating that You changed the files; and
100 |
101 | (c) You must retain, in the Source form of any Derivative Works
102 | that You distribute, all copyright, patent, trademark, and
103 | attribution notices from the Source form of the Work,
104 | excluding those notices that do not pertain to any part of
105 | the Derivative Works; and
106 |
107 | (d) If the Work includes a "NOTICE" text file as part of its
108 | distribution, then any Derivative Works that You distribute must
109 | include a readable copy of the attribution notices contained
110 | within such NOTICE file, excluding those notices that do not
111 | pertain to any part of the Derivative Works, in at least one
112 | of the following places: within a NOTICE text file distributed
113 | as part of the Derivative Works; within the Source form or
114 | documentation, if provided along with the Derivative Works; or,
115 | within a display generated by the Derivative Works, if and
116 | wherever such third-party notices normally appear. The contents
117 | of the NOTICE file are for informational purposes only and
118 | do not modify the License. You may add Your own attribution
119 | notices within Derivative Works that You distribute, alongside
120 | or as an addendum to the NOTICE text from the Work, provided
121 | that such additional attribution notices cannot be construed
122 | as modifying the License.
123 |
124 | You may add Your own copyright statement to Your modifications and
125 | may provide additional or different license terms and conditions
126 | for use, reproduction, or distribution of Your modifications, or
127 | for any such Derivative Works as a whole, provided Your use,
128 | reproduction, and distribution of the Work otherwise complies with
129 | the conditions stated in this License.
130 |
131 | 5. Submission of Contributions. Unless You explicitly state otherwise,
132 | any Contribution intentionally submitted for inclusion in the Work
133 | by You to the Licensor shall be under the terms and conditions of
134 | this License, without any additional terms or conditions.
135 | Notwithstanding the above, nothing herein shall supersede or modify
136 | the terms of any separate license agreement you may have executed
137 | with Licensor regarding such Contributions.
138 |
139 | 6. Trademarks. This License does not grant permission to use the trade
140 | names, trademarks, service marks, or product names of the Licensor,
141 | except as required for reasonable and customary use in describing the
142 | origin of the Work and reproducing the content of the NOTICE file.
143 |
144 | 7. Disclaimer of Warranty. Unless required by applicable law or
145 | agreed to in writing, Licensor provides the Work (and each
146 | Contributor provides its Contributions) on an "AS IS" BASIS,
147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
148 | implied, including, without limitation, any warranties or conditions
149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
150 | PARTICULAR PURPOSE. You are solely responsible for determining the
151 | appropriateness of using or redistributing the Work and assume any
152 | risks associated with Your exercise of permissions under this License.
153 |
154 | 8. Limitation of Liability. In no event and under no legal theory,
155 | whether in tort (including negligence), contract, or otherwise,
156 | unless required by applicable law (such as deliberate and grossly
157 | negligent acts) or agreed to in writing, shall any Contributor be
158 | liable to You for damages, including any direct, indirect, special,
159 | incidental, or consequential damages of any character arising as a
160 | result of this License or out of the use or inability to use the
161 | Work (including but not limited to damages for loss of goodwill,
162 | work stoppage, computer failure or malfunction, or any and all
163 | other commercial damages or losses), even if such Contributor
164 | has been advised of the possibility of such damages.
165 |
166 | 9. Accepting Warranty or Additional Liability. While redistributing
167 | the Work or Derivative Works thereof, You may choose to offer,
168 | and charge a fee for, acceptance of support, warranty, indemnity,
169 | or other liability obligations and/or rights consistent with this
170 | License. However, in accepting such obligations, You may act only
171 | on Your own behalf and on Your sole responsibility, not on behalf
172 | of any other Contributor, and only if You agree to indemnify,
173 | defend, and hold each Contributor harmless for any liability
174 | incurred by, or claims asserted against, such Contributor by reason
175 | of your accepting any such warranty or additional liability.
176 |
177 | END OF TERMS AND CONDITIONS
178 |
179 | APPENDIX: How to apply the Apache License to your work.
180 |
181 | To apply the Apache License to your work, attach the following
182 | boilerplate notice, with the fields enclosed by brackets "[]"
183 | replaced with your own identifying information. (Don't include
184 | the brackets!) The text should be enclosed in the appropriate
185 | comment syntax for the file format. We also recommend that a
186 | file or class name and description of purpose be included on the
187 | same "printed page" as the copyright notice for easier
188 | identification within third-party archives.
189 |
190 | Copyright [yyyy] [name of copyright owner]
191 |
192 | Licensed under the Apache License, Version 2.0 (the "License");
193 | you may not use this file except in compliance with the License.
194 | You may obtain a copy of the License at
195 |
196 | http://www.apache.org/licenses/LICENSE-2.0
197 |
198 | Unless required by applicable law or agreed to in writing, software
199 | distributed under the License is distributed on an "AS IS" BASIS,
200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
201 | See the License for the specific language governing permissions and
202 | limitations under the License.
203 |
--------------------------------------------------------------------------------
/NOTICE.txt:
--------------------------------------------------------------------------------
1 |
2 | Copyright (c) 2013, The THYMELEAF team (http://www.thymeleaf.org)
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 |
16 |
--------------------------------------------------------------------------------
/README.markdown:
--------------------------------------------------------------------------------
1 |
2 | Thymeleaf Examples: Spring Security
3 | -----------------------------------
4 |
5 | To learn more:
6 |
7 | http://www.thymeleaf.org
8 |
9 |
10 | Building
11 | --------
12 |
13 | To build this project you will need Maven 2. You can get it at:
14 |
15 | http://maven.apache.org
16 |
17 | Clean compilation products:
18 |
19 | mvn clean
20 |
21 | Compile:
22 |
23 | mvn compile
24 |
25 | Run in a tomcat server:
26 |
27 | mvn tomcat7:run
28 |
29 | Once started, the application should be available at:
30 |
31 | http://localhost:8080/springsecurity
32 |
--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
23 |
24 | 4.0.0
25 | thymeleafexamples
26 | springsecurity
27 | war
28 | ci
29 | Thymeleaf Examples - Spring security
30 | Example of Thymeleaf and Spring-security integration
31 |
32 |
33 |
34 | The Apache Software License, Version 2.0
35 | http://www.apache.org/licenses/LICENSE-2.0.txt
36 | repo
37 |
38 |
39 |
40 |
41 | The THYMELEAF team
42 | http://www.thymeleaf.org
43 |
44 |
45 |
46 | scm:git:git@github.com:thymeleaf/thymeleafexamples-springsecurity.git
47 | scm:git:git@github.com:thymeleaf/thymeleafexamples-springsecurity.git
48 | scm:git:git@github.com:thymeleaf/thymeleafexamples-springsecurity.git
49 |
50 |
51 |
52 |
53 | danielfernandez
54 | Daniel Fernandez
55 | daniel.fernandez AT 11thlabs DOT org
56 |
57 | Project Admin
58 | Lead Developer
59 |
60 |
61 |
62 | jmiguelsamper
63 | Jose Miguel Samper
64 | jmiguelsamper AT users DOT sourceforge DOT net
65 |
66 | Developer
67 |
68 |
69 |
70 | ultraq
71 | Emanuel Rabina
72 | emanuelrabina AT gmail DOT com
73 |
74 | Developer
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 | sonatype-nexus-snapshots
83 | Sonatype Nexus Snapshots
84 | https://oss.sonatype.org/content/repositories/snapshots
85 |
86 | true
87 |
88 |
89 |
90 | jboss
91 | http://repository.jboss.org/nexus/content/groups/public-jboss/
92 |
93 | true
94 |
95 |
96 |
97 | spring-snapshots
98 | Spring Snapshots
99 | https://repo.spring.io/snapshot
100 |
101 | true
102 |
103 |
104 |
105 | spring-milestones
106 | Spring Milestones
107 | https://repo.spring.io/milestone
108 |
109 | false
110 |
111 |
112 |
113 |
114 |
115 |
116 | 6
117 | ${java.version}
118 | ${java.version}
119 | ${java.version}
120 | US-ASCII
121 | 3.0.12.RELEASE
122 | 3.0.3.RELEASE
123 | 5.1.0.RELEASE
124 | 5.1.0.RELEASE
125 |
126 |
127 |
128 |
129 |
130 |
131 |
132 | src/main/resources
133 |
134 |
135 | src/main/java
136 |
137 | **/*.properties
138 | **/*.xml
139 | **/*.html
140 |
141 |
142 |
143 |
144 |
145 |
146 |
147 |
148 |
149 | org.apache.maven.plugins
150 | maven-compiler-plugin
151 | 3.8.1
152 |
153 |
154 |
155 | org.apache.maven.plugins
156 | maven-resources-plugin
157 | 3.2.0
158 |
159 |
160 |
161 | org.apache.maven.plugins
162 | maven-war-plugin
163 | 3.3.1
164 |
165 | false
166 |
167 |
168 |
169 |
170 | org.apache.tomcat.maven
171 | tomcat7-maven-plugin
172 | 2.2
173 |
174 |
175 |
176 |
177 |
178 |
179 |
180 |
181 |
182 |
183 | build-dist
184 |
185 |
186 |
187 | org.apache.maven.plugins
188 | maven-assembly-plugin
189 | 3.1.0
190 |
191 |
192 | make-assembly-dist
193 | package
194 |
195 | single
196 |
197 |
198 |
199 | ${basedir}/src/assembly/sources.xml
200 |
201 | true
202 | ${project.groupId}-${project.artifactId}-${project.version}
203 |
204 |
205 |
206 |
207 |
208 |
209 |
210 |
211 |
212 |
213 |
214 |
215 |
216 |
217 |
218 | org.thymeleaf
219 | thymeleaf-spring5
220 | ${thymeleaf.version}
221 | compile
222 |
223 |
224 |
225 | org.thymeleaf.extras
226 | thymeleaf-extras-springsecurity5
227 | ${thymeleafspringsecurity5.version}
228 | compile
229 |
230 |
231 |
232 | javax.servlet
233 | javax.servlet-api
234 | 3.1.0
235 | provided
236 |
237 |
238 |
239 | org.springframework
240 | spring-core
241 | ${springframework.version}
242 |
243 |
244 | org.springframework
245 | spring-beans
246 | ${springframework.version}
247 |
248 |
249 | org.springframework
250 | spring-context
251 | ${springframework.version}
252 |
253 |
254 | org.springframework
255 | spring-tx
256 | ${springframework.version}
257 |
258 |
259 | org.springframework
260 | spring-webmvc
261 | ${springframework.version}
262 |
263 |
264 |
265 |
266 | org.springframework.security
267 | spring-security-core
268 | ${springsecurity.version}
269 |
270 |
271 | org.springframework.security
272 | spring-security-web
273 | ${springsecurity.version}
274 |
275 |
276 | org.springframework.security
277 | spring-security-config
278 | ${springsecurity.version}
279 |
280 |
281 |
282 |
283 | org.slf4j
284 | slf4j-api
285 | 1.7.25
286 | compile
287 |
288 |
289 |
290 | org.slf4j
291 | slf4j-log4j12
292 | 1.7.25
293 | compile
294 |
295 |
296 |
297 | log4j
298 | log4j
299 | 1.2.15
300 | compile
301 |
302 |
303 | com.sun.jdmk
304 | jmxtools
305 |
306 |
307 | com.sun.jmx
308 | jmxri
309 |
310 |
311 | javax.jms
312 | jms
313 |
314 |
315 |
316 |
317 |
318 |
319 |
320 |
--------------------------------------------------------------------------------
/src/assembly/sources.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 | sources
7 |
8 |
9 | zip
10 |
11 |
12 |
13 |
14 | ${basedir}/src/
15 | /src/
16 |
17 | **/*
18 |
19 |
20 |
21 | ${basedir}/
22 | /
23 |
24 | CONTRIBUTING.markdown
25 | LICENSE.txt
26 | README.txt
27 | BUILD.txt
28 | NOTICE.txt
29 | pom.xml
30 |
31 |
32 |
33 |
34 |
35 |
--------------------------------------------------------------------------------
/src/main/java/thymeleafexamples/springsecurity/SpringSecurityWebApplicationInitializer.java:
--------------------------------------------------------------------------------
1 | /*
2 | * =============================================================================
3 | *
4 | * Copyright (c) 2011-2014, The THYMELEAF team (http://www.thymeleaf.org)
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | * =============================================================================
19 | */
20 | package thymeleafexamples.springsecurity;
21 |
22 | import org.springframework.core.annotation.Order;
23 | import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
24 |
25 |
26 | @Order(2) // Filters declared at the Dispatcher initializer should be registered first
27 | public class SpringSecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
28 |
29 | public SpringSecurityWebApplicationInitializer() {
30 | super();
31 | }
32 |
33 | // Nothing else to implement. We will just use the defaults.
34 | // The extended initializer class will take care of registering the Spring Security filter infrastructure.
35 |
36 | }
37 |
--------------------------------------------------------------------------------
/src/main/java/thymeleafexamples/springsecurity/SpringWebApplicationInitializer.java:
--------------------------------------------------------------------------------
1 | /*
2 | * =============================================================================
3 | *
4 | * Copyright (c) 2011-2014, The THYMELEAF team (http://www.thymeleaf.org)
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | * =============================================================================
19 | */
20 | package thymeleafexamples.springsecurity;
21 |
22 | import javax.servlet.Filter;
23 |
24 | import org.springframework.core.annotation.Order;
25 | import org.springframework.web.filter.CharacterEncodingFilter;
26 | import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
27 | import thymeleafexamples.springsecurity.security.SpringSecurityConfig;
28 | import thymeleafexamples.springsecurity.web.SpringWebConfig;
29 |
30 |
31 | @Order(1) // Filters declared at the Dispatcher initializer should be registered first
32 | public class SpringWebApplicationInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
33 |
34 | public static final String CHARACTER_ENCODING = "UTF-8";
35 |
36 |
37 | public SpringWebApplicationInitializer() {
38 | super();
39 | }
40 |
41 |
42 | @Override
43 | protected Class[] getServletConfigClasses() {
44 | return new Class[] { SpringWebConfig.class };
45 | }
46 |
47 | @Override
48 | protected Class[] getRootConfigClasses() {
49 | return new Class[] { SpringSecurityConfig.class };
50 | }
51 |
52 | @Override
53 | protected String[] getServletMappings() {
54 | return new String[] { "/" };
55 | }
56 |
57 | @Override
58 | protected Filter[] getServletFilters() {
59 | final CharacterEncodingFilter encodingFilter = new CharacterEncodingFilter();
60 | encodingFilter.setEncoding(CHARACTER_ENCODING);
61 | encodingFilter.setForceEncoding(true);
62 | return new Filter[] { encodingFilter };
63 | }
64 |
65 |
66 |
67 | }
68 |
--------------------------------------------------------------------------------
/src/main/java/thymeleafexamples/springsecurity/security/SpringSecurityConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | * =============================================================================
3 | *
4 | * Copyright (c) 2011-2016, The THYMELEAF team (http://www.thymeleaf.org)
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | * =============================================================================
19 | */
20 | package thymeleafexamples.springsecurity.security;
21 |
22 | import org.springframework.context.annotation.Configuration;
23 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
24 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
25 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
26 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
27 |
28 | @Configuration
29 | @EnableWebSecurity
30 | public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
31 |
32 |
33 |
34 |
35 | public SpringSecurityConfig() {
36 | super();
37 | }
38 |
39 |
40 | @Override
41 | protected void configure(final HttpSecurity http) throws Exception {
42 | http
43 | .formLogin()
44 | .loginPage("/login.html")
45 | .failureUrl("/login-error.html")
46 | .and()
47 | .logout()
48 | .logoutSuccessUrl("/index.html")
49 | .and()
50 | .authorizeRequests()
51 | .antMatchers("/admin/**").hasRole("ADMIN")
52 | .antMatchers("/user/**").hasRole("USER")
53 | .antMatchers("/shared/**").hasAnyRole("USER","ADMIN")
54 | .and()
55 | .exceptionHandling()
56 | .accessDeniedPage("/403.html");
57 |
58 | }
59 |
60 |
61 | @Override
62 | protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
63 | auth
64 | .inMemoryAuthentication()
65 | .withUser("jim").password("{noop}demo").roles("ADMIN").and()
66 | .withUser("bob").password("{noop}demo").roles("USER").and()
67 | .withUser("ted").password("{noop}demo").roles("USER","ADMIN");
68 | }
69 |
70 |
71 | }
72 |
--------------------------------------------------------------------------------
/src/main/java/thymeleafexamples/springsecurity/web/SpringWebConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | * =============================================================================
3 | *
4 | * Copyright (c) 2011-2016, The THYMELEAF team (http://www.thymeleaf.org)
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | * =============================================================================
19 | */
20 | package thymeleafexamples.springsecurity.web;
21 |
22 | import org.springframework.beans.BeansException;
23 | import org.springframework.context.ApplicationContext;
24 | import org.springframework.context.ApplicationContextAware;
25 | import org.springframework.context.annotation.Bean;
26 | import org.springframework.context.annotation.ComponentScan;
27 | import org.springframework.context.annotation.Configuration;
28 | import org.springframework.context.support.ResourceBundleMessageSource;
29 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
30 | import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
31 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
32 | import org.thymeleaf.extras.springsecurity5.dialect.SpringSecurityDialect;
33 | import org.thymeleaf.spring5.SpringTemplateEngine;
34 | import org.thymeleaf.spring5.templateresolver.SpringResourceTemplateResolver;
35 | import org.thymeleaf.spring5.view.ThymeleafViewResolver;
36 | import org.thymeleaf.templatemode.TemplateMode;
37 |
38 | @Configuration
39 | @EnableWebMvc
40 | @ComponentScan
41 | public class SpringWebConfig extends WebMvcConfigurerAdapter implements ApplicationContextAware {
42 |
43 |
44 | private ApplicationContext applicationContext;
45 |
46 |
47 |
48 | public SpringWebConfig() {
49 | super();
50 | }
51 |
52 |
53 | public void setApplicationContext(final ApplicationContext applicationContext) throws BeansException {
54 | this.applicationContext = applicationContext;
55 | }
56 |
57 |
58 |
59 | /**
60 | * Message externalization/internationalization
61 | */
62 | @Bean
63 | public ResourceBundleMessageSource messageSource() {
64 | ResourceBundleMessageSource resourceBundleMessageSource = new ResourceBundleMessageSource();
65 | resourceBundleMessageSource.setBasename("Messages");
66 | return resourceBundleMessageSource;
67 | }
68 |
69 | /* **************************************************************** */
70 | /* THYMELEAF-SPECIFIC ARTIFACTS */
71 | /* TemplateResolver <- TemplateEngine <- ViewResolver */
72 | /* **************************************************************** */
73 |
74 | @Bean
75 | public SpringResourceTemplateResolver templateResolver(){
76 | SpringResourceTemplateResolver templateResolver = new SpringResourceTemplateResolver();
77 | templateResolver.setApplicationContext(this.applicationContext);
78 | templateResolver.setPrefix("/WEB-INF/templates/");
79 | templateResolver.setSuffix(".html");
80 | templateResolver.setTemplateMode(TemplateMode.HTML);
81 | // Template cache is true by default. Set to false if you want
82 | // templates to be automatically updated when modified.
83 | templateResolver.setCacheable(true);
84 | return templateResolver;
85 | }
86 |
87 | @Bean
88 | public SpringTemplateEngine templateEngine(){
89 | SpringTemplateEngine templateEngine = new SpringTemplateEngine();
90 | templateEngine.setEnableSpringELCompiler(true); // Compiled SpringEL should speed up executions
91 | templateEngine.setTemplateResolver(templateResolver());
92 | templateEngine.addDialect(new SpringSecurityDialect());
93 | return templateEngine;
94 | }
95 |
96 | @Bean
97 | public ThymeleafViewResolver viewResolver(){
98 | ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
99 | viewResolver.setTemplateEngine(templateEngine());
100 | return viewResolver;
101 | }
102 |
103 | /* ******************************************************************* */
104 | /* Defines callback methods to customize the Java-based configuration */
105 | /* for Spring MVC enabled via {@code @EnableWebMvc} */
106 | /* ******************************************************************* */
107 |
108 | /**
109 | * Dispatcher configuration for serving static resources
110 | */
111 | @Override
112 | public void addResourceHandlers(final ResourceHandlerRegistry registry) {
113 | super.addResourceHandlers(registry);
114 | registry.addResourceHandler("/images/**").addResourceLocations("/images/");
115 | registry.addResourceHandler("/css/**").addResourceLocations("/css/");
116 | registry.addResourceHandler("/js/**").addResourceLocations("/js/");
117 | }
118 |
119 | }
120 |
--------------------------------------------------------------------------------
/src/main/java/thymeleafexamples/springsecurity/web/controller/ErrorController.java:
--------------------------------------------------------------------------------
1 | /*
2 | * =============================================================================
3 | *
4 | * Copyright (c) 2011-2016, The THYMELEAF team (http://www.thymeleaf.org)
5 | *
6 | * Licensed under the Apache License, Version 2.0 (the "License");
7 | * you may not use this file except in compliance with the License.
8 | * You may obtain a copy of the License at
9 | *
10 | * http://www.apache.org/licenses/LICENSE-2.0
11 | *
12 | * Unless required by applicable law or agreed to in writing, software
13 | * distributed under the License is distributed on an "AS IS" BASIS,
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | * See the License for the specific language governing permissions and
16 | * limitations under the License.
17 | *
18 | * =============================================================================
19 | */
20 | package thymeleafexamples.springsecurity.web.controller;
21 |
22 | import org.slf4j.Logger;
23 | import org.slf4j.LoggerFactory;
24 | import org.springframework.http.HttpStatus;
25 | import org.springframework.ui.Model;
26 | import org.springframework.web.bind.annotation.ControllerAdvice;
27 | import org.springframework.web.bind.annotation.ExceptionHandler;
28 | import org.springframework.web.bind.annotation.ResponseStatus;
29 |
30 | @ControllerAdvice
31 | public class ErrorController {
32 |
33 | private static Logger logger = LoggerFactory.getLogger(ErrorController.class);
34 |
35 | @ExceptionHandler(Throwable.class)
36 | @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
37 | public String exception(final Throwable throwable, final Model model) {
38 | logger.error("Exception during execution of SpringSecurity application", throwable);
39 | String errorMessage = (throwable != null ? throwable.getMessage() : "Unknown error");
40 | model.addAttribute("errorMessage", errorMessage);
41 | return "error";
42 | }
43 |
44 | }
45 |
--------------------------------------------------------------------------------
/src/main/java/thymeleafexamples/springsecurity/web/controller/MainController.java:
--------------------------------------------------------------------------------
1 | package thymeleafexamples.springsecurity.web.controller;
2 |
3 | import java.util.Locale;
4 |
5 | import javax.servlet.http.HttpServletRequest;
6 |
7 | import org.springframework.stereotype.Controller;
8 | import org.springframework.ui.Model;
9 | import org.springframework.web.bind.annotation.RequestMapping;
10 | import org.unbescape.html.HtmlEscape;
11 |
12 | /**
13 | * Application home page and login.
14 | */
15 | @Controller
16 | public class MainController {
17 |
18 | @RequestMapping("/")
19 | public String root(Locale locale) {
20 | return "redirect:/index.html";
21 | }
22 |
23 | /** Home page. */
24 | @RequestMapping("/index.html")
25 | public String index() {
26 | return "index";
27 | }
28 |
29 | /** User zone index. */
30 | @RequestMapping("/user/index.html")
31 | public String userIndex() {
32 | return "user/index";
33 | }
34 |
35 | /** Administration zone index. */
36 | @RequestMapping("/admin/index.html")
37 | public String adminIndex() {
38 | return "admin/index";
39 | }
40 |
41 | /** Shared zone index. */
42 | @RequestMapping("/shared/index.html")
43 | public String sharedIndex() {
44 | return "shared/index";
45 | }
46 |
47 | /** Login form. */
48 | @RequestMapping("/login.html")
49 | public String login() {
50 | return "login";
51 | }
52 |
53 | /** Login form with error. */
54 | @RequestMapping("/login-error.html")
55 | public String loginError(Model model) {
56 | model.addAttribute("loginError", true);
57 | return "login";
58 | }
59 |
60 | /** Simulation of an exception. */
61 | @RequestMapping("/simulateError.html")
62 | public void simulateError() {
63 | throw new RuntimeException("This is a simulated error message");
64 | }
65 |
66 | /** Error page. */
67 | @RequestMapping("/error.html")
68 | public String error(HttpServletRequest request, Model model) {
69 | model.addAttribute("errorCode", "Error " + request.getAttribute("javax.servlet.error.status_code"));
70 | Throwable throwable = (Throwable) request.getAttribute("javax.servlet.error.exception");
71 | StringBuilder errorMessage = new StringBuilder();
72 | errorMessage.append("