Phillip Webb
commit
1d04fbc085
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.actuate.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.actuate.autoconfigure.security.web.reactive;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
|
|
@ -49,7 +49,7 @@ import org.springframework.web.server.ServerWebExchange;
|
|||
* endpoint locations.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
*/
|
||||
public final class EndpointRequest {
|
||||
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.actuate.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.actuate.autoconfigure.security.web.reactive;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.health.HealthEndpointAutoConfiguration;
|
||||
|
|
@ -27,8 +27,8 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
|||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.reactive.ReactiveOAuth2ClientAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.ReactiveOAuth2ClientAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
|
||||
|
|
@ -48,7 +48,7 @@ import org.springframework.security.web.server.WebFilterChainProxy;
|
|||
@ConditionalOnClass({ EnableWebFluxSecurity.class, WebFilterChainProxy.class })
|
||||
@ConditionalOnMissingBean({ SecurityWebFilterChain.class, WebFilterChainProxy.class })
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
|
||||
@AutoConfigureBefore(ReactiveSecurityAutoConfiguration.class)
|
||||
@AutoConfigureBefore(ReactiveWebSecurityAutoConfiguration.class)
|
||||
@AutoConfigureAfter({ HealthEndpointAutoConfiguration.class,
|
||||
InfoEndpointAutoConfiguration.class, WebEndpointAutoConfiguration.class,
|
||||
ReactiveOAuth2ClientAutoConfiguration.class })
|
||||
|
|
@ -17,4 +17,4 @@
|
|||
/**
|
||||
* Auto-configuration for actuator security using WebFlux.
|
||||
*/
|
||||
package org.springframework.boot.actuate.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.actuate.autoconfigure.security.web.reactive;
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.actuate.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.actuate.autoconfigure.security.web.servlet;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
|
|
@ -34,7 +34,7 @@ import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointPr
|
|||
import org.springframework.boot.actuate.endpoint.EndpointId;
|
||||
import org.springframework.boot.actuate.endpoint.annotation.Endpoint;
|
||||
import org.springframework.boot.actuate.endpoint.web.PathMappedEndpoints;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.RequestMatcherProvider;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.RequestMatcherProvider;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletPath;
|
||||
import org.springframework.boot.security.servlet.ApplicationContextRequestMatcher;
|
||||
import org.springframework.core.annotation.AnnotatedElementUtils;
|
||||
|
|
@ -51,7 +51,7 @@ import org.springframework.web.context.WebApplicationContext;
|
|||
*
|
||||
* @author Madhura Bhave
|
||||
* @author Phillip Webb
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
*/
|
||||
public final class EndpointRequest {
|
||||
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.actuate.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.actuate.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.health.HealthEndpointAutoConfiguration;
|
||||
|
|
@ -25,9 +25,9 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
|||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.WebSecurityEnablerConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.web.OAuth2ClientAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.EnableWebSecurityConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
|
@ -44,12 +44,12 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||
@ConditionalOnClass(WebSecurityConfigurerAdapter.class)
|
||||
@ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class)
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
|
||||
@AutoConfigureBefore(SecurityAutoConfiguration.class)
|
||||
@AutoConfigureBefore(ServletWebSecurityAutoConfiguration.class)
|
||||
@AutoConfigureAfter({ HealthEndpointAutoConfiguration.class,
|
||||
InfoEndpointAutoConfiguration.class, WebEndpointAutoConfiguration.class,
|
||||
OAuth2ClientAutoConfiguration.class })
|
||||
@Import({ ManagementWebSecurityConfigurerAdapter.class,
|
||||
WebSecurityEnablerConfiguration.class })
|
||||
EnableWebSecurityConfiguration.class })
|
||||
public class ManagementWebSecurityAutoConfiguration {
|
||||
|
||||
}
|
||||
|
|
@ -14,23 +14,22 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.actuate.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.actuate.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.boot.actuate.health.HealthEndpoint;
|
||||
import org.springframework.boot.actuate.info.InfoEndpoint;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.SpringBootWebSecurityConfiguration;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
/**
|
||||
* The default configuration for web security when the actuator dependency is on the
|
||||
* classpath. It is different from
|
||||
* {@link org.springframework.boot.autoconfigure.security.servlet.SpringBootWebSecurityConfiguration}
|
||||
* in that it allows unauthenticated access to the {@link HealthEndpoint} and
|
||||
* {@link InfoEndpoint}. If the user specifies their own
|
||||
* {@link WebSecurityConfigurerAdapter}, this will back-off completely and the user should
|
||||
* specify all the bits that they want to configure as part of the custom security
|
||||
* configuration.
|
||||
* classpath. It is different from {@link SpringBootWebSecurityConfiguration} in that it
|
||||
* allows unauthenticated access to the {@link HealthEndpoint} and {@link InfoEndpoint}.
|
||||
* If the user specifies their own {@link WebSecurityConfigurerAdapter}, this will
|
||||
* back-off completely and the user should specify all the bits that they want to
|
||||
* configure as part of the custom security configuration.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
*/
|
||||
|
|
@ -17,4 +17,4 @@
|
|||
/**
|
||||
* Auto-configuration for actuator security using Spring MVC.
|
||||
*/
|
||||
package org.springframework.boot.actuate.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.actuate.autoconfigure.security.web.servlet;
|
||||
|
|
@ -76,8 +76,8 @@ org.springframework.boot.actuate.autoconfigure.neo4j.Neo4jHealthIndicatorAutoCon
|
|||
org.springframework.boot.actuate.autoconfigure.redis.RedisHealthIndicatorAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.redis.RedisReactiveHealthIndicatorAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.scheduling.ScheduledTasksEndpointAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.security.reactive.ReactiveManagementWebSecurityAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.security.web.reactive.ReactiveManagementWebSecurityAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.security.web.servlet.ManagementWebSecurityAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.session.SessionsEndpointAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.solr.SolrHealthIndicatorAutoConfiguration,\
|
||||
org.springframework.boot.actuate.autoconfigure.system.DiskSpaceHealthIndicatorAutoConfiguration,\
|
||||
|
|
|
|||
|
|
@ -27,8 +27,8 @@ import org.springframework.boot.autoconfigure.AutoConfigurations;
|
|||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveUserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.ReactiveUserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.reactive.WebFluxAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.reactive.function.client.WebClientAutoConfiguration;
|
||||
import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
|
||||
|
|
@ -45,7 +45,7 @@ public class CloudFoundryReactiveHealthEndpointWebExtensionTests {
|
|||
private ReactiveWebApplicationContextRunner contextRunner = new ReactiveWebApplicationContextRunner()
|
||||
.withPropertyValues("VCAP_APPLICATION={}")
|
||||
.withConfiguration(AutoConfigurations.of(
|
||||
ReactiveSecurityAutoConfiguration.class,
|
||||
ReactiveWebSecurityAutoConfiguration.class,
|
||||
ReactiveUserDetailsServiceAutoConfiguration.class,
|
||||
WebFluxAutoConfiguration.class, JacksonAutoConfiguration.class,
|
||||
HttpMessageConvertersAutoConfiguration.class,
|
||||
|
|
|
|||
|
|
@ -44,8 +44,8 @@ import org.springframework.boot.autoconfigure.AutoConfigurations;
|
|||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveUserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.ReactiveUserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.reactive.WebFluxAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.reactive.function.client.WebClientAutoConfiguration;
|
||||
import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
|
||||
|
|
@ -76,7 +76,7 @@ public class ReactiveCloudFoundryActuatorAutoConfigurationTests {
|
|||
|
||||
private final ReactiveWebApplicationContextRunner contextRunner = new ReactiveWebApplicationContextRunner()
|
||||
.withConfiguration(AutoConfigurations.of(
|
||||
ReactiveSecurityAutoConfiguration.class,
|
||||
ReactiveWebSecurityAutoConfiguration.class,
|
||||
ReactiveUserDetailsServiceAutoConfiguration.class,
|
||||
WebFluxAutoConfiguration.class, JacksonAutoConfiguration.class,
|
||||
HttpMessageConvertersAutoConfiguration.class,
|
||||
|
|
|
|||
|
|
@ -38,7 +38,8 @@ import org.springframework.boot.autoconfigure.AutoConfigurations;
|
|||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.client.RestTemplateAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
|
||||
|
|
@ -70,6 +71,7 @@ public class CloudFoundryActuatorAutoConfigurationTests {
|
|||
|
||||
private final WebApplicationContextRunner contextRunner = new WebApplicationContextRunner()
|
||||
.withConfiguration(AutoConfigurations.of(SecurityAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class,
|
||||
WebMvcAutoConfiguration.class, JacksonAutoConfiguration.class,
|
||||
DispatcherServletAutoConfiguration.class,
|
||||
HttpMessageConvertersAutoConfiguration.class,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ import org.springframework.boot.autoconfigure.AutoConfigurations;
|
|||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.client.RestTemplateAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
|
||||
|
|
|
|||
|
|
@ -31,7 +31,8 @@ import org.springframework.boot.autoconfigure.ImportAutoConfiguration;
|
|||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
|
||||
import org.springframework.boot.test.util.TestPropertyValues;
|
||||
|
|
@ -118,7 +119,8 @@ public class ControllerEndpointWebMvcIntegrationTests {
|
|||
}
|
||||
|
||||
@Import(DefaultConfiguration.class)
|
||||
@ImportAutoConfiguration({ SecurityAutoConfiguration.class })
|
||||
@ImportAutoConfiguration({ SecurityAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class })
|
||||
static class SecureConfiguration {
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,7 +39,8 @@ import org.springframework.boot.autoconfigure.data.rest.RepositoryRestMvcAutoCon
|
|||
import org.springframework.boot.autoconfigure.hateoas.HypermediaAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
|
||||
import org.springframework.boot.test.util.TestPropertyValues;
|
||||
|
|
@ -164,7 +165,8 @@ public class WebMvcEndpointIntegrationTests {
|
|||
}
|
||||
|
||||
@Import(DefaultConfiguration.class)
|
||||
@ImportAutoConfiguration({ SecurityAutoConfiguration.class })
|
||||
@ImportAutoConfiguration({ SecurityAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class })
|
||||
static class SecureConfiguration {
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ import org.assertj.core.api.AssertDelegateTarget;
|
|||
import org.junit.Test;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.web.reactive.EndpointRequest;
|
||||
import org.springframework.boot.actuate.endpoint.EndpointId;
|
||||
import org.springframework.boot.actuate.endpoint.ExposableEndpoint;
|
||||
import org.springframework.boot.actuate.endpoint.Operation;
|
||||
|
|
|
|||
|
|
@ -30,9 +30,10 @@ import org.springframework.boot.actuate.autoconfigure.env.EnvironmentEndpointAut
|
|||
import org.springframework.boot.actuate.autoconfigure.health.HealthEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.health.HealthIndicatorAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.info.InfoEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.web.reactive.ReactiveManagementWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.AutoConfigurations;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveUserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.ReactiveUserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.test.context.assertj.AssertableReactiveWebApplicationContext;
|
||||
import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
|
|
@ -69,7 +70,7 @@ public class ReactiveManagementWebSecurityAutoConfigurationTests {
|
|||
InfoEndpointAutoConfiguration.class,
|
||||
EnvironmentEndpointAutoConfiguration.class,
|
||||
EndpointAutoConfiguration.class, WebEndpointAutoConfiguration.class,
|
||||
ReactiveSecurityAutoConfiguration.class,
|
||||
ReactiveWebSecurityAutoConfiguration.class,
|
||||
ReactiveUserDetailsServiceAutoConfiguration.class,
|
||||
ReactiveManagementWebSecurityAutoConfiguration.class));
|
||||
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ import org.assertj.core.api.AssertDelegateTarget;
|
|||
import org.junit.Test;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.web.servlet.EndpointRequest;
|
||||
import org.springframework.boot.actuate.endpoint.EndpointId;
|
||||
import org.springframework.boot.actuate.endpoint.ExposableEndpoint;
|
||||
import org.springframework.boot.actuate.endpoint.Operation;
|
||||
|
|
@ -32,7 +33,7 @@ import org.springframework.boot.actuate.endpoint.annotation.Endpoint;
|
|||
import org.springframework.boot.actuate.endpoint.web.PathMappedEndpoint;
|
||||
import org.springframework.boot.actuate.endpoint.web.PathMappedEndpoints;
|
||||
import org.springframework.boot.actuate.endpoint.web.annotation.ServletEndpoint;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.RequestMatcherProvider;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.RequestMatcherProvider;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletPath;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockServletContext;
|
||||
|
|
|
|||
|
|
@ -27,8 +27,10 @@ import org.springframework.boot.actuate.autoconfigure.env.EnvironmentEndpointAut
|
|||
import org.springframework.boot.actuate.autoconfigure.health.HealthEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.health.HealthIndicatorAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.info.InfoEndpointAutoConfiguration;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.web.servlet.ManagementWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.AutoConfigurations;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.test.context.assertj.AssertableWebApplicationContext;
|
||||
import org.springframework.boot.test.context.runner.WebApplicationContextRunner;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
|
@ -58,6 +60,7 @@ public class ManagementWebSecurityAutoConfigurationTests {
|
|||
EnvironmentEndpointAutoConfiguration.class,
|
||||
EndpointAutoConfiguration.class, WebEndpointAutoConfiguration.class,
|
||||
SecurityAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class,
|
||||
ManagementWebSecurityAutoConfiguration.class));
|
||||
|
||||
@Test
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.regex.Pattern;
|
||||
|
|
@ -26,7 +26,6 @@ import org.springframework.beans.factory.ObjectProvider;
|
|||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.authentication.ReactiveAuthenticationManager;
|
||||
|
|
@ -38,12 +37,17 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
|||
import org.springframework.util.StringUtils;
|
||||
|
||||
/**
|
||||
* Default user {@link Configuration} for a reactive web application. Configures a
|
||||
* Default user {@link Configuration} for a reactive application. Configures a
|
||||
* {@link ReactiveUserDetailsService} with a default user and generated password. This
|
||||
* backs-off completely if there is a bean of type {@link ReactiveUserDetailsService} or
|
||||
* {@link ReactiveAuthenticationManager}.
|
||||
* <p>
|
||||
* Note that the current reactive application detection mechanism is limited to web
|
||||
* applications only. If you're writing a non-web application you will currently need to
|
||||
* configure reactive security yourself.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnClass({ ReactiveAuthenticationManager.class })
|
||||
|
|
@ -14,20 +14,18 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security;
|
||||
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityDataConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.security.authentication.AuthenticationEventPublisher;
|
||||
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
|
||||
import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
|
||||
|
||||
/**
|
||||
* {@link EnableAutoConfiguration Auto-configuration} for Spring Security.
|
||||
|
|
@ -35,12 +33,12 @@ import org.springframework.security.authentication.DefaultAuthenticationEventPub
|
|||
* @author Dave Syer
|
||||
* @author Andy Wilkinson
|
||||
* @author Madhura Bhave
|
||||
* @author Rob Winch
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnClass(DefaultAuthenticationEventPublisher.class)
|
||||
@EnableConfigurationProperties(SecurityProperties.class)
|
||||
@Import({ SpringBootWebSecurityConfiguration.class, WebSecurityEnablerConfiguration.class,
|
||||
SecurityDataConfiguration.class })
|
||||
public class SecurityAutoConfiguration {
|
||||
|
||||
@Bean
|
||||
|
|
@ -50,4 +48,16 @@ public class SecurityAutoConfiguration {
|
|||
return new DefaultAuthenticationEventPublisher(publisher);
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@ConditionalOnClass(SecurityEvaluationContextExtension.class)
|
||||
static class SecurityDataConfiguration {
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
|
||||
return new SecurityEvaluationContextExtension();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,41 +0,0 @@
|
|||
/*
|
||||
* Copyright 2012-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
|
||||
|
||||
/**
|
||||
* Automatically adds Spring Security's integration with Spring Data.
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @since 1.3
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnClass(SecurityEvaluationContextExtension.class)
|
||||
public class SecurityDataConfiguration {
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
|
||||
return new SecurityEvaluationContextExtension();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.regex.Pattern;
|
||||
|
|
@ -27,7 +27,6 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
|||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Lazy;
|
||||
|
|
@ -50,6 +49,7 @@ import org.springframework.util.StringUtils;
|
|||
* @author Dave Syer
|
||||
* @author Rob Winch
|
||||
* @author Madhura Bhave
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnClass(AuthenticationManager.class)
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
|
@ -27,10 +27,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
|||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.condition.NoneNestedConditions;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.ClientsConfiguredCondition;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
|
|
@ -52,7 +49,7 @@ import org.springframework.security.oauth2.client.web.server.ServerOAuth2Authori
|
|||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@AutoConfigureBefore(ReactiveSecurityAutoConfiguration.class)
|
||||
@AutoConfigureBefore(ReactiveWebSecurityAutoConfiguration.class)
|
||||
@EnableConfigurationProperties(OAuth2ClientProperties.class)
|
||||
@Conditional(ReactiveOAuth2ClientAutoConfiguration.NonServletApplicationCondition.class)
|
||||
@ConditionalOnClass({ Flux.class, EnableWebFluxSecurity.class, ClientRegistration.class })
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
/*
|
||||
* Copyright 2012-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Auto-configuration for Spring Security's Reactive OAuth 2 client.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
/*
|
||||
* Copyright 2012-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Auto-configuration for Spring Security's OAuth 2 client.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.servlet;
|
||||
|
|
@ -14,13 +14,13 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.web;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
|
|
@ -31,7 +31,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
|
|||
*
|
||||
* @author Madhura Bhave
|
||||
* @author Phillip Webb
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@AutoConfigureBefore(SecurityAutoConfiguration.class)
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.web;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.web;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
|
|
@ -33,7 +33,7 @@ import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepo
|
|||
*
|
||||
* @author Madhura Bhave
|
||||
* @author Phillip Webb
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnBean(ClientRegistrationRepository.class)
|
||||
|
|
@ -13,14 +13,13 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
|
|
@ -13,12 +13,10 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.resource.IssuerUriCondition;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
|
|
@ -13,14 +13,13 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
|
|
@ -35,7 +34,7 @@ import org.springframework.security.oauth2.server.resource.BearerTokenAuthentica
|
|||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@AutoConfigureBefore(ReactiveSecurityAutoConfiguration.class)
|
||||
@AutoConfigureBefore(ReactiveWebSecurityAutoConfiguration.class)
|
||||
@EnableConfigurationProperties(OAuth2ResourceServerProperties.class)
|
||||
@ConditionalOnClass({ EnableWebFluxSecurity.class, BearerTokenAuthenticationToken.class })
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
|
||||
|
|
@ -13,12 +13,10 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.resource.IssuerUriCondition;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
/*
|
||||
* Copyright 2012-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Auto-configuration for Spring Security's Reactive OAuth2 resource server.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.reactive;
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
/*
|
||||
* Copyright 2012-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Auto-configuration for Spring Security's OAuth2 resource server.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.servlet;
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.web.reactive;
|
||||
|
||||
import org.springframework.boot.autoconfigure.security.StaticResourceLocation;
|
||||
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
|
||||
|
|
@ -14,14 +14,16 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.web.reactive;
|
||||
|
||||
import reactor.core.publisher.Flux;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
|
@ -42,7 +44,8 @@ import org.springframework.security.web.server.WebFilterChainProxy;
|
|||
@EnableConfigurationProperties(SecurityProperties.class)
|
||||
@ConditionalOnClass({ Flux.class, EnableWebFluxSecurity.class,
|
||||
WebFilterChainProxy.class })
|
||||
public class ReactiveSecurityAutoConfiguration {
|
||||
@AutoConfigureAfter(SecurityAutoConfiguration.class)
|
||||
public class ReactiveWebSecurityAutoConfiguration {
|
||||
|
||||
@Configuration
|
||||
@ConditionalOnMissingBean(WebFilterChainProxy.class)
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.web.reactive;
|
||||
|
||||
import java.util.EnumSet;
|
||||
import java.util.LinkedHashSet;
|
||||
|
|
@ -17,4 +17,4 @@
|
|||
/**
|
||||
* Auto-configuration for reactive Spring Security.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.web.reactive;
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
|
|
@ -33,13 +33,13 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||
* been configured by the user, this will back-off.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnBean(WebSecurityConfigurerAdapter.class)
|
||||
@ConditionalOnMissingBean(name = BeanIds.SPRING_SECURITY_FILTER_CHAIN)
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
|
||||
@EnableWebSecurity
|
||||
public class WebSecurityEnablerConfiguration {
|
||||
public class EnableWebSecurityConfiguration {
|
||||
|
||||
}
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
|
@ -24,7 +24,7 @@ import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
|||
* used for Spring MVC applications.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.0.5
|
||||
* @since 2.1.0
|
||||
*/
|
||||
public class MvcRequestMatcherProvider implements RequestMatcherProvider {
|
||||
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import java.util.function.Supplier;
|
||||
|
||||
|
|
@ -31,7 +31,7 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
|
|||
*
|
||||
* @author Madhura Bhave
|
||||
* @author Phillip Webb
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
*/
|
||||
public final class PathRequest {
|
||||
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
|
|
@ -22,7 +22,7 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
|
|||
* Spring Security.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.0.5
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@FunctionalInterface
|
||||
public interface RequestMatcherProvider {
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import java.util.EnumSet;
|
||||
import java.util.stream.Collectors;
|
||||
|
|
@ -22,12 +22,14 @@ import java.util.stream.Collectors;
|
|||
import javax.servlet.DispatcherType;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication.Type;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.boot.autoconfigure.security.UserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.boot.web.servlet.DelegatingFilterProxyRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
|
|
@ -45,14 +47,15 @@ import org.springframework.security.web.context.AbstractSecurityWebApplicationIn
|
|||
* @author Rob Winch
|
||||
* @author Phillip Webb
|
||||
* @author Andy Wilkinson
|
||||
* @since 1.3
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnWebApplication(type = Type.SERVLET)
|
||||
@EnableConfigurationProperties(SecurityProperties.class)
|
||||
@ConditionalOnClass({ AbstractSecurityWebApplicationInitializer.class,
|
||||
SessionCreationPolicy.class })
|
||||
@AutoConfigureAfter(SecurityAutoConfiguration.class)
|
||||
@AutoConfigureAfter(ServletWebSecurityAutoConfiguration.class)
|
||||
@AutoConfigureBefore(UserDetailsServiceAutoConfiguration.class)
|
||||
public class SecurityFilterAutoConfiguration {
|
||||
|
||||
private static final String DEFAULT_FILTER_NAME = AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME;
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
|
|
@ -28,7 +28,7 @@ import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
|||
* Auto-configuration for {@link RequestMatcherProvider}.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.0.5
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnClass({ RequestMatcher.class, DispatcherServlet.class })
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
/*
|
||||
* Copyright 2012-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
|
||||
|
||||
/**
|
||||
* {@link EnableAutoConfiguration Auto-configuration} for Spring Security in a servlet web
|
||||
* application.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@EnableConfigurationProperties(SecurityProperties.class)
|
||||
@ConditionalOnClass(DefaultAuthenticationEventPublisher.class)
|
||||
@AutoConfigureAfter(SecurityAutoConfiguration.class)
|
||||
@Import({ SpringBootWebSecurityConfiguration.class,
|
||||
EnableWebSecurityConfiguration.class })
|
||||
public class ServletWebSecurityAutoConfiguration {
|
||||
|
||||
}
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
|
|
@ -33,7 +33,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||
* part of the custom security configuration.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
*/
|
||||
@Configuration
|
||||
@ConditionalOnClass(WebSecurityConfigurerAdapter.class)
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import java.util.EnumSet;
|
||||
import java.util.LinkedHashSet;
|
||||
|
|
@ -40,7 +40,7 @@ import org.springframework.util.Assert;
|
|||
*
|
||||
* @author Madhura Bhave
|
||||
* @author Phillip Webb
|
||||
* @since 2.0.0
|
||||
* @since 2.1.0
|
||||
* @see PathRequest
|
||||
*/
|
||||
public final class StaticResourceRequest {
|
||||
|
|
@ -17,4 +17,4 @@
|
|||
/**
|
||||
* Auto-configuration for Servlet-based Spring Security.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
|
@ -99,18 +99,19 @@ org.springframework.boot.autoconfigure.mustache.MustacheAutoConfiguration,\
|
|||
org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.quartz.QuartzAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.reactor.core.ReactorCoreAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.servlet.SecurityRequestMatcherProviderAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.servlet.SecurityFilterAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.reactive.ReactiveUserDetailsServiceAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.ReactiveUserDetailsServiceAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.UserDetailsServiceAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.web.servlet.SecurityRequestMatcherProviderAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.web.servlet.SecurityFilterAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.sendgrid.SendGridAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.session.SessionAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.client.reactive.ReactiveOAuth2ClientAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.resource.servlet.OAuth2ResourceServerAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.resource.reactive.ReactiveOAuth2ResourceServerAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.client.web.OAuth2ClientAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.client.ReactiveOAuth2ClientAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.oauth2.resource.ReactiveOAuth2ResourceServerAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.solr.SolrAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.task.TaskExecutionAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.task.TaskSchedulingAutoConfiguration,\
|
||||
|
|
|
|||
|
|
@ -14,13 +14,12 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security;
|
||||
|
||||
import org.junit.Test;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigurations;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
|
|
@ -81,8 +80,6 @@ public class ReactiveUserDetailsServiceAutoConfigurationTests {
|
|||
this.contextRunner
|
||||
.withUserConfiguration(AuthenticationManagerConfig.class,
|
||||
TestSecurityConfiguration.class)
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
|
||||
.run((context) -> assertThat(context)
|
||||
.getBean(ReactiveUserDetailsService.class).isNull());
|
||||
}
|
||||
|
|
@ -14,11 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
|
||||
import java.util.EnumSet;
|
||||
|
||||
import javax.servlet.DispatcherType;
|
||||
package org.springframework.boot.autoconfigure.security;
|
||||
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
|
|
@ -29,24 +25,20 @@ import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoCon
|
|||
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.orm.jpa.test.City;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.SecurityFilterAutoConfiguration;
|
||||
import org.springframework.boot.test.context.runner.WebApplicationContextRunner;
|
||||
import org.springframework.boot.test.rule.OutputCapture;
|
||||
import org.springframework.boot.web.servlet.DelegatingFilterProxyRegistrationBean;
|
||||
import org.springframework.boot.web.servlet.filter.OrderedFilter;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.orm.jpa.JpaTransactionManager;
|
||||
import org.springframework.security.authentication.AuthenticationEventPublisher;
|
||||
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.test.util.ReflectionTestUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
|
|
@ -67,27 +59,6 @@ public class SecurityAutoConfigurationTests {
|
|||
@Rule
|
||||
public OutputCapture outputCapture = new OutputCapture();
|
||||
|
||||
@Test
|
||||
public void testWebConfiguration() {
|
||||
this.contextRunner.run((context) -> {
|
||||
assertThat(context.getBean(AuthenticationManagerBuilder.class)).isNotNull();
|
||||
assertThat(context.getBean(FilterChainProxy.class).getFilterChains())
|
||||
.hasSize(1);
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDefaultFilterOrderWithSecurityAdapter() {
|
||||
this.contextRunner
|
||||
.withConfiguration(AutoConfigurations.of(WebSecurity.class,
|
||||
SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> assertThat(context
|
||||
.getBean("securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class)
|
||||
.getOrder()).isEqualTo(
|
||||
OrderedFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER - 100));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFilterIsNotRegisteredInNonWeb() {
|
||||
try (AnnotationConfigApplicationContext customContext = new AnnotationConfigApplicationContext()) {
|
||||
|
|
@ -116,30 +87,6 @@ public class SecurityAutoConfigurationTests {
|
|||
AuthenticationEventPublisherConfiguration.TestAuthenticationEventPublisher.class));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDefaultFilterOrder() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> assertThat(context
|
||||
.getBean("securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class)
|
||||
.getOrder()).isEqualTo(
|
||||
OrderedFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER - 100));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCustomFilterOrder() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.withPropertyValues("spring.security.filter.order:12345").run(
|
||||
(context) -> assertThat(context
|
||||
.getBean("securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class)
|
||||
.getOrder()).isEqualTo(12345));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testJpaCoexistsHappily() {
|
||||
this.contextRunner
|
||||
|
|
@ -161,42 +108,6 @@ public class SecurityAutoConfigurationTests {
|
|||
.getBean(SecurityEvaluationContextExtension.class).isNotNull());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void defaultFilterDispatcherTypes() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> {
|
||||
DelegatingFilterProxyRegistrationBean bean = context.getBean(
|
||||
"securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class);
|
||||
@SuppressWarnings("unchecked")
|
||||
EnumSet<DispatcherType> dispatcherTypes = (EnumSet<DispatcherType>) ReflectionTestUtils
|
||||
.getField(bean, "dispatcherTypes");
|
||||
assertThat(dispatcherTypes).containsOnly(DispatcherType.ASYNC,
|
||||
DispatcherType.ERROR, DispatcherType.REQUEST);
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customFilterDispatcherTypes() {
|
||||
this.contextRunner
|
||||
.withPropertyValues(
|
||||
"spring.security.filter.dispatcher-types:INCLUDE,ERROR")
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> {
|
||||
DelegatingFilterProxyRegistrationBean bean = context.getBean(
|
||||
"securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class);
|
||||
@SuppressWarnings("unchecked")
|
||||
EnumSet<DispatcherType> dispatcherTypes = (EnumSet<DispatcherType>) ReflectionTestUtils
|
||||
.getField(bean, "dispatcherTypes");
|
||||
assertThat(dispatcherTypes).containsOnly(DispatcherType.INCLUDE,
|
||||
DispatcherType.ERROR);
|
||||
});
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@TestAutoConfigurationPackage(City.class)
|
||||
protected static class EntityConfiguration {
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security;
|
||||
|
||||
import java.util.Collections;
|
||||
|
||||
|
|
@ -22,7 +22,6 @@ import org.junit.Rule;
|
|||
import org.junit.Test;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigurations;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.boot.test.context.runner.ApplicationContextRunner;
|
||||
import org.springframework.boot.test.rule.OutputCapture;
|
||||
|
|
@ -24,7 +24,7 @@ import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoCon
|
|||
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jdbc.EmbeddedDataSourceConfiguration;
|
||||
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.test.context.SpringBootContextLoader;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.web;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client.web;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Collections;
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.web.reactive;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
|
|
@ -14,11 +14,12 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.web.reactive;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigurations;
|
||||
import org.springframework.boot.autoconfigure.security.ReactiveUserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
|
@ -28,11 +29,11 @@ import static org.assertj.core.api.Assertions.assertThat;
|
|||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
* Tests for {@link ReactiveSecurityAutoConfiguration}.
|
||||
* Tests for {@link ReactiveWebSecurityAutoConfiguration}.
|
||||
*
|
||||
* @author Madhura Bhave
|
||||
*/
|
||||
public class ReactiveSecurityAutoConfigurationTests {
|
||||
public class ReactiveWebSecurityAutoConfigurationTests {
|
||||
|
||||
private ReactiveWebApplicationContextRunner contextRunner = new ReactiveWebApplicationContextRunner();
|
||||
|
||||
|
|
@ -40,7 +41,7 @@ public class ReactiveSecurityAutoConfigurationTests {
|
|||
public void backsOffWhenWebFilterChainProxyBeanPresent() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
|
||||
AutoConfigurations.of(ReactiveWebSecurityAutoConfiguration.class))
|
||||
.withUserConfiguration(WebFilterChainProxyConfiguration.class)
|
||||
.run((context) -> assertThat(context)
|
||||
.hasSingleBean(WebFilterChainProxy.class));
|
||||
|
|
@ -50,7 +51,7 @@ public class ReactiveSecurityAutoConfigurationTests {
|
|||
public void enablesWebFluxSecurity() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class,
|
||||
AutoConfigurations.of(ReactiveWebSecurityAutoConfiguration.class,
|
||||
ReactiveUserDetailsServiceAutoConfiguration.class))
|
||||
.run((context) -> assertThat(context).getBean(WebFilterChainProxy.class)
|
||||
.isNotNull());
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.reactive;
|
||||
package org.springframework.boot.autoconfigure.security.web.reactive;
|
||||
|
||||
import org.assertj.core.api.AssertDelegateTarget;
|
||||
import org.junit.Test;
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonParser;
|
||||
import com.fasterxml.jackson.databind.DeserializationContext;
|
||||
|
|
@ -28,6 +28,8 @@ import org.springframework.boot.autoconfigure.ImportAutoConfiguration;
|
|||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.UserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
|
||||
import org.springframework.boot.test.rule.OutputCapture;
|
||||
|
|
@ -80,6 +82,7 @@ public class SecurityFilterAutoConfigurationEarlyInitializationTests {
|
|||
DispatcherServletAutoConfiguration.class, SecurityAutoConfiguration.class,
|
||||
UserDetailsServiceAutoConfiguration.class,
|
||||
SecurityFilterAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class,
|
||||
PropertyPlaceholderAutoConfiguration.class })
|
||||
static class Config {
|
||||
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
|
|
@ -22,16 +22,16 @@ import org.springframework.boot.autoconfigure.ImportAutoConfiguration;
|
|||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfigurationTests.WebSecurity;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.ConverterBean;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.DeserializerBean;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.ExampleController;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.JacksonModuleBean;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.ConverterBean;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.DeserializerBean;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.ExampleController;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.SecurityFilterAutoConfigurationEarlyInitializationTests.JacksonModuleBean;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.mock.web.MockServletContext;
|
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||
|
||||
/**
|
||||
|
|
@ -56,6 +56,7 @@ public class SecurityFilterAutoConfigurationTests {
|
|||
@ImportAutoConfiguration({ WebMvcAutoConfiguration.class,
|
||||
JacksonAutoConfiguration.class, HttpMessageConvertersAutoConfiguration.class,
|
||||
DispatcherServletAutoConfiguration.class, WebSecurity.class,
|
||||
ServletWebSecurityAutoConfiguration.class,
|
||||
SecurityFilterAutoConfiguration.class,
|
||||
PropertyPlaceholderAutoConfiguration.class })
|
||||
static class Config {
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
|
|
@ -0,0 +1,131 @@
|
|||
/*
|
||||
* Copyright 2012-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import java.util.EnumSet;
|
||||
|
||||
import javax.servlet.DispatcherType;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigurations;
|
||||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.test.context.runner.WebApplicationContextRunner;
|
||||
import org.springframework.boot.web.servlet.DelegatingFilterProxyRegistrationBean;
|
||||
import org.springframework.boot.web.servlet.filter.OrderedFilter;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.test.util.ReflectionTestUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
/**
|
||||
* Tests for {@link ServletWebSecurityAutoConfiguration}.
|
||||
*
|
||||
* @author Phillip Webb
|
||||
*/
|
||||
public class ServletWebSecurityAutoConfigurationTests {
|
||||
|
||||
private WebApplicationContextRunner contextRunner = new WebApplicationContextRunner()
|
||||
.withConfiguration(AutoConfigurations.of(SecurityAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class,
|
||||
PropertyPlaceholderAutoConfiguration.class));
|
||||
|
||||
@Test
|
||||
public void testWebConfiguration() {
|
||||
this.contextRunner.run((context) -> {
|
||||
assertThat(context.getBean(AuthenticationManagerBuilder.class)).isNotNull();
|
||||
assertThat(context.getBean(FilterChainProxy.class).getFilterChains())
|
||||
.hasSize(1);
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDefaultFilterOrderWithSecurityAdapter() {
|
||||
this.contextRunner
|
||||
.withConfiguration(AutoConfigurations.of(WebSecurity.class,
|
||||
SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> assertThat(context
|
||||
.getBean("securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class)
|
||||
.getOrder()).isEqualTo(
|
||||
OrderedFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER - 100));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDefaultFilterOrder() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> assertThat(context
|
||||
.getBean("securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class)
|
||||
.getOrder()).isEqualTo(
|
||||
OrderedFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER - 100));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCustomFilterOrder() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.withPropertyValues("spring.security.filter.order:12345").run(
|
||||
(context) -> assertThat(context
|
||||
.getBean("securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class)
|
||||
.getOrder()).isEqualTo(12345));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void defaultFilterDispatcherTypes() {
|
||||
this.contextRunner
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> {
|
||||
DelegatingFilterProxyRegistrationBean bean = context.getBean(
|
||||
"securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class);
|
||||
@SuppressWarnings("unchecked")
|
||||
EnumSet<DispatcherType> dispatcherTypes = (EnumSet<DispatcherType>) ReflectionTestUtils
|
||||
.getField(bean, "dispatcherTypes");
|
||||
assertThat(dispatcherTypes).containsOnly(DispatcherType.ASYNC,
|
||||
DispatcherType.ERROR, DispatcherType.REQUEST);
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customFilterDispatcherTypes() {
|
||||
this.contextRunner
|
||||
.withPropertyValues(
|
||||
"spring.security.filter.dispatcher-types:INCLUDE,ERROR")
|
||||
.withConfiguration(
|
||||
AutoConfigurations.of(SecurityFilterAutoConfiguration.class))
|
||||
.run((context) -> {
|
||||
DelegatingFilterProxyRegistrationBean bean = context.getBean(
|
||||
"securityFilterChainRegistration",
|
||||
DelegatingFilterProxyRegistrationBean.class);
|
||||
@SuppressWarnings("unchecked")
|
||||
EnumSet<DispatcherType> dispatcherTypes = (EnumSet<DispatcherType>) ReflectionTestUtils
|
||||
.getField(bean, "dispatcherTypes");
|
||||
assertThat(dispatcherTypes).containsOnly(DispatcherType.INCLUDE,
|
||||
DispatcherType.ERROR);
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.servlet;
|
||||
package org.springframework.boot.autoconfigure.security.web.servlet;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
|
|
@ -28,7 +28,8 @@ import org.junit.Test;
|
|||
|
||||
import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.session.SessionAutoConfiguration;
|
||||
import org.springframework.boot.testsupport.web.servlet.MockServletWebServer.RegisteredFilter;
|
||||
import org.springframework.boot.web.server.WebServerFactoryCustomizerBeanPostProcessor;
|
||||
|
|
@ -89,7 +90,7 @@ public class FilterOrderingIntegrationTests {
|
|||
this.context.register(MockWebServerConfiguration.class,
|
||||
TestSessionConfiguration.class, TestRedisConfiguration.class,
|
||||
WebMvcAutoConfiguration.class, SecurityAutoConfiguration.class,
|
||||
SessionAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class, SessionAutoConfiguration.class,
|
||||
HttpMessageConvertersAutoConfiguration.class,
|
||||
PropertyPlaceholderAutoConfiguration.class,
|
||||
HttpEncodingAutoConfiguration.class);
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
|
||||
package org.springframework.boot.docs.web.security;
|
||||
|
||||
import org.springframework.boot.autoconfigure.security.reactive.PathRequest;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.PathRequest;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
|
|
|
|||
|
|
@ -17,8 +17,9 @@
|
|||
package org.springframework.boot.test.autoconfigure.web.servlet;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.UserDetailsServiceAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
|
||||
|
|
@ -30,8 +31,8 @@ import org.springframework.context.annotation.Import;
|
|||
*/
|
||||
@Configuration
|
||||
@ConditionalOnProperty(prefix = "spring.test.mockmvc", name = "secure", havingValue = "true", matchIfMissing = true)
|
||||
@Import({ SecurityAutoConfiguration.class, UserDetailsServiceAutoConfiguration.class,
|
||||
MockMvcSecurityConfiguration.class })
|
||||
@Import({ SecurityAutoConfiguration.class, ServletWebSecurityAutoConfiguration.class,
|
||||
UserDetailsServiceAutoConfiguration.class, MockMvcSecurityConfiguration.class })
|
||||
public class MockMvcSecurityAutoConfiguration {
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -88,8 +88,8 @@ org.springframework.boot.autoconfigure.jsonb.JsonbAutoConfiguration
|
|||
|
||||
# AutoConfigureWebClient auto-configuration imports
|
||||
org.springframework.boot.test.autoconfigure.web.reactive.AutoConfigureWebTestClient=\
|
||||
org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.reactive.ReactiveUserDetailsServiceAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.ReactiveUserDetailsServiceAutoConfiguration,\
|
||||
org.springframework.boot.autoconfigure.security.web.reactive.ReactiveWebSecurityAutoConfiguration,\
|
||||
org.springframework.boot.test.autoconfigure.web.reactive.WebTestClientAutoConfiguration
|
||||
|
||||
# AutoConfigureWebFlux auto-configuration imports
|
||||
|
|
|
|||
|
|
@ -17,14 +17,16 @@
|
|||
package org.springframework.boot.test.autoconfigure.restdocs;
|
||||
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.ServletWebSecurityAutoConfiguration;
|
||||
|
||||
/**
|
||||
* Test application used with {@link AutoConfigureRestDocs} tests.
|
||||
*
|
||||
* @author Andy Wilkinson
|
||||
*/
|
||||
@SpringBootApplication(exclude = SecurityAutoConfiguration.class)
|
||||
@SpringBootApplication(exclude = { SecurityAutoConfiguration.class,
|
||||
ServletWebSecurityAutoConfiguration.class })
|
||||
public class RestDocsTestApplication {
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,9 +16,9 @@
|
|||
|
||||
package sample.actuator.customsecurity;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.web.servlet.EndpointRequest;
|
||||
import org.springframework.boot.actuate.web.mappings.MappingsEndpoint;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.PathRequest;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
|
|
|
|||
|
|
@ -22,9 +22,9 @@ import org.junit.Test;
|
|||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.web.reactive.EndpointRequest;
|
||||
import org.springframework.boot.actuate.web.mappings.MappingsEndpoint;
|
||||
import org.springframework.boot.autoconfigure.security.reactive.PathRequest;
|
||||
import org.springframework.boot.autoconfigure.security.web.reactive.PathRequest;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ package sample.security.method;
|
|||
import java.util.Date;
|
||||
import java.util.Map;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
|
||||
import org.springframework.boot.actuate.autoconfigure.security.web.servlet.EndpointRequest;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ import java.util.Date;
|
|||
import java.util.Map;
|
||||
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
|
||||
import org.springframework.boot.autoconfigure.security.web.servlet.PathRequest;
|
||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
|
|
|
|||
Loading…
Reference in New Issue