diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java index 84879adc745..c9f22d59dac 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.java @@ -16,7 +16,7 @@ package org.springframework.boot.autoconfigure.security; -import java.util.UUID; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -57,15 +57,19 @@ public class AuthenticationManagerConfiguration { .getLog(AuthenticationManagerConfiguration.class); @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager( + public InMemoryUserDetailsManager inMemoryUserDetailsManager(SecurityProperties properties, ObjectProvider passwordEncoder) throws Exception { - String password = UUID.randomUUID().toString(); - logger.info(String.format("%n%nUsing default security password: %s%n", password)); + SecurityProperties.User user = properties.getUser(); + if (user.isPasswordGenerated()) { + logger.info(String.format("%n%nUsing generated security password: %s%n", user.getPassword())); + } String encodedPassword = passwordEncoder .getIfAvailable(PasswordEncoderFactories::createDelegatingPasswordEncoder) - .encode(password); + .encode(user.getPassword()); + List roles = user.getRoles(); return new InMemoryUserDetailsManager( - User.withUsername("user").password(encodedPassword).roles().build()); + User.withUsername(user.getName()).password(encodedPassword) + .roles(roles.toArray(new String[roles.size()])).build()); } } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityProperties.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityProperties.java index 801ddb554f9..2925fff7635 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityProperties.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityProperties.java @@ -16,20 +16,25 @@ package org.springframework.boot.autoconfigure.security; +import java.util.ArrayList; import java.util.Arrays; import java.util.HashSet; +import java.util.List; import java.util.Set; +import java.util.UUID; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.web.servlet.DispatcherType; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.core.Ordered; +import org.springframework.util.StringUtils; /** * Configuration properties for Spring Security. * * @author Dave Syer * @author Andy Wilkinson + * @author Madhura Bhave */ @ConfigurationProperties(prefix = "spring.security") public class SecurityProperties implements SecurityPrerequisite { @@ -58,6 +63,12 @@ public class SecurityProperties implements SecurityPrerequisite { private final Filter filter = new Filter(); + private User user = new User(); + + public User getUser() { + return this.user; + } + public Filter getFilter() { return this.filter; } @@ -93,4 +104,56 @@ public class SecurityProperties implements SecurityPrerequisite { } + public static class User { + + /** + * Default user name. + */ + private String name = "user"; + + /** + * Password for the default user name. + */ + private String password = UUID.randomUUID().toString(); + + /** + * Granted roles for the default user name. + */ + private List roles = new ArrayList<>(); + + private boolean passwordGenerated = true; + + public String getName() { + return this.name; + } + + public void setName(String name) { + this.name = name; + } + + public String getPassword() { + return this.password; + } + + public void setPassword(String password) { + if (!StringUtils.hasLength(password)) { + return; + } + this.passwordGenerated = false; + this.password = password; + } + + public List getRoles() { + return this.roles; + } + + public void setRoles(List roles) { + this.roles = new ArrayList<>(roles); + } + + public boolean isPasswordGenerated() { + return this.passwordGenerated; + } + } + } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java index 76f50182bf1..1f6d123d749 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java @@ -16,7 +16,7 @@ package org.springframework.boot.autoconfigure.security.reactive; -import java.util.UUID; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -25,6 +25,7 @@ import org.springframework.beans.factory.ObjectProvider; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; +import org.springframework.boot.autoconfigure.security.SecurityProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.ReactiveAuthenticationManager; @@ -54,20 +55,24 @@ class ReactiveAuthenticationManagerConfiguration { .getLog(ReactiveAuthenticationManagerConfiguration.class); @Bean - public MapReactiveUserDetailsService reactiveUserDetailsService( + public MapReactiveUserDetailsService reactiveUserDetailsService(SecurityProperties properties, ObjectProvider passwordEncoder) { - String password = UUID.randomUUID().toString(); - logger.info(String.format("%n%nUsing default security password: %s%n", password)); - UserDetails userDetails = getUserDetails(password, passwordEncoder); + SecurityProperties.User user = properties.getUser(); + if (user.isPasswordGenerated()) { + logger.info(String.format("%n%nUsing default security password: %s%n", user.getPassword())); + } + UserDetails userDetails = getUserDetails(user, passwordEncoder); return new MapReactiveUserDetailsService(userDetails); } - private UserDetails getUserDetails(String password, + private UserDetails getUserDetails(SecurityProperties.User user, ObjectProvider passwordEncoder) { String encodedPassword = passwordEncoder .getIfAvailable(PasswordEncoderFactories::createDelegatingPasswordEncoder) - .encode(password); - return User.withUsername("user").password(encodedPassword).roles().build(); + .encode(user.getPassword()); + List roles = user.getRoles(); + return User.withUsername(user.getName()).password(encodedPassword) + .roles(roles.toArray(new String[roles.size()])).build(); } } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfiguration.java index 1609e6d462f..1d62a9cf476 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfiguration.java @@ -18,6 +18,8 @@ package org.springframework.boot.autoconfigure.security.reactive; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; +import org.springframework.boot.autoconfigure.security.SecurityProperties; +import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; @@ -35,6 +37,7 @@ import org.springframework.security.web.reactive.result.method.annotation.Authen @Configuration @ConditionalOnClass({ EnableWebFluxSecurity.class, AuthenticationPrincipalArgumentResolver.class }) +@EnableConfigurationProperties(SecurityProperties.class) @Import({ WebFluxSecurityConfiguration.class, ReactiveAuthenticationManagerConfiguration.class }) public class ReactiveSecurityAutoConfiguration { diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java index 1a67813be37..61f571c74b4 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java @@ -150,7 +150,7 @@ public class SecurityAutoConfigurationTests { this.context.refresh(); UserDetailsService manager = this.context.getBean(UserDetailsService.class); assertThat(this.outputCapture.toString()) - .contains("Using default security password:"); + .contains("Using generated security password:"); assertThat(manager.loadUserByUsername("user")).isNotNull(); } @@ -167,7 +167,7 @@ public class SecurityAutoConfigurationTests { assertThat(manager).isEqualTo(this.context.getBean( TestAuthenticationManagerConfiguration.class).authenticationManager); assertThat(this.outputCapture.toString()) - .doesNotContain("Using default security password: "); + .doesNotContain("Using generated security password: "); TestingAuthenticationToken token = new TestingAuthenticationToken("foo", "bar"); assertThat(manager.authenticate(token)).isNotNull(); } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityFilterAutoConfigurationEarlyInitializationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityFilterAutoConfigurationEarlyInitializationTests.java index 096bc08a0cf..dd888a26eb1 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityFilterAutoConfigurationEarlyInitializationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityFilterAutoConfigurationEarlyInitializationTests.java @@ -66,7 +66,7 @@ public class SecurityFilterAutoConfigurationEarlyInitializationTests { context.refresh(); int port = context.getWebServer().getPort(); String password = this.outputCapture.toString() - .split("Using default security password: ")[1].split("\n")[0].trim(); + .split("Using generated security password: ")[1].split("\n")[0].trim(); new TestRestTemplate("user", password) .getForEntity("http://localhost:" + port, Object.class); // If early initialization occurred a ConverterNotFoundException is thrown diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityPropertiesTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityPropertiesTests.java index a514e11b2a7..1e7f057a60c 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityPropertiesTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityPropertiesTests.java @@ -16,13 +16,11 @@ package org.springframework.boot.autoconfigure.security; -import java.util.Collections; - +import org.junit.Before; import org.junit.Test; import org.springframework.boot.context.properties.bind.Bindable; import org.springframework.boot.context.properties.bind.Binder; -import org.springframework.boot.context.properties.source.ConfigurationPropertySource; import org.springframework.boot.context.properties.source.MapConfigurationPropertySource; import static org.assertj.core.api.Assertions.assertThat; @@ -31,23 +29,55 @@ import static org.assertj.core.api.Assertions.assertThat; * Tests for {@link SecurityProperties}. * * @author Dave Syer + * @author Madhura Bhave */ public class SecurityPropertiesTests { private SecurityProperties security = new SecurityProperties(); + private Binder binder; + + private MapConfigurationPropertySource source = new MapConfigurationPropertySource(); + + @Before + public void setUp() throws Exception { + this.binder = new Binder(this.source); + } + @Test - public void testBinding() { - bind("spring.security.filter.order", "55"); + public void filterOrderShouldBind() { + this.source.put("spring.security.filter.order", "55"); + this.binder.bind("spring.security", Bindable.ofInstance(this.security)); assertThat(this.security.getFilter().getOrder()).isEqualTo(55); } - private void bind(String name, String value) { - bind(new MapConfigurationPropertySource(Collections.singletonMap(name, value))); + @Test + public void userWhenNotConfiguredShouldUseDefaultNameAndGeneratedPassword() throws Exception { + SecurityProperties.User user = this.security.getUser(); + assertThat(user.getName()).isEqualTo("user"); + assertThat(user.getPassword()).isNotNull(); + assertThat(user.isPasswordGenerated()).isTrue(); + assertThat(user.getRoles()).isEmpty(); } - private void bind(ConfigurationPropertySource source) { - new Binder(source).bind("spring.security", Bindable.ofInstance(this.security)); + @Test + public void userShouldBindProperly() throws Exception { + this.source.put("spring.security.user.name", "foo"); + this.source.put("spring.security.user.password", "password"); + this.source.put("spring.security.user.roles", "ADMIN,USER"); + this.binder.bind("spring.security", Bindable.ofInstance(this.security)); + SecurityProperties.User user = this.security.getUser(); + assertThat(user.getName()).isEqualTo("foo"); + assertThat(user.getPassword()).isEqualTo("password"); + assertThat(user.isPasswordGenerated()).isFalse(); + assertThat(user.getRoles()).containsExactly("ADMIN", "USER"); + } + + @Test + public void passwordAutogeneratedIfEmpty() { + this.source.put("spring.security.user.password", ""); + this.binder.bind("spring.security", Bindable.ofInstance(this.security)); + assertThat(this.security.getUser().isPasswordGenerated()).isTrue(); } } diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc index bb3918adb89..e8d901659d6 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc @@ -2852,13 +2852,16 @@ the following example: [indent=0] ---- - Using default security password: 78fa095d-3f4c-48b1-ad50-e24c31d5cf35 + Using generated security password: 78fa095d-3f4c-48b1-ad50-e24c31d5cf35 ---- NOTE: If you fine-tune your logging configuration, ensure that the `org.springframework.boot.autoconfigure.security` category is set to log `INFO`-level messages. Otherwise, the default password is not printed. +You can change the username and password by providing a `spring.security.user.name` and +`spring.security.user.password`. + The default security configuration is implemented in `SecurityAutoConfiguration` and in the classes imported from there (`SpringBootWebSecurityConfiguration` for web security and `AuthenticationManagerConfiguration` for authentication configuration, which is also @@ -2874,7 +2877,7 @@ Boot samples] to get you started with common use cases. The basic features you get by default in a web application are: * A `UserDetailsService` bean with in-memory store and a single user with a generated - password. + password (see `SecurityProperties.User` for the properties of the user). * Form-based login or HTTP Basic security (depending on Content-Type) for the entire application (including actuator endpoints if actuator is on the classpath). diff --git a/spring-boot-project/spring-boot-test-autoconfigure/src/test/java/org/springframework/boot/test/autoconfigure/security/SecurityTestApplication.java b/spring-boot-project/spring-boot-test-autoconfigure/src/test/java/org/springframework/boot/test/autoconfigure/security/SecurityTestApplication.java index b2dd0c4ad00..f49d31e7267 100644 --- a/spring-boot-project/spring-boot-test-autoconfigure/src/test/java/org/springframework/boot/test/autoconfigure/security/SecurityTestApplication.java +++ b/spring-boot-project/spring-boot-test-autoconfigure/src/test/java/org/springframework/boot/test/autoconfigure/security/SecurityTestApplication.java @@ -18,10 +18,7 @@ package org.springframework.boot.test.autoconfigure.security; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.test.autoconfigure.web.servlet.MockMvcSecurityAutoConfiguration; -import org.springframework.context.annotation.Bean; import org.springframework.security.access.annotation.Secured; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @@ -33,12 +30,6 @@ import org.springframework.web.bind.annotation.RestController; @SpringBootApplication public class SecurityTestApplication { - @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("secret").roles("USER").build()); - } - @RestController static class MyController { diff --git a/spring-boot-project/spring-boot-test-autoconfigure/src/test/resources/application.properties b/spring-boot-project/spring-boot-test-autoconfigure/src/test/resources/application.properties new file mode 100644 index 00000000000..db142ac815c --- /dev/null +++ b/spring-boot-project/spring-boot-test-autoconfigure/src/test/resources/application.properties @@ -0,0 +1,3 @@ +spring.security.user.name=user +spring.security.user.password=secret +spring.security.user.roles=USER diff --git a/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/java/sample/actuator/log4j2/SampleActuatorLog4J2Application.java b/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/java/sample/actuator/log4j2/SampleActuatorLog4J2Application.java index 1a7413d5115..4c42928c7ff 100644 --- a/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/java/sample/actuator/log4j2/SampleActuatorLog4J2Application.java +++ b/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/java/sample/actuator/log4j2/SampleActuatorLog4J2Application.java @@ -18,19 +18,10 @@ package sample.actuator.log4j2; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.context.annotation.Bean; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; @SpringBootApplication public class SampleActuatorLog4J2Application { - @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("password").roles("USER").build()); - } - public static void main(String[] args) throws Exception { SpringApplication.run(SampleActuatorLog4J2Application.class, args); } diff --git a/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/resources/application.properties index 5aca421a492..3e49778b366 100644 --- a/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-actuator-log4j2/src/main/resources/application.properties @@ -1,2 +1,4 @@ +spring.security.user.name=user +spring.security.user.password=password management.endpoint.shutdown.enabled=true management.endpoints.web.expose=* diff --git a/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/java/sample/actuator/ui/SampleActuatorUiApplication.java b/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/java/sample/actuator/ui/SampleActuatorUiApplication.java index db9365fdfe3..e85d9422ef2 100644 --- a/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/java/sample/actuator/ui/SampleActuatorUiApplication.java +++ b/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/java/sample/actuator/ui/SampleActuatorUiApplication.java @@ -21,9 +21,6 @@ import java.util.Map; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.context.annotation.Bean; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; @@ -32,12 +29,6 @@ import org.springframework.web.bind.annotation.RequestMapping; @Controller public class SampleActuatorUiApplication { - @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("password").roles("USER").build()); - } - @GetMapping("/") public String home(Map model) { model.put("message", "Hello World"); diff --git a/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/resources/application.properties index 15049def9bd..3b6d1f0d015 100644 --- a/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-actuator-ui/src/main/resources/application.properties @@ -1,3 +1,5 @@ +spring.security.user.name=user +spring.security.user.password=password management.health.diskspace.enabled=false management.endpoints.web.expose=* management.jolokia.enabled=true diff --git a/spring-boot-samples/spring-boot-sample-actuator/src/main/java/sample/actuator/SampleActuatorApplication.java b/spring-boot-samples/spring-boot-sample-actuator/src/main/java/sample/actuator/SampleActuatorApplication.java index 5f1771f848b..678f5a65de5 100644 --- a/spring-boot-samples/spring-boot-sample-actuator/src/main/java/sample/actuator/SampleActuatorApplication.java +++ b/spring-boot-samples/spring-boot-sample-actuator/src/main/java/sample/actuator/SampleActuatorApplication.java @@ -22,8 +22,6 @@ import org.springframework.boot.actuate.health.HealthIndicator; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; @SpringBootApplication @EnableConfigurationProperties(ServiceProperties.class) @@ -33,12 +31,6 @@ public class SampleActuatorApplication { SpringApplication.run(SampleActuatorApplication.class, args); } - @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("password").roles("USER").build()); - } - @Bean public HealthIndicator helloHealthIndicator() { return new HealthIndicator() { diff --git a/spring-boot-samples/spring-boot-sample-actuator/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-actuator/src/main/resources/application.properties index 8f5a661c8eb..7da56b2085b 100644 --- a/spring-boot-samples/spring-boot-sample-actuator/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-actuator/src/main/resources/application.properties @@ -1,5 +1,8 @@ service.name=Phil +spring.security.user.name=user +spring.security.user.password=password + # logging.file=/tmp/logs/app.log # logging.level.org.springframework.security=DEBUG management.server.address=127.0.0.1 diff --git a/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java b/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java index 0739120c923..6641e56cb1f 100644 --- a/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java +++ b/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java @@ -19,9 +19,6 @@ package sample.secure.webflux; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.annotation.Bean; -import org.springframework.security.core.userdetails.MapReactiveUserDetailsService; -import org.springframework.security.core.userdetails.ReactiveUserDetailsService; -import org.springframework.security.core.userdetails.User; import org.springframework.web.reactive.function.server.RouterFunction; import org.springframework.web.reactive.function.server.ServerResponse; @@ -40,10 +37,4 @@ public class SampleSecureWebFluxApplication { return route(POST("/echo"), echoHandler::echo); } - @Bean - public ReactiveUserDetailsService userDetailsService() { - return new MapReactiveUserDetailsService(User.withDefaultPasswordEncoder() - .username("foo").password("password").roles("USER").build()); - } - } diff --git a/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/resources/application.properties index e69de29bb2d..cb7e159bf3a 100644 --- a/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/resources/application.properties @@ -0,0 +1,2 @@ +spring.security.user.name=user +spring.security.user.password=password \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-secure-webflux/src/test/java/sample/secure/webflux/SampleSecureWebFluxApplicationTests.java b/spring-boot-samples/spring-boot-sample-secure-webflux/src/test/java/sample/secure/webflux/SampleSecureWebFluxApplicationTests.java index b2846ae372b..2135a99c9fb 100644 --- a/spring-boot-samples/spring-boot-sample-secure-webflux/src/test/java/sample/secure/webflux/SampleSecureWebFluxApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-secure-webflux/src/test/java/sample/secure/webflux/SampleSecureWebFluxApplicationTests.java @@ -56,7 +56,7 @@ public class SampleSecureWebFluxApplicationTests { public void userDefinedMappingsAccessibleOnLogin() { this.webClient.get().uri("/").accept(MediaType.APPLICATION_JSON) .header("Authorization", "basic " + getBasicAuth()).exchange() - .expectBody(String.class).isEqualTo("Hello foo"); + .expectBody(String.class).isEqualTo("Hello user"); } @Test @@ -67,7 +67,7 @@ public class SampleSecureWebFluxApplicationTests { } private String getBasicAuth() { - return new String(Base64.getEncoder().encode(("foo:password").getBytes())); + return new String(Base64.getEncoder().encode(("user:password").getBytes())); } } diff --git a/spring-boot-samples/spring-boot-sample-secure/src/main/java/sample/secure/SampleSecureApplication.java b/spring-boot-samples/spring-boot-sample-secure/src/main/java/sample/secure/SampleSecureApplication.java index dd2cda307cf..28dad9b9db3 100644 --- a/spring-boot-samples/spring-boot-sample-secure/src/main/java/sample/secure/SampleSecureApplication.java +++ b/spring-boot-samples/spring-boot-sample-secure/src/main/java/sample/secure/SampleSecureApplication.java @@ -20,14 +20,11 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.CommandLineRunner; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; -import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; @EnableAutoConfiguration @ComponentScan @@ -37,12 +34,6 @@ public class SampleSecureApplication implements CommandLineRunner { @Autowired private SampleService service; - @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("password").roles("USER").build()); - } - @Override public void run(String... args) throws Exception { SecurityContextHolder.getContext() diff --git a/spring-boot-samples/spring-boot-sample-secure/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-secure/src/main/resources/application.properties index e5c8a7406c1..95ac83170e4 100644 --- a/spring-boot-samples/spring-boot-sample-secure/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-secure/src/main/resources/application.properties @@ -1 +1,4 @@ -# debug: true \ No newline at end of file +# debug: true +spring.security.user.name=user +spring.security.user.password=password +spring.security.user.roles=USER \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-servlet/src/main/java/sample/servlet/SampleServletApplication.java b/spring-boot-samples/spring-boot-sample-servlet/src/main/java/sample/servlet/SampleServletApplication.java index 392241bf5a9..0a68c838017 100644 --- a/spring-boot-samples/spring-boot-sample-servlet/src/main/java/sample/servlet/SampleServletApplication.java +++ b/spring-boot-samples/spring-boot-sample-servlet/src/main/java/sample/servlet/SampleServletApplication.java @@ -30,19 +30,11 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.builder.SpringApplicationBuilder; import org.springframework.boot.web.servlet.support.SpringBootServletInitializer; import org.springframework.context.annotation.Bean; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; @SpringBootConfiguration @EnableAutoConfiguration public class SampleServletApplication extends SpringBootServletInitializer { - @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("password").roles("USER").build()); - } - @SuppressWarnings("serial") @Bean public Servlet dispatcherServlet() { diff --git a/spring-boot-samples/spring-boot-sample-servlet/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-servlet/src/main/resources/application.properties new file mode 100644 index 00000000000..cb7e159bf3a --- /dev/null +++ b/spring-boot-samples/spring-boot-sample-servlet/src/main/resources/application.properties @@ -0,0 +1,2 @@ +spring.security.user.name=user +spring.security.user.password=password \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-session-webflux/src/main/java/sample/session/SampleSessionWebFluxApplication.java b/spring-boot-samples/spring-boot-sample-session-webflux/src/main/java/sample/session/SampleSessionWebFluxApplication.java index b69bb57e254..c8a8e026f60 100644 --- a/spring-boot-samples/spring-boot-sample-session-webflux/src/main/java/sample/session/SampleSessionWebFluxApplication.java +++ b/spring-boot-samples/spring-boot-sample-session-webflux/src/main/java/sample/session/SampleSessionWebFluxApplication.java @@ -20,9 +20,6 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.annotation.Bean; import org.springframework.security.config.web.server.ServerHttpSecurity; -import org.springframework.security.core.userdetails.MapReactiveUserDetailsService; -import org.springframework.security.core.userdetails.ReactiveUserDetailsService; -import org.springframework.security.core.userdetails.User; import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository; @@ -33,12 +30,6 @@ public class SampleSessionWebFluxApplication { SpringApplication.run(SampleSessionWebFluxApplication.class); } - @Bean - public ReactiveUserDetailsService userDetailsRepository() { - return new MapReactiveUserDetailsService(User.withDefaultPasswordEncoder() - .username("user").password("password").roles("USER").build()); - } - @Bean public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { // @formatter:off diff --git a/spring-boot-samples/spring-boot-sample-session-webflux/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-session-webflux/src/main/resources/application.properties new file mode 100644 index 00000000000..cb7e159bf3a --- /dev/null +++ b/spring-boot-samples/spring-boot-sample-session-webflux/src/main/resources/application.properties @@ -0,0 +1,2 @@ +spring.security.user.name=user +spring.security.user.password=password \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-session/src/main/java/sample/session/SampleSessionApplication.java b/spring-boot-samples/spring-boot-sample-session/src/main/java/sample/session/SampleSessionApplication.java index 39fb3994e11..a79c96ea6b5 100644 --- a/spring-boot-samples/spring-boot-sample-session/src/main/java/sample/session/SampleSessionApplication.java +++ b/spring-boot-samples/spring-boot-sample-session/src/main/java/sample/session/SampleSessionApplication.java @@ -18,9 +18,6 @@ package sample.session; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.context.annotation.Bean; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; @SpringBootApplication public class SampleSessionApplication { @@ -29,10 +26,4 @@ public class SampleSessionApplication { SpringApplication.run(SampleSessionApplication.class); } - @Bean - public InMemoryUserDetailsManager inMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("password").roles("USER").build()); - } - } diff --git a/spring-boot-samples/spring-boot-sample-session/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-session/src/main/resources/application.properties index 82d76b81033..52c833b58ed 100644 --- a/spring-boot-samples/spring-boot-sample-session/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-session/src/main/resources/application.properties @@ -1 +1,3 @@ +spring.security.user.name=user +spring.security.user.password=password management.endpoints.web.expose=* diff --git a/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/java/sample/web/secure/custom/SampleWebSecureCustomApplication.java b/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/java/sample/web/secure/custom/SampleWebSecureCustomApplication.java index 596a4945506..f458b8a89c9 100644 --- a/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/java/sample/web/secure/custom/SampleWebSecureCustomApplication.java +++ b/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/java/sample/web/secure/custom/SampleWebSecureCustomApplication.java @@ -21,12 +21,9 @@ import java.util.Map; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.builder.SpringApplicationBuilder; -import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; @@ -69,12 +66,6 @@ public class SampleWebSecureCustomApplication implements WebMvcConfigurer { .failureUrl("/login?error").permitAll().and().logout().permitAll(); } - @Bean - public InMemoryUserDetailsManager InMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() - .username("user").password("user").roles("USER").build()); - } - } } diff --git a/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/resources/application.properties index c19741f86f3..3509ac7bd40 100644 --- a/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-web-secure-custom/src/main/resources/application.properties @@ -1,2 +1,5 @@ spring.thymeleaf.cache: false -logging.level.org.springframework.security: INFO \ No newline at end of file +logging.level.org.springframework.security: INFO + +spring.security.user.name=user +spring.security.user.password=password \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-web-secure-custom/src/test/java/sample/web/secure/custom/SampleWebSecureCustomApplicationTests.java b/spring-boot-samples/spring-boot-sample-web-secure-custom/src/test/java/sample/web/secure/custom/SampleWebSecureCustomApplicationTests.java index fa74e0304a6..614a1550d6c 100644 --- a/spring-boot-samples/spring-boot-sample-web-secure-custom/src/test/java/sample/web/secure/custom/SampleWebSecureCustomApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-web-secure-custom/src/test/java/sample/web/secure/custom/SampleWebSecureCustomApplicationTests.java @@ -83,7 +83,7 @@ public class SampleWebSecureCustomApplicationTests { headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); MultiValueMap form = new LinkedMultiValueMap<>(); form.set("username", "user"); - form.set("password", "user"); + form.set("password", "password"); ResponseEntity entity = this.restTemplate.exchange("/login", HttpMethod.POST, new HttpEntity<>(form, headers), String.class); assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.FOUND); diff --git a/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/web/secure/SampleWebSecureApplication.java b/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/web/secure/SampleWebSecureApplication.java index a4ad114aafa..3e68ce957e6 100644 --- a/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/web/secure/SampleWebSecureApplication.java +++ b/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/web/secure/SampleWebSecureApplication.java @@ -22,12 +22,9 @@ import java.util.Map; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.security.StaticResourceRequest; import org.springframework.boot.builder.SpringApplicationBuilder; -import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; @@ -76,15 +73,6 @@ public class SampleWebSecureApplication implements WebMvcConfigurer { // @formatter:on } - @Bean - public InMemoryUserDetailsManager InMemoryUserDetailsManager() { - return new InMemoryUserDetailsManager( - User.withDefaultPasswordEncoder().username("admin").password("admin") - .roles("ADMIN", "USER").build(), - User.withDefaultPasswordEncoder().username("user").password("user") - .roles("USER").build()); - } - } } diff --git a/spring-boot-samples/spring-boot-sample-web-secure/src/main/resources/application.properties b/spring-boot-samples/spring-boot-sample-web-secure/src/main/resources/application.properties index 5cf494652b8..aba18894067 100644 --- a/spring-boot-samples/spring-boot-sample-web-secure/src/main/resources/application.properties +++ b/spring-boot-samples/spring-boot-sample-web-secure/src/main/resources/application.properties @@ -1,4 +1,7 @@ spring.thymeleaf.cache: false # demo only: logging.level.org.springframework.security: INFO -logging.level.org.springframework.boot.actuate.audit.listener.AuditListener: DEBUG \ No newline at end of file +logging.level.org.springframework.boot.actuate.audit.listener.AuditListener: DEBUG + +spring.security.user.name=user +spring.security.user.password=password \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/web/secure/SampleSecureApplicationTests.java b/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/web/secure/SampleSecureApplicationTests.java index 5cca3e0f986..ac9df772600 100644 --- a/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/web/secure/SampleSecureApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/web/secure/SampleSecureApplicationTests.java @@ -83,7 +83,7 @@ public class SampleSecureApplicationTests { headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); MultiValueMap form = new LinkedMultiValueMap<>(); form.set("username", "user"); - form.set("password", "user"); + form.set("password", "password"); ResponseEntity entity = this.restTemplate.exchange("/login", HttpMethod.POST, new HttpEntity<>(form, headers), String.class); assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.FOUND);