Tweak security example
This commit is contained in:
parent
cf4f549b06
commit
ecc4676fb3
|
@ -285,28 +285,30 @@ Try it out:
|
||||||
|
|
||||||
$ curl localhost:8080/
|
$ curl localhost:8080/
|
||||||
{"status": 403, "error": "Forbidden", "message": "Access Denied"}
|
{"status": 403, "error": "Forbidden", "message": "Access Denied"}
|
||||||
$ curl user:password@localhost:8080/
|
$ curl user:<password>@localhost:8080/
|
||||||
{"message": "Hello World"}
|
{"message": "Hello World"}
|
||||||
|
|
||||||
The default auto configuration has an in-memory user database with one
|
The default auto configuration has an in-memory user database with one
|
||||||
entry. If you want to extend or expand that, or point to a database
|
entry, and the `<password>` value has to be read from the logs (at
|
||||||
or directory server, you only need to provide a `@Bean` definition for
|
INFO level) by default. If you want to extend or expand that, or
|
||||||
an `AuthenticationManager`, e.g. in your `SampleController`:
|
point to a database or directory server, you only need to provide a
|
||||||
|
`@Bean` definition for an `AuthenticationManager`, e.g. in your
|
||||||
|
`SampleController`:
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public AuthenticationManager authenticationManager() throws Exception {
|
public AuthenticationManager authenticationManager() throws Exception {
|
||||||
return new AuthenticationManagerBuilder(
|
return new AuthenticationManagerBuilder(
|
||||||
ObjectPostProcessor.QUIESCENT_POSTPROCESSOR).inMemoryAuthentication().withUser("user")
|
ObjectPostProcessor.QUIESCENT_POSTPROCESSOR).inMemoryAuthentication().withUser("client")
|
||||||
.password("password").roles("USER").and().and().build();
|
.password("secret").roles("USER").and().and().build();
|
||||||
}
|
}
|
||||||
|
|
||||||
Try it out:
|
Try it out:
|
||||||
|
|
||||||
$ curl client:secret@localhost:8080/
|
|
||||||
{"status": 403, "error": "Forbidden", "message": "Access Denied"}
|
|
||||||
$ curl user:password@localhost:8080/
|
$ curl user:password@localhost:8080/
|
||||||
|
{"status": 403, "error": "Forbidden", "message": "Access Denied"}
|
||||||
|
$ curl client:secret@localhost:8080/
|
||||||
{"message": "Hello World"}
|
{"message": "Hello World"}
|
||||||
|
|
||||||
## Adding a database
|
## Adding a database
|
||||||
|
@ -345,9 +347,9 @@ Then you will be able to inject a `DataSource` into your controller:
|
||||||
...
|
...
|
||||||
}
|
}
|
||||||
|
|
||||||
The app will run (going back to the default security configuration):
|
The app will run (with the new security configuration):
|
||||||
|
|
||||||
$ curl user:password@localhost:8080/
|
$ curl client:secret@localhost:8080/
|
||||||
{"error":"Internal Server Error", "status":500, "exception":...}
|
{"error":"Internal Server Error", "status":500, "exception":...}
|
||||||
|
|
||||||
but there's no data in the database yet and the `MESSAGES` table
|
but there's no data in the database yet and the `MESSAGES` table
|
||||||
|
@ -362,7 +364,7 @@ Then you will be able to inject a `DataSource` into your controller:
|
||||||
|
|
||||||
Now when you run the app you get a sensible response:
|
Now when you run the app you get a sensible response:
|
||||||
|
|
||||||
$ curl user:password@localhost:8080/
|
$ curl client:secret@localhost:8080/
|
||||||
{"ID":0, "MESSAGE":"Hello Phil"}
|
{"ID":0, "MESSAGE":"Hello Phil"}
|
||||||
|
|
||||||
Obviously, this is only the start, but hopefully you have a good grasp
|
Obviously, this is only the start, but hopefully you have a good grasp
|
||||||
|
|
Loading…
Reference in New Issue