You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/04/13 23:09:10 UTC
[isis-app-helloworld] branch jdo-SNAPSHOT-spring-security-inmemory
created (now f5a140e)
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a change to branch jdo-SNAPSHOT-spring-security-inmemory
in repository https://gitbox.apache.org/repos/asf/isis-app-helloworld.git.
at f5a140e updates menubars with impersonation
This branch includes the following new commits:
new 5c867cb working, though using SNAPSHOT, and wokaround in pom.xml, added unnecessary oauth2 dependency
new f5a140e updates menubars with impersonation
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[isis-app-helloworld] 01/02: working, though using SNAPSHOT,
and wokaround in pom.xml, added unnecessary oauth2 dependency
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch jdo-SNAPSHOT-spring-security-inmemory
in repository https://gitbox.apache.org/repos/asf/isis-app-helloworld.git
commit 5c867cbd34cec16aaa50cc40a69bc0bf24db45de
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Tue Apr 13 23:22:31 2021 +0100
working, though using SNAPSHOT, and wokaround in pom.xml, added unnecessary oauth2 dependency
---
pom.xml | 20 +++++++
src/main/java/domainapp/webapp/AppManifest.java | 10 +++-
src/main/java/domainapp/webapp/SecurityConfig.java | 30 +++++++++++
src/main/resources/shiro.ini | 39 --------------
src/main/resources/static/index.html | 62 ++++------------------
5 files changed, 68 insertions(+), 93 deletions(-)
diff --git a/pom.xml b/pom.xml
index 59ce20c..8a041fe 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,10 @@
<parent>
<groupId>org.apache.isis.app</groupId>
<artifactId>isis-app-starter-parent</artifactId>
+<!--
<version>2.0.0-M5.20210413-1443-108a3a48</version>
+-->
+ <version>2.0.0-SNAPSHOT</version>
<relativePath/>
</parent>
@@ -61,6 +64,11 @@
</dependency>
<dependency>
+ <groupId>org.apache.isis.security</groupId>
+ <artifactId>isis-security-spring</artifactId>
+ </dependency>
+
+ <dependency>
<groupId>org.apache.isis.mavendeps</groupId>
<artifactId>isis-mavendeps-jdo</artifactId>
<type>pom</type>
@@ -82,6 +90,18 @@
<artifactId>isis-testing-h2console-ui</artifactId>
</dependency>
+ <!-- TODO: remove this once move to newer nightly; no longer optional=true -->
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-oauth2-client</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
</dependencies>
<profiles>
diff --git a/src/main/java/domainapp/webapp/AppManifest.java b/src/main/java/domainapp/webapp/AppManifest.java
index 86995b9..25e1d9b 100644
--- a/src/main/java/domainapp/webapp/AppManifest.java
+++ b/src/main/java/domainapp/webapp/AppManifest.java
@@ -8,7 +8,8 @@ import org.springframework.context.annotation.PropertySources;
import org.apache.isis.core.config.presets.IsisPresets;
import org.apache.isis.core.runtimeservices.IsisModuleCoreRuntimeServices;
import org.apache.isis.persistence.jdo.datanucleus.IsisModuleJdoDatanucleus;
-import org.apache.isis.security.shiro.IsisModuleSecurityShiro;
+import org.apache.isis.security.bypass.authorization.AuthorizorBypass;
+import org.apache.isis.security.spring.IsisModuleSecuritySpring;
import org.apache.isis.testing.h2console.ui.IsisModuleTestingH2ConsoleUi;
import org.apache.isis.viewer.restfulobjects.jaxrsresteasy4.IsisModuleViewerRestfulObjectsJaxrsResteasy4;
import org.apache.isis.viewer.wicket.viewer.IsisModuleViewerWicketViewer;
@@ -18,7 +19,11 @@ import domainapp.modules.hello.HelloWorldModule;
@Configuration
@Import({
IsisModuleCoreRuntimeServices.class,
- IsisModuleSecurityShiro.class,
+
+ IsisModuleSecuritySpring.class,
+ SecurityConfig.class, // defines users
+ AuthorizorBypass.class, // security-spring doesn't provide an Authorizor impl, so we just use the no-op one from bypass.
+
IsisModuleJdoDatanucleus.class,
IsisModuleViewerRestfulObjectsJaxrsResteasy4.class,
IsisModuleViewerWicketViewer.class,
@@ -30,4 +35,5 @@ import domainapp.modules.hello.HelloWorldModule;
@PropertySource(IsisPresets.NoTranslations),
})
public class AppManifest {
+
}
diff --git a/src/main/java/domainapp/webapp/SecurityConfig.java b/src/main/java/domainapp/webapp/SecurityConfig.java
new file mode 100644
index 0000000..7a5e58a
--- /dev/null
+++ b/src/main/java/domainapp/webapp/SecurityConfig.java
@@ -0,0 +1,30 @@
+package domainapp.webapp;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter
+{
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication()
+ .withUser("sven")
+ .password(passwordEncoder().encode("pass"))
+ .roles("USER");
+ ;
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+}
diff --git a/src/main/resources/shiro.ini b/src/main/resources/shiro.ini
deleted file mode 100644
index 2fe76c6..0000000
--- a/src/main/resources/shiro.ini
+++ /dev/null
@@ -1,39 +0,0 @@
-[main]
-
-# to use .ini file
-securityManager.realms = $iniRealm
-
-
-
-# -----------------------------------------------------------------------------
-# Users and their assigned roles
-#
-# Each line conforms to the format defined in the
-# org.apache.shiro.realm.text.TextConfigurationRealm#setUserDefinitions JavaDoc
-# -----------------------------------------------------------------------------
-
-[users]
-# user = password, role1, role2, role3, ...
-
-
-sven = pass, admin_role
-dick = pass, user_role
-bob = pass, user_role
-joe = pass, user_role
-
-
-
-# -----------------------------------------------------------------------------
-# Roles with assigned permissions
-#
-# Each line conforms to the format defined in the
-# org.apache.shiro.realm.text.TextConfigurationRealm#setRoleDefinitions JavaDoc
-# -----------------------------------------------------------------------------
-
-[roles]
-# role = perm1, perm2, perm3, ...
-# perm in format: packageName:className:memberName:r,w
-
-user_role = *:HelloWorldObjects:*:*,\
- *:HelloWorldObject:*:*
-admin_role = *
diff --git a/src/main/resources/static/index.html b/src/main/resources/static/index.html
index ec5144e..97d0f7d 100644
--- a/src/main/resources/static/index.html
+++ b/src/main/resources/static/index.html
@@ -1,54 +1,12 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>Apache Isis™ HelloWorld</title>
-
- <link rel="stylesheet" type="text/css" href="css/page.css">
- </head>
- <body>
- <div id="wrapper">
- <img alt="Isis Logo" src="images/apache-isis/logo.png" />
-
- <p>
- This is a minimal <a href="https://isis.apache.org">Apache Isis</a> application, intended as a starting
- point to learn what the framework is all about.
- <br/>
- </p>
-
- <p>To access the app:</p>
- <ul>
- <li>
- <p>
- <b><a href="wicket/">Generic UI (Wicket)</a></b>
- </p>
- <p>
- provides access to a generic UI for end-users. This
- viewer is built with <a href="http://wicket.apache.org" target="_blank">Apache Wicket</a>™.
- </p>
- </li>
- <li>
- <p>
- <b>
- <a href="swagger-ui/index.thtml">RESTful API (Swagger)</a>
- </b>
- </p>
- <p>
- provides access to a Swagger UI for convenient access
- to (a subset of) the automatically generated REST API.
- </p>
- <p>
- The full backend API (at <a href="restful/">restful/</a>) renders both simple and also richer
- hypermedia representations of domain objects, the latter conforming to the
- <a href="http://restfulobjects.org" target="_blank">Restful Objects</a> spec.
- </p>
- </li>
- </ul>
-
- <p>
- The default user/password is <b><i>sven/pass</i></b>.
- </p>
-
- </div>
- </body>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+ <meta http-equiv="refresh" content="0;url=/wicket/" />
+</head>
+<body>
+<div id="wrapper">
+ <!-- we just redirect immediately, because swagger/restful API not configured to use spring security -->
+</div>
+</body>
</html>
[isis-app-helloworld] 02/02: updates menubars with impersonation
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch jdo-SNAPSHOT-spring-security-inmemory
in repository https://gitbox.apache.org/repos/asf/isis-app-helloworld.git
commit f5a140e2978c76ccdb89ae0c922d78870afe5aa4
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Wed Apr 14 00:07:26 2021 +0100
updates menubars with impersonation
---
src/main/resources/menubars.layout.xml | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/main/resources/menubars.layout.xml b/src/main/resources/menubars.layout.xml
index 8d714b9..90a0226 100644
--- a/src/main/resources/menubars.layout.xml
+++ b/src/main/resources/menubars.layout.xml
@@ -54,6 +54,12 @@
<mb3:serviceAction objectType="isis.applib.ConfigurationMenu" id="configuration"/>
</mb3:section>
<mb3:section>
+ <mb3:named>Impersonate User</mb3:named>
+ <mb3:serviceAction objectType="isis.applib.ImpersonateMenu" id="impersonate"/>
+ <mb3:serviceAction objectType="isis.applib.ImpersonateMenu" id="impersonateWithRoles"/>
+ <mb3:serviceAction objectType="isis.applib.ImpersonateMenu" id="stopImpersonating"/>
+ </mb3:section>
+ <mb3:section>
<mb3:serviceAction objectType="isis.security.LogoutMenu" id="logout">
<cpt:named>Logout</cpt:named>
</mb3:serviceAction>