You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/04/13 23:09:11 UTC
[isis-app-helloworld] 01/02: working, though using SNAPSHOT,
and wokaround in pom.xml, added unnecessary oauth2 dependency
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch jdo-SNAPSHOT-spring-security-inmemory
in repository https://gitbox.apache.org/repos/asf/isis-app-helloworld.git
commit 5c867cbd34cec16aaa50cc40a69bc0bf24db45de
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Tue Apr 13 23:22:31 2021 +0100
working, though using SNAPSHOT, and wokaround in pom.xml, added unnecessary oauth2 dependency
---
pom.xml | 20 +++++++
src/main/java/domainapp/webapp/AppManifest.java | 10 +++-
src/main/java/domainapp/webapp/SecurityConfig.java | 30 +++++++++++
src/main/resources/shiro.ini | 39 --------------
src/main/resources/static/index.html | 62 ++++------------------
5 files changed, 68 insertions(+), 93 deletions(-)
diff --git a/pom.xml b/pom.xml
index 59ce20c..8a041fe 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,10 @@
<parent>
<groupId>org.apache.isis.app</groupId>
<artifactId>isis-app-starter-parent</artifactId>
+<!--
<version>2.0.0-M5.20210413-1443-108a3a48</version>
+-->
+ <version>2.0.0-SNAPSHOT</version>
<relativePath/>
</parent>
@@ -61,6 +64,11 @@
</dependency>
<dependency>
+ <groupId>org.apache.isis.security</groupId>
+ <artifactId>isis-security-spring</artifactId>
+ </dependency>
+
+ <dependency>
<groupId>org.apache.isis.mavendeps</groupId>
<artifactId>isis-mavendeps-jdo</artifactId>
<type>pom</type>
@@ -82,6 +90,18 @@
<artifactId>isis-testing-h2console-ui</artifactId>
</dependency>
+ <!-- TODO: remove this once move to newer nightly; no longer optional=true -->
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-oauth2-client</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
</dependencies>
<profiles>
diff --git a/src/main/java/domainapp/webapp/AppManifest.java b/src/main/java/domainapp/webapp/AppManifest.java
index 86995b9..25e1d9b 100644
--- a/src/main/java/domainapp/webapp/AppManifest.java
+++ b/src/main/java/domainapp/webapp/AppManifest.java
@@ -8,7 +8,8 @@ import org.springframework.context.annotation.PropertySources;
import org.apache.isis.core.config.presets.IsisPresets;
import org.apache.isis.core.runtimeservices.IsisModuleCoreRuntimeServices;
import org.apache.isis.persistence.jdo.datanucleus.IsisModuleJdoDatanucleus;
-import org.apache.isis.security.shiro.IsisModuleSecurityShiro;
+import org.apache.isis.security.bypass.authorization.AuthorizorBypass;
+import org.apache.isis.security.spring.IsisModuleSecuritySpring;
import org.apache.isis.testing.h2console.ui.IsisModuleTestingH2ConsoleUi;
import org.apache.isis.viewer.restfulobjects.jaxrsresteasy4.IsisModuleViewerRestfulObjectsJaxrsResteasy4;
import org.apache.isis.viewer.wicket.viewer.IsisModuleViewerWicketViewer;
@@ -18,7 +19,11 @@ import domainapp.modules.hello.HelloWorldModule;
@Configuration
@Import({
IsisModuleCoreRuntimeServices.class,
- IsisModuleSecurityShiro.class,
+
+ IsisModuleSecuritySpring.class,
+ SecurityConfig.class, // defines users
+ AuthorizorBypass.class, // security-spring doesn't provide an Authorizor impl, so we just use the no-op one from bypass.
+
IsisModuleJdoDatanucleus.class,
IsisModuleViewerRestfulObjectsJaxrsResteasy4.class,
IsisModuleViewerWicketViewer.class,
@@ -30,4 +35,5 @@ import domainapp.modules.hello.HelloWorldModule;
@PropertySource(IsisPresets.NoTranslations),
})
public class AppManifest {
+
}
diff --git a/src/main/java/domainapp/webapp/SecurityConfig.java b/src/main/java/domainapp/webapp/SecurityConfig.java
new file mode 100644
index 0000000..7a5e58a
--- /dev/null
+++ b/src/main/java/domainapp/webapp/SecurityConfig.java
@@ -0,0 +1,30 @@
+package domainapp.webapp;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter
+{
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication()
+ .withUser("sven")
+ .password(passwordEncoder().encode("pass"))
+ .roles("USER");
+ ;
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+}
diff --git a/src/main/resources/shiro.ini b/src/main/resources/shiro.ini
deleted file mode 100644
index 2fe76c6..0000000
--- a/src/main/resources/shiro.ini
+++ /dev/null
@@ -1,39 +0,0 @@
-[main]
-
-# to use .ini file
-securityManager.realms = $iniRealm
-
-
-
-# -----------------------------------------------------------------------------
-# Users and their assigned roles
-#
-# Each line conforms to the format defined in the
-# org.apache.shiro.realm.text.TextConfigurationRealm#setUserDefinitions JavaDoc
-# -----------------------------------------------------------------------------
-
-[users]
-# user = password, role1, role2, role3, ...
-
-
-sven = pass, admin_role
-dick = pass, user_role
-bob = pass, user_role
-joe = pass, user_role
-
-
-
-# -----------------------------------------------------------------------------
-# Roles with assigned permissions
-#
-# Each line conforms to the format defined in the
-# org.apache.shiro.realm.text.TextConfigurationRealm#setRoleDefinitions JavaDoc
-# -----------------------------------------------------------------------------
-
-[roles]
-# role = perm1, perm2, perm3, ...
-# perm in format: packageName:className:memberName:r,w
-
-user_role = *:HelloWorldObjects:*:*,\
- *:HelloWorldObject:*:*
-admin_role = *
diff --git a/src/main/resources/static/index.html b/src/main/resources/static/index.html
index ec5144e..97d0f7d 100644
--- a/src/main/resources/static/index.html
+++ b/src/main/resources/static/index.html
@@ -1,54 +1,12 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>Apache Isis™ HelloWorld</title>
-
- <link rel="stylesheet" type="text/css" href="css/page.css">
- </head>
- <body>
- <div id="wrapper">
- <img alt="Isis Logo" src="images/apache-isis/logo.png" />
-
- <p>
- This is a minimal <a href="https://isis.apache.org">Apache Isis</a> application, intended as a starting
- point to learn what the framework is all about.
- <br/>
- </p>
-
- <p>To access the app:</p>
- <ul>
- <li>
- <p>
- <b><a href="wicket/">Generic UI (Wicket)</a></b>
- </p>
- <p>
- provides access to a generic UI for end-users. This
- viewer is built with <a href="http://wicket.apache.org" target="_blank">Apache Wicket</a>™.
- </p>
- </li>
- <li>
- <p>
- <b>
- <a href="swagger-ui/index.thtml">RESTful API (Swagger)</a>
- </b>
- </p>
- <p>
- provides access to a Swagger UI for convenient access
- to (a subset of) the automatically generated REST API.
- </p>
- <p>
- The full backend API (at <a href="restful/">restful/</a>) renders both simple and also richer
- hypermedia representations of domain objects, the latter conforming to the
- <a href="http://restfulobjects.org" target="_blank">Restful Objects</a> spec.
- </p>
- </li>
- </ul>
-
- <p>
- The default user/password is <b><i>sven/pass</i></b>.
- </p>
-
- </div>
- </body>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+ <meta http-equiv="refresh" content="0;url=/wicket/" />
+</head>
+<body>
+<div id="wrapper">
+ <!-- we just redirect immediately, because swagger/restful API not configured to use spring security -->
+</div>
+</body>
</html>