Repository: shiro Updated Branches: refs/heads/master e8ba5cbef -> 03c676eda
Corrected and excluded sample project packages from coverage Project: http://git-wip-us.apache.org/repos/asf/shiro/repo Commit: http://git-wip-us.apache.org/repos/asf/shiro/commit/5e35941d Tree: http://git-wip-us.apache.org/repos/asf/shiro/tree/5e35941d Diff: http://git-wip-us.apache.org/repos/asf/shiro/diff/5e35941d Branch: refs/heads/master Commit: 5e35941d8b35bd0e48505a54c47877340303adcf Parents: e8ba5cb Author: Brian Demers <[email protected]> Authored: Wed Nov 9 10:56:43 2016 -0500 Committer: Brian Demers <[email protected]> Committed: Wed Nov 9 10:56:43 2016 -0500 ---------------------------------------------------------------------- pom.xml | 5 + .../shiro/sample/jaxrs/SampleApplication.java | 50 --------- .../sample/jaxrs/resources/HelloResource.java | 37 ------- .../sample/jaxrs/resources/SecureResource.java | 75 ------------- .../shiro/samples/jaxrs/SampleApplication.java | 50 +++++++++ .../samples/jaxrs/resources/HelloResource.java | 37 +++++++ .../samples/jaxrs/resources/SecureResource.java | 75 +++++++++++++ .../jaxrs/src/main/webapp/WEB-INF/web.cxf.xml | 2 +- .../shiro/examples/AccountInfoController.java | 53 --------- .../apache/shiro/examples/HelloController.java | 61 ----------- .../apache/shiro/examples/LoginController.java | 34 ------ .../examples/RestrictedErrorController.java | 52 --------- .../java/org/apache/shiro/examples/WebApp.java | 108 ------------------- .../shiro/samples/AccountInfoController.java | 52 +++++++++ .../apache/shiro/samples/HelloController.java | 61 +++++++++++ .../apache/shiro/samples/LoginController.java | 34 ++++++ .../samples/RestrictedErrorController.java | 52 +++++++++ .../java/org/apache/shiro/samples/WebApp.java | 106 ++++++++++++++++++ 18 files changed, 473 insertions(+), 471 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 8fe6095..939e78b 100644 --- a/pom.xml +++ b/pom.xml @@ -308,6 +308,11 @@ <groupId>org.jacoco</groupId> <artifactId>jacoco-maven-plugin</artifactId> <version>0.7.7.201606060606</version> + <configuration> + <excludes> + <exclude>org.apache.shiro.samples.**</exclude> + </excludes> + </configuration> </plugin> <plugin> <groupId>com.mycila</groupId> http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/SampleApplication.java ---------------------------------------------------------------------- diff --git a/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/SampleApplication.java b/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/SampleApplication.java deleted file mode 100644 index 9400af0..0000000 --- a/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/SampleApplication.java +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.sample.jaxrs; - -import org.apache.shiro.sample.jaxrs.resources.HelloResource; -import org.apache.shiro.sample.jaxrs.resources.SecureResource; -import org.apache.shiro.web.jaxrs.ShiroFeature; - -import javax.ws.rs.ApplicationPath; -import javax.ws.rs.core.Application; -import java.util.HashSet; -import java.util.Set; - -/** - * Simple JAX-RS {@link Application} that is implementation agnostic. - * @since 1.4 - */ -@ApplicationPath("/") -public class SampleApplication extends Application { - - @Override - public Set<Class<?>> getClasses() { - Set<Class<?>> classes = new HashSet<Class<?>>(); - - // register Shiro - classes.add(ShiroFeature.class); - - // register resources - classes.add(HelloResource.class); - classes.add(SecureResource.class); - - return classes; - } -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/HelloResource.java ---------------------------------------------------------------------- diff --git a/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/HelloResource.java b/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/HelloResource.java deleted file mode 100644 index 458fda5..0000000 --- a/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/HelloResource.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.sample.jaxrs.resources; - - -import javax.ws.rs.DefaultValue; -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.QueryParam; - -@Path("say") -public class HelloResource { - - - @Produces({"application/json","plain/text"}) - @GET - public String saySomething(@QueryParam("words") @DefaultValue("Hello!") String words) { - return words; - } -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/SecureResource.java ---------------------------------------------------------------------- diff --git a/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/SecureResource.java b/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/SecureResource.java deleted file mode 100644 index 59650ee..0000000 --- a/samples/jaxrs/src/main/java/org/apache/shiro/sample/jaxrs/resources/SecureResource.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.sample.jaxrs.resources; - - -import org.apache.shiro.authz.annotation.RequiresAuthentication; -import org.apache.shiro.authz.annotation.RequiresGuest; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.apache.shiro.authz.annotation.RequiresRoles; -import org.apache.shiro.authz.annotation.RequiresUser; - -import javax.ws.rs.DefaultValue; -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.QueryParam; - -@Path("secure") -@Produces({"application/json","plain/text"}) -public class SecureResource { - - - @RequiresPermissions("lightsaber:requiresPermissions") - @Path("RequiresPermissions") - @GET - public String protectedByRequiresPermissions() { - return "protected"; - } - - @RequiresRoles("admin") - @Path("RequiresRoles") - @GET - public String protectedByRequiresRoles() { - return "protected"; - } - - @RequiresUser - @Path("RequiresUser") - @GET - public String protectedByRequiresUser() { - return "protected"; - } - - @RequiresGuest - @Path("RequiresGuest") - @GET - public String protectedByRequiresGuest() { - return "not protected"; - } - - @RequiresAuthentication - @Path("RequiresAuthentication") - @GET - public String protectedByRequiresAuthentication() { - return "protected"; - } - - -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/SampleApplication.java ---------------------------------------------------------------------- diff --git a/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/SampleApplication.java b/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/SampleApplication.java new file mode 100644 index 0000000..b7ae949 --- /dev/null +++ b/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/SampleApplication.java @@ -0,0 +1,50 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples.jaxrs; + +import org.apache.shiro.samples.jaxrs.resources.HelloResource; +import org.apache.shiro.samples.jaxrs.resources.SecureResource; +import org.apache.shiro.web.jaxrs.ShiroFeature; + +import javax.ws.rs.ApplicationPath; +import javax.ws.rs.core.Application; +import java.util.HashSet; +import java.util.Set; + +/** + * Simple JAX-RS {@link Application} that is implementation agnostic. + * @since 1.4 + */ +@ApplicationPath("/") +public class SampleApplication extends Application { + + @Override + public Set<Class<?>> getClasses() { + Set<Class<?>> classes = new HashSet<Class<?>>(); + + // register Shiro + classes.add(ShiroFeature.class); + + // register resources + classes.add(HelloResource.class); + classes.add(SecureResource.class); + + return classes; + } +} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/HelloResource.java ---------------------------------------------------------------------- diff --git a/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/HelloResource.java b/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/HelloResource.java new file mode 100644 index 0000000..400f503 --- /dev/null +++ b/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/HelloResource.java @@ -0,0 +1,37 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples.jaxrs.resources; + + +import javax.ws.rs.DefaultValue; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; + +@Path("say") +public class HelloResource { + + + @Produces({"application/json","plain/text"}) + @GET + public String saySomething(@QueryParam("words") @DefaultValue("Hello!") String words) { + return words; + } +} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/SecureResource.java ---------------------------------------------------------------------- diff --git a/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/SecureResource.java b/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/SecureResource.java new file mode 100644 index 0000000..c590987 --- /dev/null +++ b/samples/jaxrs/src/main/java/org/apache/shiro/samples/jaxrs/resources/SecureResource.java @@ -0,0 +1,75 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples.jaxrs.resources; + + +import org.apache.shiro.authz.annotation.RequiresAuthentication; +import org.apache.shiro.authz.annotation.RequiresGuest; +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.apache.shiro.authz.annotation.RequiresRoles; +import org.apache.shiro.authz.annotation.RequiresUser; + +import javax.ws.rs.DefaultValue; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; + +@Path("secure") +@Produces({"application/json","plain/text"}) +public class SecureResource { + + + @RequiresPermissions("lightsaber:requiresPermissions") + @Path("RequiresPermissions") + @GET + public String protectedByRequiresPermissions() { + return "protected"; + } + + @RequiresRoles("admin") + @Path("RequiresRoles") + @GET + public String protectedByRequiresRoles() { + return "protected"; + } + + @RequiresUser + @Path("RequiresUser") + @GET + public String protectedByRequiresUser() { + return "protected"; + } + + @RequiresGuest + @Path("RequiresGuest") + @GET + public String protectedByRequiresGuest() { + return "not protected"; + } + + @RequiresAuthentication + @Path("RequiresAuthentication") + @GET + public String protectedByRequiresAuthentication() { + return "protected"; + } + + +} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/jaxrs/src/main/webapp/WEB-INF/web.cxf.xml ---------------------------------------------------------------------- diff --git a/samples/jaxrs/src/main/webapp/WEB-INF/web.cxf.xml b/samples/jaxrs/src/main/webapp/WEB-INF/web.cxf.xml index f39600f..3e5fbe9 100644 --- a/samples/jaxrs/src/main/webapp/WEB-INF/web.cxf.xml +++ b/samples/jaxrs/src/main/webapp/WEB-INF/web.cxf.xml @@ -29,7 +29,7 @@ <servlet-class>org.apache.cxf.jaxrs.servlet.CXFNonSpringJaxrsServlet</servlet-class> <init-param> <param-name>javax.ws.rs.Application</param-name> - <param-value>org.apache.shiro.sample.jaxrs.SampleApplication</param-value> + <param-value>org.apache.shiro.samples.jaxrs.SampleApplication</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/AccountInfoController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/AccountInfoController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/AccountInfoController.java deleted file mode 100644 index 3171983..0000000 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/AccountInfoController.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.examples; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.annotation.RequiresRoles; -import org.apache.shiro.subject.PrincipalCollection; -import org.apache.shiro.subject.Subject; -import org.apache.shiro.util.CollectionUtils; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.RequestMapping; - - -@Controller -public class AccountInfoController { - - @RequiresRoles("admin") - @RequestMapping("/account-info") - public String home(Model model) { - - String name = "World"; - - Subject subject = SecurityUtils.getSubject(); - - PrincipalCollection principalCollection = subject.getPrincipals(); - - if (principalCollection != null && !principalCollection.isEmpty()) { - name = principalCollection.getPrimaryPrincipal().toString(); - } - - model.addAttribute("name", name); - - return "account-info"; - } - -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/HelloController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/HelloController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/HelloController.java deleted file mode 100644 index 655b7b3..0000000 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/HelloController.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.examples; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.subject.PrincipalCollection; -import org.apache.shiro.subject.Subject; -import org.apache.shiro.util.CollectionUtils; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.RequestMapping; - -import javax.servlet.http.HttpServletRequest; -import java.util.Collection; -import java.util.Map; - -@Controller -public class HelloController { - - @SuppressWarnings("Duplicates") - @RequestMapping("/") - public String home(HttpServletRequest request, Model model) { - - String name = "World"; - - Subject subject = SecurityUtils.getSubject(); - - PrincipalCollection principalCollection = subject.getPrincipals(); - - if (principalCollection != null && !principalCollection.isEmpty()) { - Collection<Map> principalMaps = subject.getPrincipals().byType(Map.class); - if (CollectionUtils.isEmpty(principalMaps)) { - name = subject.getPrincipal().toString(); - } - else { - name = (String) principalMaps.iterator().next().get("username"); - } - } - - model.addAttribute("name", name); - - return "hello"; - } - -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/LoginController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/LoginController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/LoginController.java deleted file mode 100644 index 7667795..0000000 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/LoginController.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.examples; - -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; - - -@Controller -public class LoginController { - - @RequestMapping("/login.html") - public String loginTemplate() { - - return "login"; - } - -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/RestrictedErrorController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/RestrictedErrorController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/RestrictedErrorController.java deleted file mode 100644 index 240a8fc..0000000 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/RestrictedErrorController.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.examples; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.autoconfigure.web.ErrorAttributes; -import org.springframework.boot.autoconfigure.web.ErrorController; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.context.request.ServletRequestAttributes; - -import javax.servlet.http.HttpServletRequest; -import java.util.Map; - -/** - */ -@Controller -public class RestrictedErrorController implements ErrorController { - private static final String ERROR_PATH = "/error"; - - @Autowired - private ErrorAttributes errorAttributes; - - @Override - public String getErrorPath() { - return ERROR_PATH; - } - - @RequestMapping(ERROR_PATH) - String error(HttpServletRequest request, Model model) { - Map<String, Object> errorMap = errorAttributes.getErrorAttributes(new ServletRequestAttributes(request), false); - model.addAttribute("errors", errorMap); - return "error"; - } -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/WebApp.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/WebApp.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/WebApp.java deleted file mode 100644 index 3871b4a..0000000 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/examples/WebApp.java +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.examples; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.AuthorizationException; -import org.apache.shiro.realm.Realm; -import org.apache.shiro.realm.text.TextConfigurationRealm; -import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition; -import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition; -import org.apache.shiro.subject.Subject; -import org.apache.shiro.web.filter.mgt.DefaultFilter; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpStatus; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.ControllerAdvice; -import org.springframework.web.bind.annotation.ExceptionHandler; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.ResponseStatus; - -import java.security.Security; -import java.util.HashMap; -import java.util.Map; - -@Configuration -@ControllerAdvice -@SpringBootApplication -public class WebApp { //NOPMD - - private static Logger log = LoggerFactory.getLogger(WebApp.class); - - public static void main(String[] args) { - - SpringApplication.run(WebApp.class, args); - } - - @ExceptionHandler(AuthorizationException.class) - @ResponseStatus(HttpStatus.FORBIDDEN) - public String handleException(AuthorizationException e, Model model) { - - // you could return a 404 here instead (this is how github handles 403, so the user does NOT know there is a - // resource at that location) - log.debug("AuthorizationException was thrown", e); - - Map<String, Object> map = new HashMap<String, Object>(); - map.put("status", HttpStatus.FORBIDDEN.value()); - map.put("message", "No message available"); - model.addAttribute("errors", map); - - return "error"; - } - -// -// @Bean -// public ShiroFilterChainDefinition shiroFilterChainDefinition() { -// DefaultShiroFilterChainDefinition filterChainDefinition = new DefaultShiroFilterChainDefinition(); -// filterChainDefinition.addPathDefinition("/assets/**", DefaultFilter.anon.name()); // static web resources -// filterChainDefinition.addPathDefinition("/", DefaultFilter.anon.name()); // the welcome page allows guest or logged in users -// filterChainDefinition.addPathDefinition("/account-info", DefaultFilter.authc.name()); // the account-info page requires a user -// return filterChainDefinition; -// } - - @Bean - public Realm realm() { - TextConfigurationRealm realm = new TextConfigurationRealm(); - realm.setUserDefinitions("joe.coder=password,user\n" + - "jill.coder=password,admin"); - - realm.setRoleDefinitions("admin=read,write\n" + - "user=read"); - realm.setCachingEnabled(true); - return realm; - } - - @Bean - public ShiroFilterChainDefinition shiroFilterChainDefinition() { - DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition(); - chainDefinition.addPathDefinition("/login.html", "authc"); // need to accept POSTs from the login form - chainDefinition.addPathDefinition("/logout", "logout"); - return chainDefinition; - } - - @ModelAttribute(name = "subject") - public Subject subject() { - return SecurityUtils.getSubject(); - } -} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/AccountInfoController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/AccountInfoController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/AccountInfoController.java new file mode 100644 index 0000000..5c75380 --- /dev/null +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/AccountInfoController.java @@ -0,0 +1,52 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples; + +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.authz.annotation.RequiresRoles; +import org.apache.shiro.subject.PrincipalCollection; +import org.apache.shiro.subject.Subject; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.RequestMapping; + + +@Controller +public class AccountInfoController { + + @RequiresRoles("admin") + @RequestMapping("/account-info") + public String home(Model model) { + + String name = "World"; + + Subject subject = SecurityUtils.getSubject(); + + PrincipalCollection principalCollection = subject.getPrincipals(); + + if (principalCollection != null && !principalCollection.isEmpty()) { + name = principalCollection.getPrimaryPrincipal().toString(); + } + + model.addAttribute("name", name); + + return "account-info"; + } + +} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java new file mode 100644 index 0000000..775f0ca --- /dev/null +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java @@ -0,0 +1,61 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples; + +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.subject.PrincipalCollection; +import org.apache.shiro.subject.Subject; +import org.apache.shiro.util.CollectionUtils; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.RequestMapping; + +import javax.servlet.http.HttpServletRequest; +import java.util.Collection; +import java.util.Map; + +@Controller +public class HelloController { + + @SuppressWarnings("Duplicates") + @RequestMapping("/") + public String home(HttpServletRequest request, Model model) { + + String name = "World"; + + Subject subject = SecurityUtils.getSubject(); + + PrincipalCollection principalCollection = subject.getPrincipals(); + + if (principalCollection != null && !principalCollection.isEmpty()) { + Collection<Map> principalMaps = subject.getPrincipals().byType(Map.class); + if (CollectionUtils.isEmpty(principalMaps)) { + name = subject.getPrincipal().toString(); + } + else { + name = (String) principalMaps.iterator().next().get("username"); + } + } + + model.addAttribute("name", name); + + return "hello"; + } + +} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/LoginController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/LoginController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/LoginController.java new file mode 100644 index 0000000..f90fe33 --- /dev/null +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/LoginController.java @@ -0,0 +1,34 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; + + +@Controller +public class LoginController { + + @RequestMapping("/login.html") + public String loginTemplate() { + + return "login"; + } + +} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java new file mode 100644 index 0000000..e283c1e --- /dev/null +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java @@ -0,0 +1,52 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.web.ErrorAttributes; +import org.springframework.boot.autoconfigure.web.ErrorController; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.context.request.ServletRequestAttributes; + +import javax.servlet.http.HttpServletRequest; +import java.util.Map; + +/** + */ +@Controller +public class RestrictedErrorController implements ErrorController { + private static final String ERROR_PATH = "/error"; + + @Autowired + private ErrorAttributes errorAttributes; + + @Override + public String getErrorPath() { + return ERROR_PATH; + } + + @RequestMapping(ERROR_PATH) + String error(HttpServletRequest request, Model model) { + Map<String, Object> errorMap = errorAttributes.getErrorAttributes(new ServletRequestAttributes(request), false); + model.addAttribute("errors", errorMap); + return "error"; + } +} http://git-wip-us.apache.org/repos/asf/shiro/blob/5e35941d/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java ---------------------------------------------------------------------- diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java new file mode 100644 index 0000000..505a78c --- /dev/null +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java @@ -0,0 +1,106 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.shiro.samples; + +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.authz.AuthorizationException; +import org.apache.shiro.realm.Realm; +import org.apache.shiro.realm.text.TextConfigurationRealm; +import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition; +import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition; +import org.apache.shiro.subject.Subject; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpStatus; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.ResponseStatus; + +import java.util.HashMap; +import java.util.Map; + +@Configuration +@ControllerAdvice +@SpringBootApplication +public class WebApp { //NOPMD + + private static Logger log = LoggerFactory.getLogger(WebApp.class); + + public static void main(String[] args) { + + SpringApplication.run(WebApp.class, args); + } + + @ExceptionHandler(AuthorizationException.class) + @ResponseStatus(HttpStatus.FORBIDDEN) + public String handleException(AuthorizationException e, Model model) { + + // you could return a 404 here instead (this is how github handles 403, so the user does NOT know there is a + // resource at that location) + log.debug("AuthorizationException was thrown", e); + + Map<String, Object> map = new HashMap<String, Object>(); + map.put("status", HttpStatus.FORBIDDEN.value()); + map.put("message", "No message available"); + model.addAttribute("errors", map); + + return "error"; + } + +// +// @Bean +// public ShiroFilterChainDefinition shiroFilterChainDefinition() { +// DefaultShiroFilterChainDefinition filterChainDefinition = new DefaultShiroFilterChainDefinition(); +// filterChainDefinition.addPathDefinition("/assets/**", DefaultFilter.anon.name()); // static web resources +// filterChainDefinition.addPathDefinition("/", DefaultFilter.anon.name()); // the welcome page allows guest or logged in users +// filterChainDefinition.addPathDefinition("/account-info", DefaultFilter.authc.name()); // the account-info page requires a user +// return filterChainDefinition; +// } + + @Bean + public Realm realm() { + TextConfigurationRealm realm = new TextConfigurationRealm(); + realm.setUserDefinitions("joe.coder=password,user\n" + + "jill.coder=password,admin"); + + realm.setRoleDefinitions("admin=read,write\n" + + "user=read"); + realm.setCachingEnabled(true); + return realm; + } + + @Bean + public ShiroFilterChainDefinition shiroFilterChainDefinition() { + DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition(); + chainDefinition.addPathDefinition("/login.html", "authc"); // need to accept POSTs from the login form + chainDefinition.addPathDefinition("/logout", "logout"); + return chainDefinition; + } + + @ModelAttribute(name = "subject") + public Subject subject() { + return SecurityUtils.getSubject(); + } +}
