This is an automated email from the ASF dual-hosted git repository. lprimak pushed a commit to branch 3.x in repository https://gitbox.apache.org/repos/asf/shiro.git
commit da7b0e89497d2bfe5dfbe9b35aeab4cf7c2a5daa Author: lprimak <[email protected]> AuthorDate: Wed Feb 4 19:57:38 2026 -0600 added back spring-boot-web --- .mvn/maven.config | 1 - pom.xml | 1 + samples/pom.xml | 11 +- samples/spring-boot-3-web/README.md | 18 --- samples/spring-boot-3-web/pom.xml | 165 --------------------- .../shiro/samples/AccountInfoController.java | 52 ------- .../org/apache/shiro/samples/HelloController.java | 61 -------- .../org/apache/shiro/samples/LoginController.java | 34 ----- .../shiro/samples/RestrictedErrorController.java | 57 ------- .../main/java/org/apache/shiro/samples/WebApp.java | 98 ------------ .../src/main/resources/META-INF/NOTICE | 15 -- .../src/main/resources/application.properties | 26 ---- .../src/main/resources/templates/account-info.html | 39 ----- .../src/main/resources/templates/error.html | 39 ----- .../main/resources/templates/fragments/head.html | 58 -------- .../src/main/resources/templates/hello.html | 45 ------ .../src/main/resources/templates/login.html | 93 ------------ samples/spring-boot-web/README.md | 5 +- samples/spring-boot-web/pom.xml | 79 +++++----- .../org/apache/shiro/samples/HelloController.java | 4 +- .../shiro/samples/RestrictedErrorController.java | 12 +- .../main/java/org/apache/shiro/samples/WebApp.java | 3 + .../src/main/resources/log4j2.properties | 0 .../src/main/resources/templates/account-info.html | 2 +- .../src/main/resources/templates/error.html | 4 +- .../src/main/resources/templates/hello.html | 2 +- .../src/main/resources/templates/login.html | 2 +- samples/web/pom.xml | 1 - support/pom.xml | 11 +- 29 files changed, 66 insertions(+), 872 deletions(-) diff --git a/.mvn/maven.config b/.mvn/maven.config index 9e6e1bb97..ac68ccb77 100644 --- a/.mvn/maven.config +++ b/.mvn/maven.config @@ -1,2 +1 @@ --P-deferred-for-3x -Djapicmp.skip=true diff --git a/pom.xml b/pom.xml index 01c7e7247..372b5e061 100644 --- a/pom.xml +++ b/pom.xml @@ -107,6 +107,7 @@ <hsqldb.version>2.7.4</hsqldb.version> <jcache.api.version>1.1.1</jcache.api.version> <jdk.version>17</jdk.version> + <tomcat.version>11.0.18</tomcat.version> <jetty.version>12.1.6</jetty.version> <owasp.java.encoder.version>1.4.0</owasp.java.encoder.version> <!-- Don't change this version without also changing the shiro-quartz and shiro-features diff --git a/samples/pom.xml b/samples/pom.xml index c6310c649..ba95d526b 100644 --- a/samples/pom.xml +++ b/samples/pom.xml @@ -49,18 +49,9 @@ <module>spring-mvc</module> <module>spring-hibernate</module> <module>spring-boot</module> + <module>spring-boot-web</module> </modules> - <profiles> - <profile> - <id>deferred-for-3x</id> - <modules> - <module>spring-boot-web</module> - <module>spring-boot-3-web</module> - </modules> - </profile> - </profiles> - <reporting> <plugins> <plugin> diff --git a/samples/spring-boot-3-web/README.md b/samples/spring-boot-3-web/README.md deleted file mode 100644 index bf33169a6..000000000 --- a/samples/spring-boot-3-web/README.md +++ /dev/null @@ -1,18 +0,0 @@ -Apache Shiro + Spring Boot 3 Web Example -================================= - -A Spring Boot example web application that show the usage of a user login, checking permissions, and annotation -protected methods. - -Run the Example ---------------- - -``` -mvn spring-boot:run -``` - -Browse to `http://localhost:8080/` - -Or deploy to Heroku: - -[](https://heroku.com/deploy?template=https://github.com/bdemers/heroku-examples-runner&env\[ARTIFACT_ID\]=samples-spring-boot-web&&env\[RUNNER\]=spring-boot) diff --git a/samples/spring-boot-3-web/pom.xml b/samples/spring-boot-3-web/pom.xml deleted file mode 100644 index 69d640939..000000000 --- a/samples/spring-boot-3-web/pom.xml +++ /dev/null @@ -1,165 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - ~ Licensed to the Apache Software Foundation (ASF) under one - ~ or more contributor license agreements. See the NOTICE file - ~ distributed with this work for additional information - ~ regarding copyright ownership. The ASF licenses this file - ~ to you under the Apache License, Version 2.0 (the - ~ "License"); you may not use this file except in compliance - ~ with the License. You may obtain a copy of the License at - ~ - ~ http://www.apache.org/licenses/LICENSE-2.0 - ~ - ~ Unless required by applicable law or agreed to in writing, - ~ software distributed under the License is distributed on an - ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - ~ KIND, either express or implied. See the License for the - ~ specific language governing permissions and limitations - ~ under the License. - --> -<!--suppress osmorcNonOsgiMavenDependency --> -<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/maven-v4_0_0.xsd";> - - <modelVersion>4.0.0</modelVersion> - - <parent> - <groupId>org.apache.shiro.samples</groupId> - <artifactId>shiro-samples</artifactId> - <version>999-SNAPSHOT</version> - </parent> - - <artifactId>samples-spring-boot-3-web</artifactId> - <name>Apache Shiro :: Samples :: Spring Boot 3 Web</name> - <packaging>war</packaging> - - <properties> - <module.name>samples.spring.boot3.web</module.name> - <spring-boot3.version>4.0.1</spring-boot3.version> - <!-- below versions are not necessary in "real" applications --> - <spring.version>7.0.3</spring.version> - </properties> - - <dependencies> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-web</artifactId> - </dependency> - - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-spring-boot-web-starter</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-spring-boot-starter</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-spring</artifactId> - </dependency> - <dependency> - <groupId>org.apache.logging.log4j</groupId> - <artifactId>log4j-slf4j2-impl</artifactId> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>org.apache.logging.log4j</groupId> - <artifactId>log4j-api</artifactId> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>org.apache.logging.log4j</groupId> - <artifactId>log4j-core</artifactId> - <scope>runtime</scope> - </dependency> - - <!-- Spring Boot --> - <dependency> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-starter-thymeleaf</artifactId> - </dependency> - <dependency> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-configuration-processor</artifactId> - <optional>true</optional> - </dependency> - - <!-- below dependencies may not be necessary in "real" applications --> - <dependency> - <groupId>jakarta.servlet</groupId> - <artifactId>jakarta.servlet-api</artifactId> - <scope>provided</scope> - </dependency> - </dependencies> - - <dependencyManagement> - <dependencies> - <dependency> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-dependencies</artifactId> - <version>${spring-boot3.version}</version> - <type>pom</type> - <scope>import</scope> - <exclusions> - <exclusion> - <groupId>org.junit.jupiter</groupId> - <artifactId>*</artifactId> - </exclusion> - <exclusion> - <groupId>org.junit.platform</groupId> - <artifactId>*</artifactId> - </exclusion> - <exclusion> - <groupId>org.junit.vintage</groupId> - <artifactId>*</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-bom</artifactId> - <version>${project.version}</version> - <scope>import</scope> - <type>pom</type> - </dependency> - <dependency> - <groupId>org.apache.tomcat.embed</groupId> - <artifactId>tomcat-embed-core</artifactId> - <version>11.0.15</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat.embed</groupId> - <artifactId>tomcat-embed-el</artifactId> - <version>11.0.15</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat.embed</groupId> - <artifactId>tomcat-embed-websocket</artifactId> - <version>11.0.15</version> - </dependency> - </dependencies> - </dependencyManagement> - - <build> - <plugins> - <plugin> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-maven-plugin</artifactId> - <version>${spring-boot3.version}</version> - <executions> - <execution> - <goals> - <goal>repackage</goal> - </goals> - </execution> - </executions> - </plugin> - </plugins> - </build> - -</project> diff --git a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/AccountInfoController.java b/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/AccountInfoController.java deleted file mode 100644 index 5c75380ec..000000000 --- a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/AccountInfoController.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.samples; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.annotation.RequiresRoles; -import org.apache.shiro.subject.PrincipalCollection; -import org.apache.shiro.subject.Subject; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.RequestMapping; - - -@Controller -public class AccountInfoController { - - @RequiresRoles("admin") - @RequestMapping("/account-info") - public String home(Model model) { - - String name = "World"; - - Subject subject = SecurityUtils.getSubject(); - - PrincipalCollection principalCollection = subject.getPrincipals(); - - if (principalCollection != null && !principalCollection.isEmpty()) { - name = principalCollection.getPrimaryPrincipal().toString(); - } - - model.addAttribute("name", name); - - return "account-info"; - } - -} diff --git a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/HelloController.java b/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/HelloController.java deleted file mode 100644 index 2861c2406..000000000 --- a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/HelloController.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.samples; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.subject.PrincipalCollection; -import org.apache.shiro.subject.Subject; -import org.apache.shiro.util.CollectionUtils; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.RequestMapping; - -import jakarta.servlet.http.HttpServletRequest; - -import java.util.Collection; -import java.util.Map; - -@Controller -public class HelloController { - - @SuppressWarnings("Duplicates") - @RequestMapping("/") - public String home(HttpServletRequest request, Model model) { - - String name = "World"; - - Subject subject = SecurityUtils.getSubject(); - - PrincipalCollection principalCollection = subject.getPrincipals(); - - if (principalCollection != null && !principalCollection.isEmpty()) { - Collection<Map> principalMaps = subject.getPrincipals().byType(Map.class); - if (CollectionUtils.isEmpty(principalMaps)) { - name = subject.getPrincipal().toString(); - } else { - name = (String) principalMaps.iterator().next().get("username"); - } - } - - model.addAttribute("name", name); - - return "hello"; - } - -} diff --git a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/LoginController.java b/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/LoginController.java deleted file mode 100644 index f90fe337a..000000000 --- a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/LoginController.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.samples; - -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; - - -@Controller -public class LoginController { - - @RequestMapping("/login.html") - public String loginTemplate() { - - return "login"; - } - -} diff --git a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java b/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java deleted file mode 100644 index 35a46721f..000000000 --- a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.samples; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.web.servlet.error.ErrorAttributes; -import org.springframework.boot.web.servlet.error.ErrorController; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.context.request.ServletWebRequest; - -import jakarta.servlet.http.HttpServletRequest; - -import java.util.Map; -import static org.springframework.boot.web.error.ErrorAttributeOptions.Include.MESSAGE; -import static org.springframework.boot.web.error.ErrorAttributeOptions.Include.STATUS; -import static org.springframework.boot.web.error.ErrorAttributeOptions.of; - -/** - * - */ -@Controller -public class RestrictedErrorController implements ErrorController { - private static final String ERROR_PATH = "/error"; - - @Autowired - private ErrorAttributes errorAttributes; - - public String getErrorPath() { - return ERROR_PATH; - } - - @RequestMapping(ERROR_PATH) - String error(HttpServletRequest request, Model model) { - Map<String, Object> errorMap = errorAttributes.getErrorAttributes( - new ServletWebRequest(request), of(STATUS, MESSAGE)); - model.addAttribute("errors", errorMap); - return "error"; - } -} diff --git a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/WebApp.java b/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/WebApp.java deleted file mode 100644 index c347ed875..000000000 --- a/samples/spring-boot-3-web/src/main/java/org/apache/shiro/samples/WebApp.java +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.shiro.samples; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.AuthorizationException; -import org.apache.shiro.realm.Realm; -import org.apache.shiro.realm.text.TextConfigurationRealm; -import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition; -import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition; -import org.apache.shiro.subject.Subject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpStatus; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.ControllerAdvice; -import org.springframework.web.bind.annotation.ExceptionHandler; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.ResponseStatus; - -import java.util.HashMap; -import java.util.Map; - -/** - * NOPMD - */ -@Configuration -@ControllerAdvice -@SpringBootApplication -public class WebApp { - - private static Logger log = LoggerFactory.getLogger(WebApp.class); - - public static void main(String[] args) { - - SpringApplication.run(WebApp.class, args); - } - - @ExceptionHandler(AuthorizationException.class) - @ResponseStatus(HttpStatus.FORBIDDEN) - public String handleException(AuthorizationException e, Model model) { - - // you could return a 404 here instead (this is how github handles 403, so the user does NOT know there is a - // resource at that location) - log.debug("AuthorizationException was thrown", e); - - Map<String, Object> map = new HashMap<String, Object>(); - map.put("status", HttpStatus.FORBIDDEN.value()); - map.put("message", "No message available"); - model.addAttribute("errors", map); - - return "error"; - } - - @Bean - public Realm realm() { - TextConfigurationRealm realm = new TextConfigurationRealm(); - realm.setUserDefinitions("joe.coder=password,user\n" + "jill.coder=password,admin"); - - realm.setRoleDefinitions("admin=read,write\n" + "user=read"); - realm.setCachingEnabled(true); - return realm; - } - - @Bean - public ShiroFilterChainDefinition shiroFilterChainDefinition() { - DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition(); - // need to accept POSTs from the login form - chainDefinition.addPathDefinition("/login.html", "authc"); - chainDefinition.addPathDefinition("/logout", "logout"); - return chainDefinition; - } - - @ModelAttribute(name = "subject") - public Subject subject() { - return SecurityUtils.getSubject(); - } -} diff --git a/samples/spring-boot-3-web/src/main/resources/META-INF/NOTICE b/samples/spring-boot-3-web/src/main/resources/META-INF/NOTICE deleted file mode 100644 index bdc909e8c..000000000 --- a/samples/spring-boot-3-web/src/main/resources/META-INF/NOTICE +++ /dev/null @@ -1,15 +0,0 @@ -Apache Shiro -Copyright 2008-2020 The Apache Software Foundation - -This product includes software developed at -The Apache Software Foundation (http://www.apache.org/). - -The implementation for org.apache.shiro.util.SoftHashMap is based -on initial ideas from Dr. Heinz Kabutz's publicly posted version -available at http://www.javaspecialists.eu/archive/Issue015.html, -with continued modifications. - -Certain parts (StringUtils, IpAddressMatcher, etc.) of the source -code for this product was copied for simplicity and to reduce -dependencies from the source code developed by the Spring Framework -Project (http://www.springframework.org). diff --git a/samples/spring-boot-3-web/src/main/resources/application.properties b/samples/spring-boot-3-web/src/main/resources/application.properties deleted file mode 100644 index d4a9810ea..000000000 --- a/samples/spring-boot-3-web/src/main/resources/application.properties +++ /dev/null @@ -1,26 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -shiro.loginUrl = /login.html - -# Let Shiro Manage the sessions -shiro.userNativeSessionManager = true - -# disable URL session rewriting -shiro.sessionManager.sessionIdUrlRewritingEnabled = false diff --git a/samples/spring-boot-3-web/src/main/resources/templates/account-info.html b/samples/spring-boot-3-web/src/main/resources/templates/account-info.html deleted file mode 100644 index 601dcbf55..000000000 --- a/samples/spring-boot-3-web/src/main/resources/templates/account-info.html +++ /dev/null @@ -1,39 +0,0 @@ -<!-- - ~ Licensed to the Apache Software Foundation (ASF) under one - ~ or more contributor license agreements. See the NOTICE file - ~ distributed with this work for additional information - ~ regarding copyright ownership. The ASF licenses this file - ~ to you under the Apache License, Version 2.0 (the - ~ "License"); you may not use this file except in compliance - ~ with the License. You may obtain a copy of the License at - ~ - ~ http://www.apache.org/licenses/LICENSE-2.0 - ~ - ~ Unless required by applicable law or agreed to in writing, - ~ software distributed under the License is distributed on an - ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - ~ KIND, either express or implied. See the License for the - ~ specific language governing permissions and limitations - ~ under the License. - --> -<!DOCTYPE HTML> -<html xmlns:th="http://www.thymeleaf.org";> -<head> - <title>Account Info</title> - <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> -</head> -<body> -<div class="container"> - <h1 th:text="'Account Info Page for: ' + ${name} + '!'"/> - - <a th:href="@{/}" class="btn btn-primary">Home</a> - - <form id="logoutForm" th:action="@{/logout}" method="post"> - <input type="submit" class="btn btn-danger" value="Logout"/> - </form> - -</div> -<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script> -<script src="https://netdna.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js";></script> -</body> -</html> diff --git a/samples/spring-boot-3-web/src/main/resources/templates/error.html b/samples/spring-boot-3-web/src/main/resources/templates/error.html deleted file mode 100644 index 719c081d8..000000000 --- a/samples/spring-boot-3-web/src/main/resources/templates/error.html +++ /dev/null @@ -1,39 +0,0 @@ -<!-- - ~ Licensed to the Apache Software Foundation (ASF) under one - ~ or more contributor license agreements. See the NOTICE file - ~ distributed with this work for additional information - ~ regarding copyright ownership. The ASF licenses this file - ~ to you under the Apache License, Version 2.0 (the - ~ "License"); you may not use this file except in compliance - ~ with the License. You may obtain a copy of the License at - ~ - ~ http://www.apache.org/licenses/LICENSE-2.0 - ~ - ~ Unless required by applicable law or agreed to in writing, - ~ software distributed under the License is distributed on an - ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - ~ KIND, either express or implied. See the License for the - ~ specific language governing permissions and limitations - ~ under the License. - --> -<html xmlns:th="http://www.thymeleaf.org";> -<head> - <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> -</head> -<body> -<div class="container-fluid"> - <div class="row"> - <div class="box col-md-6 col-md-offset-3"> - <div class="custom-header"> - <img src="https://shiro.apache.org/images/apache-shiro-logo.png"/> - </div> - <div class="logo"> - <h1 th:text="${errors.status}"></h1> - </div> - <p class="lead text-muted" th:text="${errors.message}">Unauthorized</p> - <a href="/" class="btn btn-primary">Go Home</a> - </div> - </div> -</div> -</body> -</html> diff --git a/samples/spring-boot-3-web/src/main/resources/templates/fragments/head.html b/samples/spring-boot-3-web/src/main/resources/templates/fragments/head.html deleted file mode 100644 index fc90b38b6..000000000 --- a/samples/spring-boot-3-web/src/main/resources/templates/fragments/head.html +++ /dev/null @@ -1,58 +0,0 @@ -<!-- - ~ Licensed to the Apache Software Foundation (ASF) under one - ~ or more contributor license agreements. See the NOTICE file - ~ distributed with this work for additional information - ~ regarding copyright ownership. The ASF licenses this file - ~ to you under the Apache License, Version 2.0 (the - ~ "License"); you may not use this file except in compliance - ~ with the License. You may obtain a copy of the License at - ~ - ~ http://www.apache.org/licenses/LICENSE-2.0 - ~ - ~ Unless required by applicable law or agreed to in writing, - ~ software distributed under the License is distributed on an - ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - ~ KIND, either express or implied. See the License for the - ~ specific language governing permissions and limitations - ~ under the License. - --> -<!DOCTYPE html> -<html xmlns:th="http://www.thymeleaf.org";> -<head th:fragment="head"> - <meta charset="utf-8"/> - <meta http-equiv="X-UA-Compatible" content="IE=edge"/> - <meta name="viewport" content="width=device-width, initial-scale=1"/> - <meta name="viewport" content="width=device-width"/> - <link href="https://fonts.googleapis.com/css?family=Open+Sans:300italic,300,400italic,400,600italic,600,700italic,700,800italic,800"; - rel="stylesheet" type="text/css"/> - <link href="https://netdna.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"; rel="stylesheet" - type="text/css"/> - - <style> - body { - margin-top: 60px; - } - - .box { - padding: 50px; - text-align: center; - vertical-align: middle; - } - - .custom-header { - /*background-color: #161616;*/ - border: 2px solid #3254a0; - } - </style> - - <!--[if lt IE 9]> - <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.2/html5shiv.js";></script> - <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js";></script> - <![endif]--> - <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js";></script> - <script src="https://netdna.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js";></script> -</head> -<body> -<p>Nothing to see here, move along.</p> -</body> -</html> diff --git a/samples/spring-boot-3-web/src/main/resources/templates/hello.html b/samples/spring-boot-3-web/src/main/resources/templates/hello.html deleted file mode 100644 index 0d6c46528..000000000 --- a/samples/spring-boot-3-web/src/main/resources/templates/hello.html +++ /dev/null @@ -1,45 +0,0 @@ -<!-- - ~ Licensed to the Apache Software Foundation (ASF) under one - ~ or more contributor license agreements. See the NOTICE file - ~ distributed with this work for additional information - ~ regarding copyright ownership. The ASF licenses this file - ~ to you under the Apache License, Version 2.0 (the - ~ "License"); you may not use this file except in compliance - ~ with the License. You may obtain a copy of the License at - ~ - ~ http://www.apache.org/licenses/LICENSE-2.0 - ~ - ~ Unless required by applicable law or agreed to in writing, - ~ software distributed under the License is distributed on an - ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - ~ KIND, either express or implied. See the License for the - ~ specific language governing permissions and limitations - ~ under the License. - --> -<!DOCTYPE HTML> -<html xmlns:th="http://www.thymeleaf.org";> -<head> - <title>Getting Started: Serving Web Content</title> - <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> -</head> -<body> -<div class="container"> - <h1 th:text="'Hello, ' + ${name} + '!'"/> - - <div th:unless="${subject.authenticated}"> - <a th:href="@{/login.html}" class="btn btn-primary">Login</a> - </div> - <div th:if="${subject.authenticated}"> - <h4 th:text="'Principal: ' + ${subject.principal}"></h4> - <form id="logoutForm" th:action="@{/logout}" method="post"> - <input type="submit" class="btn btn-danger" value="Logout"/> - </form> - </div> - - <h4><a th:href="@{/account-info}" class="btn btn-primary">Account info</a> (Requires 'admin' role.)</h4> - -</div> -<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script> -<script src="https://netdna.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js";></script> -</body> -</html> diff --git a/samples/spring-boot-3-web/src/main/resources/templates/login.html b/samples/spring-boot-3-web/src/main/resources/templates/login.html deleted file mode 100644 index fde30c743..000000000 --- a/samples/spring-boot-3-web/src/main/resources/templates/login.html +++ /dev/null @@ -1,93 +0,0 @@ -<!-- - ~ Licensed to the Apache Software Foundation (ASF) under one - ~ or more contributor license agreements. See the NOTICE file - ~ distributed with this work for additional information - ~ regarding copyright ownership. The ASF licenses this file - ~ to you under the Apache License, Version 2.0 (the - ~ "License"); you may not use this file except in compliance - ~ with the License. You may obtain a copy of the License at - ~ - ~ http://www.apache.org/licenses/LICENSE-2.0 - ~ - ~ Unless required by applicable law or agreed to in writing, - ~ software distributed under the License is distributed on an - ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - ~ KIND, either express or implied. See the License for the - ~ specific language governing permissions and limitations - ~ under the License. - --> -<!DOCTYPE HTML> -<html> -<head> - <title>Getting Started: Serving Web Content</title> - <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> -</head> -<body> -<div class="container"> - - - <div class="row"> - <div class="col-md-4 col-md-offset-4"> - <p>Here are a few sample accounts to play with from the text-based Realm</p> - <table class="table"> - <thead> - <tr> - <th>Username</th> - <th>Password</th> - <th>Roles</th> - </tr> - </thead> - <tbody> - <tr> - <td>joe.coder</td> - <td>password</td> - <td>user</td> - </tr> - <tr> - <td>jill.coder</td> - <td>password</td> - <td>admin</td> - </tr> - </tbody> - </table> - </div> - </div> - - <div class="row"> - <div class="col-md-4 col-md-offset-4"> - <div class="panel panel-default"> - <div class="panel-heading"> - <h3 class="panel-title">Login</h3> - </div> - <div class="panel-body"> - <form name="loginform" action="" method="POST" accept-charset="UTF-8" role="form"> - <fieldset> - <div class="form-group"> - <input class="form-control" placeholder="Username or Email" name="username" - type="text"/> - </div> - <div class="form-group"> - <input class="form-control" placeholder="Password" name="password" type="password" - value=""/> - </div> - - <input class="btn btn-lg btn-success btn-block" type="submit" value="Login"/> - </fieldset> - </form> - </div> - </div> - </div> - </div> -</div> - -<!-- jQuery (necessary for Bootstrap's JavaScript plugins) --> -<script src="https://code.jquery.com/jquery.js";></script> -<script src="//netdna.bootstrapcdn.com/bootstrap/3.0.2/js/bootstrap.min.js"></script> -<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries --> -<!-- WARNING: Respond.js doesn't work if you view the page via file:// --> -<!--[if lt IE 9]> -<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js";></script> -<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js";></script> -<![endif]--> -</body> -</html> diff --git a/samples/spring-boot-web/README.md b/samples/spring-boot-web/README.md index 621435cc9..1a7e9ec6f 100644 --- a/samples/spring-boot-web/README.md +++ b/samples/spring-boot-web/README.md @@ -1,7 +1,8 @@ -Apache Shiro + Spring Web Example +Apache Shiro + Spring Boot Web Example ================================= -A Spring Boot example web application that show the usage of a user login, checking permissions, and annotation protected methods. +A Spring Boot example web application that show the usage of a user login, checking permissions, and annotation +protected methods. Run the Example --------------- diff --git a/samples/spring-boot-web/pom.xml b/samples/spring-boot-web/pom.xml index 61087c6fc..746b25bd9 100644 --- a/samples/spring-boot-web/pom.xml +++ b/samples/spring-boot-web/pom.xml @@ -31,85 +31,90 @@ <artifactId>samples-spring-boot-web</artifactId> <name>Apache Shiro :: Samples :: Spring Boot Web</name> + <packaging>war</packaging> + <properties> <module.name>samples.spring.boot.web</module.name> </properties> <dependencies> + <dependency> + <groupId>org.apache.shiro</groupId> + <artifactId>shiro-core</artifactId> + </dependency> + <dependency> + <groupId>org.apache.shiro</groupId> + <artifactId>shiro-web</artifactId> + </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring-boot-web-starter</artifactId> <version>${project.version}</version> </dependency> - <dependency> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-starter-thymeleaf</artifactId> + <groupId>org.apache.shiro</groupId> + <artifactId>shiro-spring-boot-starter</artifactId> + <version>${project.version}</version> </dependency> - <dependency> - <groupId>jakarta.servlet</groupId> - <artifactId>jakarta.servlet-api</artifactId> - <scope>provided</scope> + <groupId>org.apache.shiro</groupId> + <artifactId>shiro-spring</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-slf4j2-impl</artifactId> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <scope>runtime</scope> </dependency> - <!-- Spring --> + <!-- Spring Boot --> <dependency> <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-autoconfigure</artifactId> + <artifactId>spring-boot-starter-thymeleaf</artifactId> + <version>${spring-boot.version}</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-configuration-processor</artifactId> + <version>${spring-boot.version}</version> <optional>true</optional> </dependency> + <!-- below dependencies may not be necessary in "real" applications --> <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - <version>${commons.logging.version}</version> + <groupId>jakarta.servlet</groupId> + <artifactId>jakarta.servlet-api</artifactId> + <scope>provided</scope> </dependency> </dependencies> <dependencyManagement> <dependencies> - <dependency> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-dependencies</artifactId> - <version>${spring-boot.version}</version> - <type>pom</type> - <scope>import</scope> - <exclusions> - <exclusion> - <groupId>org.junit.jupiter</groupId> - <artifactId>*</artifactId> - </exclusion> - <exclusion> - <groupId>org.junit.platform</groupId> - <artifactId>*</artifactId> - </exclusion> - <exclusion> - <groupId>org.junit.vintage</groupId> - <artifactId>*</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-core</artifactId> - <version>11.0.15</version> + <version>${tomcat.version}</version> </dependency> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-el</artifactId> - <version>11.0.15</version> + <version>${tomcat.version}</version> </dependency> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-websocket</artifactId> - <version>11.0.15</version> + <version>${tomcat.version}</version> </dependency> </dependencies> </dependencyManagement> diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java index 213a79ead..be0ac8e4f 100644 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/HelloController.java @@ -27,13 +27,12 @@ import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import jakarta.servlet.http.HttpServletRequest; + import java.util.Collection; import java.util.Map; @Controller public class HelloController { - - @SuppressWarnings("Duplicates") @RequestMapping("/") public String home(HttpServletRequest request, Model model) { @@ -44,6 +43,7 @@ public class HelloController { PrincipalCollection principalCollection = subject.getPrincipals(); if (principalCollection != null && !principalCollection.isEmpty()) { + @SuppressWarnings("rawtypes") Collection<Map> principalMaps = subject.getPrincipals().byType(Map.class); if (CollectionUtils.isEmpty(principalMaps)) { name = subject.getPrincipal().toString(); diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java index 198a7ef28..a3d13d099 100644 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/RestrictedErrorController.java @@ -19,16 +19,19 @@ package org.apache.shiro.samples; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.web.error.ErrorAttributeOptions; -import org.springframework.boot.web.servlet.error.ErrorAttributes; -import org.springframework.boot.web.servlet.error.ErrorController; +import org.springframework.boot.webmvc.error.ErrorAttributes; +import org.springframework.boot.webmvc.error.ErrorController; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.context.request.ServletWebRequest; import jakarta.servlet.http.HttpServletRequest; + import java.util.Map; +import static org.springframework.boot.web.error.ErrorAttributeOptions.Include.MESSAGE; +import static org.springframework.boot.web.error.ErrorAttributeOptions.Include.STATUS; +import static org.springframework.boot.web.error.ErrorAttributeOptions.of; /** * @@ -47,8 +50,7 @@ public class RestrictedErrorController implements ErrorController { @RequestMapping(ERROR_PATH) String error(HttpServletRequest request, Model model) { Map<String, Object> errorMap = errorAttributes.getErrorAttributes( - new ServletWebRequest(request), - ErrorAttributeOptions.of(ErrorAttributeOptions.Include.MESSAGE)); + new ServletWebRequest(request), of(STATUS, MESSAGE)); model.addAttribute("errors", errorMap); return "error"; } diff --git a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java index 8e1769461..c347ed875 100644 --- a/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java +++ b/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java @@ -41,6 +41,9 @@ import org.springframework.web.bind.annotation.ResponseStatus; import java.util.HashMap; import java.util.Map; +/** + * NOPMD + */ @Configuration @ControllerAdvice @SpringBootApplication diff --git a/samples/spring-boot-3-web/src/main/resources/log4j2.properties b/samples/spring-boot-web/src/main/resources/log4j2.properties similarity index 100% rename from samples/spring-boot-3-web/src/main/resources/log4j2.properties rename to samples/spring-boot-web/src/main/resources/log4j2.properties diff --git a/samples/spring-boot-web/src/main/resources/templates/account-info.html b/samples/spring-boot-web/src/main/resources/templates/account-info.html index a1cb61a99..601dcbf55 100644 --- a/samples/spring-boot-web/src/main/resources/templates/account-info.html +++ b/samples/spring-boot-web/src/main/resources/templates/account-info.html @@ -20,7 +20,7 @@ <html xmlns:th="http://www.thymeleaf.org";> <head> <title>Account Info</title> - <!--/*/ <th:block th:include="fragments/head :: head"/> /*/--> + <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> </head> <body> <div class="container"> diff --git a/samples/spring-boot-web/src/main/resources/templates/error.html b/samples/spring-boot-web/src/main/resources/templates/error.html index a52e7ac32..719c081d8 100644 --- a/samples/spring-boot-web/src/main/resources/templates/error.html +++ b/samples/spring-boot-web/src/main/resources/templates/error.html @@ -18,14 +18,14 @@ --> <html xmlns:th="http://www.thymeleaf.org";> <head> - <!--/*/ <th:block th:include="fragments/head :: head"/> /*/--> + <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> </head> <body> <div class="container-fluid"> <div class="row"> <div class="box col-md-6 col-md-offset-3"> <div class="custom-header"> - <img src="https://shiro.apache.org/assets/images/apache-shiro-logo.png"/> + <img src="https://shiro.apache.org/images/apache-shiro-logo.png"/> </div> <div class="logo"> <h1 th:text="${errors.status}"></h1> diff --git a/samples/spring-boot-web/src/main/resources/templates/hello.html b/samples/spring-boot-web/src/main/resources/templates/hello.html index 51fd21284..0d6c46528 100644 --- a/samples/spring-boot-web/src/main/resources/templates/hello.html +++ b/samples/spring-boot-web/src/main/resources/templates/hello.html @@ -20,7 +20,7 @@ <html xmlns:th="http://www.thymeleaf.org";> <head> <title>Getting Started: Serving Web Content</title> - <!--/*/ <th:block th:include="fragments/head :: head"/> /*/--> + <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> </head> <body> <div class="container"> diff --git a/samples/spring-boot-web/src/main/resources/templates/login.html b/samples/spring-boot-web/src/main/resources/templates/login.html index 44da6606d..fde30c743 100644 --- a/samples/spring-boot-web/src/main/resources/templates/login.html +++ b/samples/spring-boot-web/src/main/resources/templates/login.html @@ -20,7 +20,7 @@ <html> <head> <title>Getting Started: Serving Web Content</title> - <!--/*/ <th:block th:include="fragments/head :: head"/> /*/--> + <!--/*/ <th:block th:insert="~{fragments/head :: head}"/> /*/--> </head> <body> <div class="container"> diff --git a/samples/web/pom.xml b/samples/web/pom.xml index 4f39a8357..4abb10edd 100644 --- a/samples/web/pom.xml +++ b/samples/web/pom.xml @@ -33,7 +33,6 @@ <properties> <meecrowave.version>2.0.0</meecrowave.version> - <tomcat.version>11.0.18</tomcat.version> <jacoco.skip>true</jacoco.skip> </properties> diff --git a/support/pom.xml b/support/pom.xml index a2ede9365..6295045fc 100644 --- a/support/pom.xml +++ b/support/pom.xml @@ -44,14 +44,7 @@ <module>jakarta-ee</module> <module>spring</module> <module>spring-boot</module> +<!-- Disabled for 3.x until we can verify fix it --> +<!-- <module>features</module>--> </modules> - - <profiles> - <profile> - <id>deferred-for-3x</id> - <modules> - <module>features</module> - </modules> - </profile> - </profiles> </project>
![https://shiro.apache.org/images/apache-shiro-logo.png"/](https://shiro.apache.org/images/apache-shiro-logo.png"/){kind=link}
![https://shiro.apache.org/assets/images/apache-shiro-logo.png"/](https://shiro.apache.org/assets/images/apache-shiro-logo.png"/){kind=link}