/java/

Spring Boot. Production profile with Security and Development Profile without Security.

2015-12-13 15:48:50

Everything is here in pom.xml

<?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?>

<project http:="" maven-4.0.0.xsd&quot;="" maven.apache.org="" xmlns='"http://maven.apache.org/POM/4.0.0"' xmlns:xsi='"http://www.w3.org/2001/XMLSchema-instance"' xsd="" xsi:schemalocation='"http://maven.apache.org/POM/4.0.0'>
<modelversion>4.0.0</modelversion>
<groupid>pl.btbw</groupid>
<artifactid>sklepExampleAdmin</artifactid>
<version>1.0</version>
<properties>
<java.version>1.8</java.version>
</properties>
<parent>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-starter-parent</artifactid>
<version>1.2.7.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-starter-web</artifactid>
</dependency>
<dependency>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-starter-thymeleaf</artifactid>
</dependency>
<dependency>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-starter-security</artifactid>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-maven-plugin</artifactid>
</plugin>
</plugins>
</build>
</project>

as you see we add dependency for: - spring-boot-starter-web - spring-boot-starter-thymeleaf - spring-boot-starter-security

that is everything what we need to create simple page application with login page and dashbord

profiles configuration

as we want to work with two profiles production and development, we have to create two files:

/src/main/resources/application.properties

spring.profiles.active=prod

security.user.name=USER_NAEM
security.user.password=USER_PASSWORD
security.user.role=ADMIN

src/main/resources/application-development.properties

# empty file

as you see if you run your application with development profile, you will not have to worry about login, it will speed up development

Next step is java configuration. In one file!

src/main/java/btbw/config/Profiles.java

package btbw.config;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

public class Profiles {
    public static final String DEVELOPMENT = "dev";
    public static final String PRODUCTION = "prod";
}

// -Dspring.profiles.active=prod
@Configuration
@Profile(Profiles.PRODUCTION)
class ConfigProduction extends WebSecurityConfigurerAdapter {

    private static final Logger LOGGER = LoggerFactory.getLogger(Profiles.class);

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        LOGGER.info("Run PRODUCTION Security Configuration");
        // @formatter:off
        http
            .authorizeRequests()
            .antMatchers(
                    "/lib/bootstrap/**",
                    "/lib/admin-lte-2.3.0/**",
                    "/css/**",
                    "/img/**",
                    "/js/**").permitAll()
            .anyRequest()
            .authenticated()
            .and()
        .formLogin()
            .loginPage("/login")
            .permitAll()
            .and()
        .logout()
            .permitAll();
        // @formatter:on
    }
}

// -Dspring.profiles.active=dev
@Configuration
@Profile(Profiles.DEVELOPMENT)
class ConfigDevelopment extends WebSecurityConfigurerAdapter {

    private static final Logger LOGGER = LoggerFactory.getLogger(Profiles.class);

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        LOGGER.info("Run DEVELOPMENT Security Configuration");
    }
}

Time for controllers !

src/main/java/btbw/ctrl/MainController.java

package btbw.ctrl;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class MainController {

    @RequestMapping(value = {"/login", "login.html"})
    public String login(Model model) {
        return "login";
    }

    @RequestMapping(value = {"/", "/dashboard", "dashboard.html"})
    public String dashboard(Model model) {
        return "dashboard";
    }

    @RequestMapping(value = {"/other", "other.html"})
    public String other(Model model) {
        return "other";
    }
}

and html

src/main/resources/templates/login.html

<!DOCTYPE html>

<html xmlns='"http://www.w3.org/1999/xhtml"' xmlns:sec='"http://www.thymeleaf.org/thymeleaf-extras-springsecurity3"' xmlns:th='"http://www.thymeleaf.org"'>
<head>
<title>Login Page</title>
</head>
<body>
<div th:if='"${param.error}"'>
    Invalid username and password.
</div>
<div th:if='"${param.logout}"'>
    You have been logged out.
</div>
<form method='"post"' th:action='"@{/login}"'>
<div><label> User Name : <input name='"username"/' type='"text"'/> </label></div>
<div><label> Password: <input name='"password"/' type='"password"'/> </label></div>
<div><input in&quot;="" type='"submit"' value='"Sign'/></div>
</form>
</body>
</html>

src/main/resources/templates/dashboard.html

<!DOCTYPE html>

<html xmlns='"http://www.w3.org/1999/xhtml"' xmlns:sec='"http://www.thymeleaf.org/thymeleaf-extras-springsecurity3"' xmlns:th='"http://www.thymeleaf.org"'>
<head>
<title>Dashboard</title>
</head>
<body>
<h1 th:inline='"text"'>Hello [[${#httpServletRequest.remoteUser}]]!</h1>
<form method='"post"' th:action='"@{/logout}"'>
<input out&quot;="" type='"submit"' value='"Sign'>
</input></form>
</body>
</html>

src/main/resources/templates/other.html

<!DOCTYPE html>

<html xmlns='"http://www.w3.org/1999/xhtml"' xmlns:sec='"http://www.thymeleaf.org/thymeleaf-extras-springsecurity3"' xmlns:th='"http://www.thymeleaf.org"'>
<head>
<title>Other Page!</title>
</head>
<body>
<h1>Other Page!</h1>
</body>
</html>

And finally. One Ring to bring them all and in the darkness bind them

src/main/java/btbw/Application.java

package btbw;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;

@ComponentScan
@EnableAutoConfiguration
@EnableWebMvcSecurity
public class Application {

    public static void main(String[] args) throws Exception {
        SpringApplication.run(Application.class, args);
    }
}

that is everything what you need.

to run your application execute this commant in target directory

java -jar sklepExampleAdmin-1.0.jar
or
java -Dspring.profiles.active=prod -jar sklepExampleAdmin-1.0.jar

or if you want to switch to development profile, use this

java -Dspring.profiles.active=dev -jar sklepExampleAdmin-1.0.jar