Skip to content

Commit

Permalink
Multiple changes for spring-security guide
Browse files Browse the repository at this point in the history
Fixes #37530
  • Loading branch information
fedinskiy committed Dec 6, 2023
1 parent 2aeab7f commit a79783f
Showing 1 changed file with 37 additions and 17 deletions.
54 changes: 37 additions & 17 deletions docs/src/main/asciidoc/spring-security.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ The solution is located in the `spring-security-quickstart` link:{quickstarts-tr
First, we need a new project. Create a new project with the following command:

:create-app-artifact-id: spring-security-quickstart
:create-app-group-id: org.acme.spring.security
:create-app-extensions: spring-web,spring-security,quarkus-elytron-security-properties-file,resteasy-reactive-jackson
:create-app-code:
include::{includes}/devtools/create-app.adoc[]

This command generates a project which imports the `spring-web`, `spring-security` and `security-properties-file` extensions.

Check warning on line 41 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.TermsSuggestions] Depending on the context, consider using ', which (non restrictive clause preceded by a comma)' or 'that (restrictive clause without a comma)' rather than 'which'. Raw Output: {"message": "[Quarkus.TermsSuggestions] Depending on the context, consider using ', which (non restrictive clause preceded by a comma)' or 'that (restrictive clause without a comma)' rather than 'which'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 41, "column": 33}}}, "severity": "INFO"}
Expand Down Expand Up @@ -81,7 +83,7 @@ For more information about `security-properties-file`, you can check out the gui
== GreetingController

Check warning on line 83 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in 'GreetingController'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in 'GreetingController'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 83, "column": 4}}}, "severity": "INFO"}

The Quarkus Maven plugin automatically generated a controller with the Spring Web annotations to define our REST endpoint (instead of the Jakarta REST ones used by default).
First create a `src/main/java/org/acme/spring/web/GreetingController.java`, a controller with the Spring Web annotations to define our REST endpoint, as follows:
First create a `src/main/java/org/acme/spring/security/GreetingController.java`, a controller with the Spring Web annotations to define our REST endpoint, as follows:

Check warning on line 86 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.TermsSuggestions] Depending on the context, consider using 'because' or 'while' rather than 'as'. Raw Output: {"message": "[Quarkus.TermsSuggestions] Depending on the context, consider using 'because' or 'while' rather than 'as'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 86, "column": 145}}}, "severity": "INFO"}

[source,java]
----
Expand All @@ -97,7 +99,7 @@ public class GreetingController {
@GetMapping
public String hello() {
return "hello";
return "Hello Spring";
}
}
----
Expand All @@ -117,15 +119,14 @@ import static io.restassured.RestAssured.given;
import static org.hamcrest.CoreMatchers.is;
@QuarkusTest
public class GreetingControllerTest {
class GreetingControllerTest {
@Test
public void testHelloEndpoint() {
void testHelloEndpoint() {
given()
.when().get("/greeting")
.then()
.statusCode(200)
.body(is("hello"));
.body(is("Hello Spring"));
}
}
Expand All @@ -141,6 +142,7 @@ Open your browser to http://localhost:8080/greeting.

The result should be: `{"message": "hello"}`.

[#secure]
== Modify the controller to secure the `hello` method

Check warning on line 146 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Fluff] Depending on the context, consider using 'Be concise: use 'to' rather than' rather than 'In order to'. Raw Output: {"message": "[Quarkus.Fluff] Depending on the context, consider using 'Be concise: use 'to' rather than' rather than 'In order to'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 146, "column": 45}}}, "severity": "INFO"}

Check warning on line 146 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.TermsWarnings] Consider using 'to' rather than 'In order to' unless updating existing content that uses the term. Raw Output: {"message": "[Quarkus.TermsWarnings] Consider using 'to' rather than 'In order to' unless updating existing content that uses the term.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 146, "column": 45}}}, "severity": "WARNING"}

In order to restrict access to the `hello` method to users with certain roles, the `@Secured` annotation will be utilized.
Expand Down Expand Up @@ -220,6 +222,16 @@ public class GreetingControllerTest {

== Test the changes

=== Automatically

Press `r`, while in DevMode, or run the application with:

include::{includes}/devtools/test.adoc[]

All tests should succeed.

=== Manually

Access allowed::

Open your browser again to http://localhost:8080/greeting and introduce `scott` and `jb0ss` in the dialog displayed.
Expand All @@ -239,15 +251,14 @@ You don't have authorization to view this page.
HTTP ERROR 403
----

== Run the application as a native executable

You can generate the native executable with:

include::{includes}/devtools/build-native.adoc[]
[TIP]
====
Some browsers save credentials for basic authentication. If the dialog is not displayed, try to clear saved logins or use the Private mode

Check warning on line 256 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.CaseSensitiveTerms] Use 'Basic HTTP authentication (first instance)' or 'Basic authentication' rather than 'basic authentication'. Raw Output: {"message": "[Quarkus.CaseSensitiveTerms] Use 'Basic HTTP authentication (first instance)' or 'Basic authentication' rather than 'basic authentication'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 256, "column": 36}}}, "severity": "INFO"}
====

== Supported Spring Security functionalities
== Supported Spring Security annotations

Check warning on line 259 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in 'Supported Spring Security annotations'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in 'Supported Spring Security annotations'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 259, "column": 4}}}, "severity": "INFO"}

Quarkus currently only supports a subset of the functionalities that Spring Security provides with more features being planned. More specifically, Quarkus supports the security related features of role-based authorization semantics
Quarkus currently only supports a subset of the functionality that Spring Security provides with more features being planned. More specifically, Quarkus supports the security related features of role-based authorization semantics
(think of `@Secured` instead of `@RolesAllowed`).

=== Annotations
Expand All @@ -256,13 +267,15 @@ The table below summarizes the supported annotations:

.Supported Spring Security annotations
|===
|Name|Comments
|Name|Comments|Spring documentation

|@Secured
|
| See <<secure, above>>
| link:https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#use-secured[Authorizing Method Invocation with @Secured]

|@PreAuthorize
|See next section for more details
|link:https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#use-preauthorize[Authorizing Method Invocation with @PreAuthorize]

|===

Expand Down Expand Up @@ -320,6 +333,7 @@ public class Person {
this.name = name;
}
// this syntax requires getters for field access
public String getName() {
return name;
}
Expand Down Expand Up @@ -373,7 +387,6 @@ An example of the `PersonChecker` could be:
@Component
public class PersonChecker {
@Override
public boolean check(Person person, String username) {
return person.getName().equals(username);
}
Expand Down Expand Up @@ -407,8 +420,11 @@ Some examples of allowed expressions are:
}
----
[IMPORTANT]
====
Currently, expressions do not support parentheses for logical operators and are evaluated from left to right
====

Also to be noted that currently parentheses are not supported and expressions are evaluated from left to right when needed.

== Important Technical Note

Check warning on line 429 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Fluff] Depending on the context, consider using 'Be concise: rewrite the sentence to not use' rather than 'note that'. Raw Output: {"message": "[Quarkus.Fluff] Depending on the context, consider using 'Be concise: rewrite the sentence to not use' rather than 'note that'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 429, "column": 26}}}, "severity": "INFO"}

Expand All @@ -428,6 +444,10 @@ The following table shows how Spring Security annotations can be converted to Ja
|@RolesAllowed("admin")
|

|@PreAuthorize
|No direct replacement
|Quarkus handles complex authorisation differently, see link:https://quarkus.io/guides/security-authorize-web-endpoints-reference[this guide] for details

|===

== More Spring guides

Check warning on line 453 in docs/src/main/asciidoc/spring-security.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in 'More Spring guides'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in 'More Spring guides'.", "location": {"path": "docs/src/main/asciidoc/spring-security.adoc", "range": {"start": {"line": 453, "column": 4}}}, "severity": "INFO"}
Expand Down

0 comments on commit a79783f

Please sign in to comment.