Головна сторінка Огляд Довідка
Реєстрація Увійти
github
/
spring-security-samples
дзеркало https://github.com/spring-projects/spring-security-samples
2
0
Відгалуження 0
Файли Проблеми 0 Wiki
Дерево: 62940fe732
Гілки Теги
spring-security...
/
servlet
/
spring-boot
/
java
/
acl
/
README.adoc

README.adoc 2.1 KB
Історія Запис

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. = Spring Data AOT Sample
    2. 

  2. 

  3. To compile this project, you will need to use a special Java compiler.
    4. 

  4. If you are using SDKMan!, then the version will be correctly selected for you.
    5. 

  5. Or, you can do the following:
    6. 

  6. 

  7. ```bash
    8. 

  8. sdk use java 23.0.5.r17-nik
    9. 

  9. ```
    10. 

  10. 

  11. After that, you can compile like so:
    12. 

  12. 

  13. ```bash
    14. 

  14. ./gradlew nativeCompile
    15. 

  15. ```
    16. 

  16. 

  17. Once compiled, you can run like so:
    18. 

  18. 

  19. ```bash
    20. 

  20. ./build/native/nativeCompile/data
    21. 

  21. ```
    22. 

  22. 

  23. Then you can query for messages using `luke/password` and `rob/password`.
    24. 

  24. 

  25. Because the domain objects are secured, you will see a subset of fields with `luke`.
    26. 

  26. 

  27. For example, querying `/` with `luke`, you'll see:
    28. 

  28. 

  29. ```json
    30. 

  30.   ...
    31. 

  31.     {
    32. 

  32.         "created": "2014-07-12T16:00:00Z",
    33. 

  33.         "id": 112,
    34. 

  34.         "summary": "Is this secure?",
    35. 

  35.         "text": "This message is for Luke",
    36. 

  36.         "to": {
    37. 

  37.             "email": "luke@example.com",
    38. 

  38.             "id": "luke",
    39. 

  39.             "password": "password"
    40. 

  40.         }
    41. 

  41.     }
    42. 

  42.   ...
    43. 

  43. ```
    44. 

  44. 

  45. However, with `rob`, you'll also see `firstName` and `lastName` like so:
    46. 

  46. 

  47. ```json
    48. 

  48.   ...
    49. 

  49.     {
    50. 

  50.         "created": "2014-07-12T04:00:00Z",
    51. 

  51.         "id": 102,
    52. 

  52.         "summary": "Is this secure?",
    53. 

  53.         "text": "This message is for Rob",
    54. 

  54.         "to": {
    55. 

  55.             "email": "rob@example.com",
    56. 

  56.             "firstName": "Rob",
    57. 

  57.             "id": "rob",
    58. 

  58.             "lastName": "Winch",
    59. 

  59.             "password": "password"
    60. 

  60.         }
    61. 

  61.     }
    62. 

  62.   ...
    63. 

  63. ```
    64. 

  64. 

  65. You can also change the message text.
    66. 

  66. To do this, copy and paste the `X-CSRF-TOKEN` and `Cookie: JSESSION` headers and include them in a `PUT :8080/102` request.
    67. 

  67. 

  68. An example of this request using HTTPie can be seen below:
    69. 

  69. 

  70. ```bash
    71. 

  71. echo -n "updated message" | http -a rob:password PUT :8080/102 "X-CSRF-TOKEN: {copied from GET request}" "Cookie: JSESSIONID={copied from GET request}"
    72. 

  72. ```
    73. 

  73. 

  74. Read more about the https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#authorize-object[`@AuthorizeReturnObject`] and https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#fallback-values-authorization-denied[]`@DeniedHandler`] in the Spring Security Reference.
    75.