Role Permissions Spring Boot Starter

Role to Permission mapping for Spring Boot

Лицензия	Лицензия The Apache License, Version 2.0
Категории	Категории Ant Компиляция и сборка Сеть Безопасность
Группа	Группа net.savantly.security
Идентификатор	Идентификатор spring-role-permissions
Последняя версия	Последняя версия 0.0.2.RELEASE
Дата	Дата 14 нояб. 2020 г.
Тип	Тип jar
Описание	Описание Role Permissions Spring Boot Starter Role to Permission mapping for Spring Boot
Ссылка на сайт	Ссылка на сайт https://github.com/savantly-net/spring-role-permissions
Система контроля версий	Система контроля версий http://github.com/savantly-net/spring-role-permissions/tree/master

Скачать spring-role-permissions

Имя Файла	Размер
spring-role-permissions-0.0.2.RELEASE.pom
spring-role-permissions-0.0.2.RELEASE.jar	9 KB
spring-role-permissions-0.0.2.RELEASE-sources.jar	5 KB
spring-role-permissions-0.0.2.RELEASE-javadoc.jar	420 KB
Обзор

Как подключить последнюю версию

Apache Maven

<!-- https://jarcasting.com/artifacts/net.savantly.security/spring-role-permissions/ -->
<dependency>
    <groupId>net.savantly.security</groupId>
    <artifactId>spring-role-permissions</artifactId>
    <version>0.0.2.RELEASE</version>
</dependency>

Gradle Groovy

// https://jarcasting.com/artifacts/net.savantly.security/spring-role-permissions/
implementation 'net.savantly.security:spring-role-permissions:0.0.2.RELEASE'

Gradle Kotlin

// https://jarcasting.com/artifacts/net.savantly.security/spring-role-permissions/
implementation ("net.savantly.security:spring-role-permissions:0.0.2.RELEASE")

Apache Buildr

'net.savantly.security:spring-role-permissions:jar:0.0.2.RELEASE'

Apache Ivy

<dependency org="net.savantly.security" name="spring-role-permissions" rev="0.0.2.RELEASE">
  <artifact name="spring-role-permissions" type="jar" />
</dependency>

Groovy Grape

@Grapes(
@Grab(group='net.savantly.security', module='spring-role-permissions', version='0.0.2.RELEASE')
)

Scala SBT

libraryDependencies += "net.savantly.security" % "spring-role-permissions" % "0.0.2.RELEASE"

Leiningen

[net.savantly.security/spring-role-permissions "0.0.2.RELEASE"]

Зависимости

runtime (3)

Идентификатор библиотеки	Тип	Версия
org.springframework.boot : spring-boot-starter-data-jpa	jar
org.springframework.boot : spring-boot-starter-security	jar
org.springframework.boot : spring-boot-starter-oauth2-resource-server	jar

test (4)

Идентификатор библиотеки	Тип	Версия
org.springframework.boot : spring-boot-starter-web	jar
org.springframework.boot : spring-boot-starter-test	jar
org.springframework.security : spring-security-test	jar
com.h2database : h2	jar

Модули Проекта

Данный проект не имеет модулей.

spring-role-permissions

A Spring Boot library for easy Role to Permission relationships.

Quickstart

Include the dependency

Gradle

implementation 'net.savantly.security:spring-role-permissions:0.0.2.RELEASE'

Maven

<dependency>
  <groupId>net.savantly.security</groupId>
  <artifactId>spring-role-permissions</artifactId>
  <version>0.0.2.RELEASE</version>
</dependency>

Add the @EnableRolePermissions annotation on a Spring Configuaration class to automatically create JdbcPermissionProvider and RolePermissionsRepository beans.

Example -

@SpringBootApplication
@EnableRolePermissions
@EnableGlobalMethodSecurity(
  prePostEnabled = true, 
  securedEnabled = true, 
  jsr250Enabled = true)
public class MyApplication {
	
  @Bean
  public PermissionAwareJwtAuthenticationConverter jwtAuthenticationConverter(PermissionProvider permissionProvider) {
    return new PermissionAwareJwtAuthenticationConverter(permissionProvider);
  }

  @Bean
  public WebSecurityConfigurerAdapter webSecurity(PermissionAwareJwtAuthenticationConverter jwtAuthenticationConverter) {
		
    return new WebSecurityConfigurerAdapter() {
			
      @Override
      protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests().antMatchers("/secure/**").authenticated()
		.and().oauth2ResourceServer(oauth2ResourceServer ->
			oauth2ResourceServer
			  .jwt(jwt -> {
			    jwt.jwtAuthenticationConverter(jwtAuthenticationConverter);
			  })
	 	);
      }
    };
  }
}

Add Role to Permission mappings using the RolePermissionsRepository

@Autowired 
RolePermissionsRepository repository;

public void setup(){
  String roleName = "ROLE_ADMIN";
  List<String> permissions = new ArrayList<String>();
  permissions.add("CREATE");
  permissions.add("READ");
  permissions.add("UPDATE");
  permissions.add("DELETE");
  repository.save(new RolePermissions(roleName, permissions));
}

When an Authentication object is injected in the current security session, it will have the original roles/granted authorities.
This library provides 2 built-in integration points for Spring Security.
When the integration point is reached, the PermissionProvider is called to get the effective permissions for each role the user is a member of. The distinct list of permissions are added as GrantedAuthority items in the Authentication object.

You may also implement a custom PermissionProvider to provide a mapping of roles to permissions to Spring Security. For example, if you'd like to store your permissions in memory, or a configuration file, you just need to implement the PermissionProvider interface, and setup one of the integration methods.

Example OAuth/JWT Configuration -

The PermissionAwareJwtAuthenticationConverter can be used for OAuth/JWT integration.

@Bean
public PermissionAwareJwtAuthenticationConverter jwtAuthenticationConverter(PermissionProvider permissionProvider) {
	return new PermissionAwareJwtAuthenticationConverter(permissionProvider);
}

@Bean
public WebSecurityConfigurerAdapter webSecurity(PermissionAwareJwtAuthenticationConverter jwtAuthenticationConverter) {
	
	return new WebSecurityConfigurerAdapter() {
		
		@Override
		protected void configure(HttpSecurity http) throws Exception {
			http.authorizeRequests().antMatchers("/secure/**").authenticated()
			.and().oauth2ResourceServer(oauth2ResourceServer ->
				oauth2ResourceServer
					.jwt(jwt -> {
						jwt.jwtAuthenticationConverter(jwtAuthenticationConverter);
					})
 			);
		}
	};
}

Example UserDetailsService Wrapper

The PermissionAwareUserDetailsService can be used as a wrapper around your existing UserDetailsService -

@Bean
public WebSecurityConfigurerAdapter webSecurity(JdbcPermissionProvider permissionProvider) {
	
	return new WebSecurityConfigurerAdapter() {
		
		@Override
		protected void configure(HttpSecurity http) throws Exception {
			http.authorizeRequests().antMatchers("/secure/**").authenticated()
			.and().httpBasic();
		}
		
		@Autowired
		public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
			PermissionAwareUserDetailsService permissionAwareUserDetailsService = 
					new PermissionAwareUserDetailsService(myUserDetailsService(), permissionProvider);
			auth.userDetailsService(permissionAwareUserDetailsService)
				.passwordEncoder(NoOpPasswordEncoder.getInstance());
		}
	};
}

Standard Spring Security annotations can be used the same as before - but the user's granted authorities now also contain the permissions that have been mapped.

Example using the security annotations

@PreAuthorize("hasAuthority('CREATE')")
  @RequestMapping("/create")
  public String create() {
  ...
}

Savantly

Savantly custom software solutions for your business

Версии библиотеки

Версия
0.0.2.RELEASE 14 нояб. 2020 г.
0.0.1.RELEASE 15 февр. 2020 г.

Role Permissions Spring Boot Starter

Лицензия

Категории

Группа

Идентификатор

Последняя версия

Дата

Тип

Описание

Ссылка на сайт

Система контроля версий