JarCasting
JarCasting JarCasting

Summer Web Security

Java web-app authentication library.

License

License
Categories

Categories

Security
GroupId

GroupId

com.hencjo.summer
ArtifactId

ArtifactId

summer-security
Last Version

Last Version

1.1.1
Release Date

Release Date
Type

Type

jar
Description

Description

Summer Web Security
Java web-app authentication library.
Project URL

Project URL

https://github.com/hencjo/summer-security
Source Code Management

Source Code Management

https://github.com/hencjo/summer-security

Download summer-security

Filename Size
summer-security-1.1.1.pom
summer-security-1.1.1.jar 36 KB
summer-security-1.1.1-sources.jar 15 KB
summer-security-1.1.1-javadoc.jar 193 KB
Browse

How to add to project

<!-- https://jarcasting.com/artifacts/com.hencjo.summer/summer-security/ -->
<dependency>
    <groupId>com.hencjo.summer</groupId>
    <artifactId>summer-security</artifactId>
    <version>1.1.1</version>
</dependency>
// https://jarcasting.com/artifacts/com.hencjo.summer/summer-security/
implementation 'com.hencjo.summer:summer-security:1.1.1'
// https://jarcasting.com/artifacts/com.hencjo.summer/summer-security/
implementation ("com.hencjo.summer:summer-security:1.1.1")
'com.hencjo.summer:summer-security:jar:1.1.1'
<dependency org="com.hencjo.summer" name="summer-security" rev="1.1.1">
  <artifact name="summer-security" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.hencjo.summer', module='summer-security', version='1.1.1')
)
libraryDependencies += "com.hencjo.summer" % "summer-security" % "1.1.1"
[com.hencjo.summer/summer-security "1.1.1"]

Dependencies

provided (1)

Group / Artifact Type Version
javax.servlet : servlet-api jar 2.5

test (2)

Group / Artifact Type Version
junit : junit jar 4.10
org.mockito : mockito-all jar 1.9.0

Project Modules

There are no modules declared in this project.

Summer Security

Summer Security is a library/DSL for Java Web Applications that need a simpler authentication mechanism.

Features

  • HTTP Basic Authentication (with or without WWW-Authenticate).
  • Form Login, compatible with Spring Security.
  • No dependencies.
  • Configuration in code. (No XML-configuration.)
  • No ThreadLocal. The logged in user is a function of the HttpRequest.
  • Only authentication. Not authorization.
  • Extendable through RequestMatchers and Responders.

Example

import java.io.IOException;
import javax.servlet.*;
import com.hencjo.summer.security.*;
import com.hencjo.summer.security.api.*;
import static com.hencjo.summer.security.api.Summer.*;

public class AuthenticationFilter extends AbstractFilter {
    private final SummerLogger logger = Loggers.noop();
    private final Authenticator authenticator = Authenticators.allowEveryoneAuthenticator();
	private final ServerSideSession session = new ServerSideSession("username");
	private final HttpBasicAuthenticator httpBasicAuthenticator = new HttpBasicAuthenticator(authenticator, "Realm");
	private final FormBasedLogin formBasedLogin = new FormBasedLogin(logger, authenticator, session.sessionWriter(), 
			"/j_spring_security_check", "/j_spring_security_logout", 
			"j_username", "j_password", 
			redirect("/login.html#?logout=true"), redirect("/login.html#?failure=true"), redirect("/index.html"));

	
	private final SummerFilterDelegate filterDelegate = summer(logger, 
			when(pathBeginsWith("/img/")).thenAllow(),
			when(pathBeginsWith("/lib/")).thenAllow(),
			when(pathEquals("/login.html")).thenAllow(),
			when(pathEquals("/login.js")).thenAllow(),
			when(formBasedLogin.logoutRequest()).then(formBasedLogin.performLogoutRequest()),
			when(formBasedLogin.loginRequest()).then(formBasedLogin.performLoginRequest()),
			when(session.exists()).thenAllow(),
			when(httpBasicAuthenticator.authorizes()).thenAllow(),
			when(header("X-Requested-With").equals("XMLHttpRequest")).then(status(403)),
			otherwise().then(redirect("/login.html"))
		);
	
	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
		filterDelegate.doFilter(request, response, filterChain);
	}
}

Include it in your pom like this:

<dependency>
    <groupId>com.hencjo.summer</groupId>
    <artifactId>summer-security</artifactId>
    <version>1.1.1</version>
</dependency>

Summer Security is free software/open source, and is distributed under the Apache License 2.0.

Summer Security is created and maintained by Henrik Johansson (Twitter: @hencjo)

Versions

Version
1.1.1
1.1
1.0