diff --git a/2024-05/spring-23/2.7-style/pom.xml b/2024-05/spring-23/2.7-style/pom.xml
new file mode 100644
index 00000000..25baa882
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/pom.xml
@@ -0,0 +1,53 @@
+
+
+ 4.0.0
+
+ ru.otus
+ spring-framework-23-ss-start
+ 1.0-SNAPSHOT
+
+
+ org.springframework.boot
+ spring-boot-starter-parent
+ 2.7.8
+
+
+
+ 17
+ 17
+ 17
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter
+
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+
+ org.springframework.boot
+ spring-boot-starter-thymeleaf
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+
+
+
diff --git a/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/Main.java b/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/Main.java
new file mode 100644
index 00000000..95fa70ed
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/Main.java
@@ -0,0 +1,12 @@
+package ru.otus.spring;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Main {
+
+ public static void main( String[] args ) {
+ SpringApplication.run( Main.class );
+ }
+}
diff --git a/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/rest/PagesController.java b/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/rest/PagesController.java
new file mode 100644
index 00000000..47321812
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/rest/PagesController.java
@@ -0,0 +1,28 @@
+package ru.otus.spring.rest;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class PagesController {
+
+ @GetMapping("/")
+ public String indexPage() {
+ return "index";
+ }
+
+ @GetMapping("/public")
+ public String publicPage() {
+ return "public";
+ }
+
+ @GetMapping("/authenticated")
+ public String authenticatedPage() {
+ return "authenticated";
+ }
+
+ @GetMapping("/success")
+ public String successPage() {
+ return "success";
+ }
+}
diff --git a/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java b/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
new file mode 100644
index 00000000..a708cc22
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
@@ -0,0 +1,49 @@
+package ru.otus.spring.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfiguration {
+
+ @Bean
+ public SecurityFilterChain securityFilterChain( HttpSecurity http ) throws Exception {
+ http
+ .csrf().disable()
+ .authorizeHttpRequests( ( authorize ) -> authorize
+ .antMatchers( "/public" ).permitAll()
+ .antMatchers( "/authenticated" ).authenticated()
+ .anyRequest().permitAll()
+ )
+ .httpBasic();
+ return http.build();
+ }
+
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+// return new BCryptPasswordEncoder(10);
+ return NoOpPasswordEncoder.getInstance();
+
+ }
+
+ @Bean
+ public InMemoryUserDetailsManager userDetailsService() {
+ UserDetails user = User
+ .builder()
+ .username( "user" )
+ .password( "password" )
+ .roles( "USER" )
+ .build();
+ return new InMemoryUserDetailsManager( user );
+ }
+}
diff --git a/2024-05/spring-23/2.7-style/src/main/resources/application.yml b/2024-05/spring-23/2.7-style/src/main/resources/application.yml
new file mode 100644
index 00000000..e69de29b
diff --git a/2024-05/spring-23/2.7-style/src/main/resources/templates/authenticated.html b/2024-05/spring-23/2.7-style/src/main/resources/templates/authenticated.html
new file mode 100644
index 00000000..9f8b0d7e
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/src/main/resources/templates/authenticated.html
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+Только для авторизованных
+
+
diff --git a/2024-05/spring-23/2.7-style/src/main/resources/templates/index.html b/2024-05/spring-23/2.7-style/src/main/resources/templates/index.html
new file mode 100644
index 00000000..f4d11090
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/src/main/resources/templates/index.html
@@ -0,0 +1,11 @@
+
+
+
+
+
+
+/public
+
+/authenticated
+
+
diff --git a/2024-05/spring-23/2.7-style/src/main/resources/templates/public.html b/2024-05/spring-23/2.7-style/src/main/resources/templates/public.html
new file mode 100644
index 00000000..77188469
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/src/main/resources/templates/public.html
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+Доступен всем
+
+
diff --git a/2024-05/spring-23/2.7-style/src/main/resources/templates/success.html b/2024-05/spring-23/2.7-style/src/main/resources/templates/success.html
new file mode 100644
index 00000000..89db5f22
--- /dev/null
+++ b/2024-05/spring-23/2.7-style/src/main/resources/templates/success.html
@@ -0,0 +1,10 @@
+
+
+
+
+ Вы успешно вошли
+
+
+Вы успешно вошли
+
+
diff --git a/2024-05/spring-23/3.x-style/pom.xml b/2024-05/spring-23/3.x-style/pom.xml
new file mode 100644
index 00000000..27319eb8
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/pom.xml
@@ -0,0 +1,53 @@
+
+
+ 4.0.0
+
+ ru.otus
+ spring-framework-23-ss-start
+ 1.0-SNAPSHOT
+
+
+ org.springframework.boot
+ spring-boot-starter-parent
+ 3.2.5
+
+
+
+ 17
+ 17
+ 17
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter
+
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+
+ org.springframework.boot
+ spring-boot-starter-thymeleaf
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+
+
+
diff --git a/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/Main.java b/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/Main.java
new file mode 100644
index 00000000..3a3edb94
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/Main.java
@@ -0,0 +1,13 @@
+package ru.otus.spring;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Main {
+
+ public static void main( String[] args ) {
+ SpringApplication.run( Main.class );
+ // http://localhost:8080/
+ }
+}
diff --git a/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/rest/PagesController.java b/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/rest/PagesController.java
new file mode 100644
index 00000000..47321812
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/rest/PagesController.java
@@ -0,0 +1,28 @@
+package ru.otus.spring.rest;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class PagesController {
+
+ @GetMapping("/")
+ public String indexPage() {
+ return "index";
+ }
+
+ @GetMapping("/public")
+ public String publicPage() {
+ return "public";
+ }
+
+ @GetMapping("/authenticated")
+ public String authenticatedPage() {
+ return "authenticated";
+ }
+
+ @GetMapping("/success")
+ public String successPage() {
+ return "success";
+ }
+}
diff --git a/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java b/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
new file mode 100644
index 00000000..86c8904f
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
@@ -0,0 +1,52 @@
+package ru.otus.spring.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfiguration {
+
+ @Bean
+ public SecurityFilterChain securityFilterChain( HttpSecurity http ) throws Exception {
+ http
+ .csrf(AbstractHttpConfigurer::disable)
+ .authorizeHttpRequests( ( authorize ) -> authorize
+ .requestMatchers( "/public" ).permitAll()
+ .requestMatchers( "/authenticated" ).authenticated()
+ .anyRequest().permitAll()
+ )
+ .httpBasic(Customizer.withDefaults());
+ return http.build();
+ }
+
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder(10);
+ // return NoOpPasswordEncoder.getInstance();
+
+ }
+
+ @Bean
+ public InMemoryUserDetailsManager userDetailsService() {
+ UserDetails user = User
+ .builder()
+ .username( "user" )
+ .password( "password" )
+ .roles( "USER" )
+ .build();
+ return new InMemoryUserDetailsManager( user );
+ }
+}
diff --git a/2024-05/spring-23/3.x-style/src/main/resources/application.yml b/2024-05/spring-23/3.x-style/src/main/resources/application.yml
new file mode 100644
index 00000000..e69de29b
diff --git a/2024-05/spring-23/3.x-style/src/main/resources/templates/authenticated.html b/2024-05/spring-23/3.x-style/src/main/resources/templates/authenticated.html
new file mode 100644
index 00000000..9f8b0d7e
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/src/main/resources/templates/authenticated.html
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+Только для авторизованных
+
+
diff --git a/2024-05/spring-23/3.x-style/src/main/resources/templates/index.html b/2024-05/spring-23/3.x-style/src/main/resources/templates/index.html
new file mode 100644
index 00000000..f4d11090
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/src/main/resources/templates/index.html
@@ -0,0 +1,11 @@
+
+
+
+
+
+
+/public
+
+/authenticated
+
+
diff --git a/2024-05/spring-23/3.x-style/src/main/resources/templates/public.html b/2024-05/spring-23/3.x-style/src/main/resources/templates/public.html
new file mode 100644
index 00000000..77188469
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/src/main/resources/templates/public.html
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+Доступен всем
+
+
diff --git a/2024-05/spring-23/3.x-style/src/main/resources/templates/success.html b/2024-05/spring-23/3.x-style/src/main/resources/templates/success.html
new file mode 100644
index 00000000..89db5f22
--- /dev/null
+++ b/2024-05/spring-23/3.x-style/src/main/resources/templates/success.html
@@ -0,0 +1,10 @@
+
+
+
+
+ Вы успешно вошли
+
+
+Вы успешно вошли
+
+
diff --git a/2024-05/spring-23/old-style/pom.xml b/2024-05/spring-23/old-style/pom.xml
new file mode 100644
index 00000000..d0b19bbc
--- /dev/null
+++ b/2024-05/spring-23/old-style/pom.xml
@@ -0,0 +1,53 @@
+
+
+ 4.0.0
+
+ ru.otus
+ spring-framework-23-spring-security-3x-start
+ 1.0-SNAPSHOT
+
+
+ org.springframework.boot
+ spring-boot-starter-parent
+ 2.7.8
+
+
+
+ 17
+ 17
+ 17
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter
+
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+
+ org.springframework.boot
+ spring-boot-starter-thymeleaf
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+
+
+
diff --git a/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/Main.java b/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/Main.java
new file mode 100644
index 00000000..95fa70ed
--- /dev/null
+++ b/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/Main.java
@@ -0,0 +1,12 @@
+package ru.otus.spring;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Main {
+
+ public static void main( String[] args ) {
+ SpringApplication.run( Main.class );
+ }
+}
diff --git a/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/rest/PagesController.java b/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/rest/PagesController.java
new file mode 100644
index 00000000..47321812
--- /dev/null
+++ b/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/rest/PagesController.java
@@ -0,0 +1,28 @@
+package ru.otus.spring.rest;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class PagesController {
+
+ @GetMapping("/")
+ public String indexPage() {
+ return "index";
+ }
+
+ @GetMapping("/public")
+ public String publicPage() {
+ return "public";
+ }
+
+ @GetMapping("/authenticated")
+ public String authenticatedPage() {
+ return "authenticated";
+ }
+
+ @GetMapping("/success")
+ public String successPage() {
+ return "success";
+ }
+}
diff --git a/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java b/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
new file mode 100644
index 00000000..89ef82be
--- /dev/null
+++ b/2024-05/spring-23/old-style/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
@@ -0,0 +1,70 @@
+package ru.otus.spring.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@EnableWebSecurity
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+ @Override
+ public void configure( WebSecurity web ) {
+ web.ignoring()
+ .antMatchers( "/" )
+ .antMatchers( "/static/**" ); // You are asking Spring Security to ignore Ant [pattern='/static/**']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.
+ }
+
+ @Override
+ public void configure( HttpSecurity http ) throws Exception {
+ http.csrf().disable()
+ // По умолчанию SecurityContext хранится в сессии. Эта часть вырубает и каждый запросом приходитТ
+// .sessionManagement()
+// .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
+// .and()
+ .authorizeRequests()
+ .antMatchers( "/public/" ).anonymous()
+ .and()
+ .authorizeRequests()
+ .antMatchers( "/authenticated" ).authenticated()
+// .and()
+// .authorizeRequests().antMatchers("/public").authenticated()
+ .and()
+ .formLogin()
+ .and()
+ .anonymous()
+ .principal( "anonymous" )
+ .and()
+ .rememberMe().key( "Some secret" )
+ ;
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+// return new BCryptPasswordEncoder(10);
+ return NoOpPasswordEncoder.getInstance();
+// return new PasswordEncoder() {
+// @Override
+// public String encode(CharSequence charSequence) {
+// return charSequence.toString();
+// }
+//
+// @Override
+// public boolean matches(CharSequence charSequence, String s) {
+// return charSequence.toString().equals(s);
+// }
+// };
+ }
+
+ @Autowired
+ public void configure( AuthenticationManagerBuilder auth ) throws Exception {
+ auth.inMemoryAuthentication()
+ .withUser( "admin" ).password( "password" ).roles( "ADMIN" )
+ ;
+ }
+}
diff --git a/2024-05/spring-23/old-style/src/main/resources/application.yml b/2024-05/spring-23/old-style/src/main/resources/application.yml
new file mode 100644
index 00000000..e69de29b
diff --git a/2024-05/spring-23/old-style/src/main/resources/templates/authenticated.html b/2024-05/spring-23/old-style/src/main/resources/templates/authenticated.html
new file mode 100644
index 00000000..9f8b0d7e
--- /dev/null
+++ b/2024-05/spring-23/old-style/src/main/resources/templates/authenticated.html
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+Только для авторизованных
+
+
diff --git a/2024-05/spring-23/old-style/src/main/resources/templates/index.html b/2024-05/spring-23/old-style/src/main/resources/templates/index.html
new file mode 100644
index 00000000..f4d11090
--- /dev/null
+++ b/2024-05/spring-23/old-style/src/main/resources/templates/index.html
@@ -0,0 +1,11 @@
+
+
+
+
+
+
+/public
+
+/authenticated
+
+
diff --git a/2024-05/spring-23/old-style/src/main/resources/templates/public.html b/2024-05/spring-23/old-style/src/main/resources/templates/public.html
new file mode 100644
index 00000000..77188469
--- /dev/null
+++ b/2024-05/spring-23/old-style/src/main/resources/templates/public.html
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+Доступен всем
+
+
diff --git a/2024-05/spring-23/old-style/src/main/resources/templates/success.html b/2024-05/spring-23/old-style/src/main/resources/templates/success.html
new file mode 100644
index 00000000..89db5f22
--- /dev/null
+++ b/2024-05/spring-23/old-style/src/main/resources/templates/success.html
@@ -0,0 +1,10 @@
+
+
+
+
+ Вы успешно вошли
+
+
+Вы успешно вошли
+
+
diff --git a/2024-05/spring-24/pom.xml b/2024-05/spring-24/pom.xml
new file mode 100644
index 00000000..79e1b7c3
--- /dev/null
+++ b/2024-05/spring-24/pom.xml
@@ -0,0 +1,69 @@
+
+
+ 4.0.0
+
+ ru.otus
+ classwork
+ 1.0-SNAPSHOT
+
+
+ org.springframework.boot
+ spring-boot-starter-parent
+ 3.3.0
+
+
+
+ UTF-8
+ UTF-8
+ 17
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+ org.springframework.boot
+ spring-boot-starter-thymeleaf
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-test
+
+
+
+ org.springframework.security
+ spring-security-test
+ ${spring-security.version}
+
+
+
+ org.projectlombok
+ lombok
+ ${lombok.version}
+ provided
+
+
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+
+
+
diff --git a/2024-05/spring-24/src/main/java/ru/otus/spring/Main.java b/2024-05/spring-24/src/main/java/ru/otus/spring/Main.java
new file mode 100644
index 00000000..e8fdc91d
--- /dev/null
+++ b/2024-05/spring-24/src/main/java/ru/otus/spring/Main.java
@@ -0,0 +1,13 @@
+package ru.otus.spring;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Main {
+
+ public static void main(String[] args) {
+ SpringApplication.run(Main.class);
+ // http://localhost:8080/
+ }
+}
diff --git a/2024-05/spring-24/src/main/java/ru/otus/spring/controller/PagesController.java b/2024-05/spring-24/src/main/java/ru/otus/spring/controller/PagesController.java
new file mode 100644
index 00000000..3137eb02
--- /dev/null
+++ b/2024-05/spring-24/src/main/java/ru/otus/spring/controller/PagesController.java
@@ -0,0 +1,55 @@
+package ru.otus.spring.controller;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import ru.otus.spring.security.AnonimusUD;
+
+@Controller
+public class PagesController {
+
+ @GetMapping("/")
+ public String indexPage() {
+ return "index";
+ }
+
+ @GetMapping("/public")
+ public String publicPage(/*@RequestParam(name = "SpecialValue") String specialValue, Model model*/) {
+// model.addAttribute("secret", specialValue);
+ SecurityContext securityContext = SecurityContextHolder.getContext();
+ Authentication authentication = securityContext.getAuthentication();
+ System.out.println(((AnonimusUD)authentication.getPrincipal()).getUsername());
+ return "public";
+ }
+
+ @GetMapping("/authenticated")
+ public String authenticatedPage(Model model) {
+ SecurityContext securityContext = SecurityContextHolder.getContext();
+ User user = (User) securityContext.getAuthentication().getPrincipal();
+ model.addAttribute("userName", user.getUsername());
+ return "authenticated";
+ }
+
+ @GetMapping("/success")
+ public String successPage() {
+ return "success";
+ }
+
+ @GetMapping("/error")
+ public String errorPage(Model model) {
+ model.addAttribute("source", "errorPage");
+ return "error";
+ }
+
+ @PostMapping("/fail")
+ public String failPage(Model model) {
+ model.addAttribute("source", "failPage");
+ return "error";
+ }
+}
diff --git a/2024-05/spring-24/src/main/java/ru/otus/spring/security/AnonimusUD.java b/2024-05/spring-24/src/main/java/ru/otus/spring/security/AnonimusUD.java
new file mode 100644
index 00000000..79871401
--- /dev/null
+++ b/2024-05/spring-24/src/main/java/ru/otus/spring/security/AnonimusUD.java
@@ -0,0 +1,45 @@
+package ru.otus.spring.security;
+
+import lombok.Data;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+
+@Data
+public class AnonimusUD implements UserDetails {
+ @Override
+ public Collection getAuthorities() {
+ return null;
+ }
+
+ @Override
+ public String getPassword() {
+ return null;
+ }
+
+ @Override
+ public String getUsername() {
+ return "Oleg";
+ }
+
+ @Override
+ public boolean isAccountNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isAccountNonLocked() {
+ return true;
+ }
+
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return true;
+ }
+}
diff --git a/2024-05/spring-24/src/main/java/ru/otus/spring/security/SecurityConfiguration.java b/2024-05/spring-24/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
new file mode 100644
index 00000000..51b5b5a2
--- /dev/null
+++ b/2024-05/spring-24/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
@@ -0,0 +1,70 @@
+package ru.otus.spring.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.access.intercept.AuthorizationFilter;
+import ru.otus.spring.security.filter.MyOwnFilter;
+
+import java.util.ArrayList;
+
+@EnableWebSecurity
+@Configuration
+public class SecurityConfiguration {
+
+ @Bean
+ public SecurityFilterChain securityFilterChain(HttpSecurity http)
+ throws Exception {
+ http
+ .csrf(AbstractHttpConfigurer::disable)
+ .sessionManagement((session) -> session
+ .sessionCreationPolicy(SessionCreationPolicy.ALWAYS))
+ .authorizeHttpRequests((authorize) -> authorize
+ .requestMatchers("/").permitAll()
+ .requestMatchers("/public").permitAll()
+ .requestMatchers("/authenticated", "/success").authenticated()
+ .anyRequest().permitAll()
+ )
+// .anonymous(a -> a.principal(new AnonimusUD()).authorities("ROLE_ANONYMOUS"))
+// .addFilterAfter(new MyOwnFilter(), AuthorizationFilter.class)
+// .httpBasic(Customizer.withDefaults())
+ .formLogin(Customizer.withDefaults())
+/*
+ .formLogin(fm -> fm.defaultSuccessUrl("/success")
+ .failureForwardUrl("/fail")
+ )
+*/
+ .rememberMe(rm -> rm.key("AnyKey")
+ .tokenValiditySeconds(600))
+ ;
+ return http.build();
+ }
+
+ @SuppressWarnings("deprecation")
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return NoOpPasswordEncoder.getInstance();
+ }
+
+ @Bean
+ public InMemoryUserDetailsManager userDetailsService() {
+ UserDetails user = User
+ .builder()
+ .username("user")
+ .password("password")
+ .roles("USER")
+ .build();
+ return new InMemoryUserDetailsManager(user);
+
+ }
+}
diff --git a/2024-05/spring-24/src/main/java/ru/otus/spring/security/filter/MyOwnFilter.java b/2024-05/spring-24/src/main/java/ru/otus/spring/security/filter/MyOwnFilter.java
new file mode 100644
index 00000000..2b81609f
--- /dev/null
+++ b/2024-05/spring-24/src/main/java/ru/otus/spring/security/filter/MyOwnFilter.java
@@ -0,0 +1,30 @@
+package ru.otus.spring.security.filter;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequestWrapper;
+import org.springframework.web.filter.GenericFilterBean;
+
+import java.io.IOException;
+
+public class MyOwnFilter extends GenericFilterBean {
+ @Override
+ public void doFilter(ServletRequest servletRequest,
+ ServletResponse servletResponse,
+ FilterChain filterChain) throws IOException, ServletException {
+ var requestWrapper = new HttpServletRequestWrapper((HttpServletRequest) servletRequest) {
+ @Override
+ public String[] getParameterValues(String name) {
+ if ("SpecialValue".equals(name)) {
+ return new String[]{"My dirty secret"};
+ }
+ return super.getParameterValues(name);
+ }
+ };
+
+ filterChain.doFilter(requestWrapper, servletResponse);
+ }
+}
diff --git a/2024-05/spring-24/src/main/resources/application.yml b/2024-05/spring-24/src/main/resources/application.yml
new file mode 100644
index 00000000..d07e4971
--- /dev/null
+++ b/2024-05/spring-24/src/main/resources/application.yml
@@ -0,0 +1,4 @@
+logging:
+ level:
+ root: error
+ org.springframework: info
\ No newline at end of file
diff --git a/2024-05/spring-24/src/main/resources/templates/authenticated.html b/2024-05/spring-24/src/main/resources/templates/authenticated.html
new file mode 100644
index 00000000..62f1eb0d
--- /dev/null
+++ b/2024-05/spring-24/src/main/resources/templates/authenticated.html
@@ -0,0 +1,10 @@
+
+
+
+
+ Только для авторизованных
+
+
+Только для авторизованных. Вы как раз такой)
+
+
diff --git a/2024-05/spring-24/src/main/resources/templates/error.html b/2024-05/spring-24/src/main/resources/templates/error.html
new file mode 100644
index 00000000..41a3f8e2
--- /dev/null
+++ b/2024-05/spring-24/src/main/resources/templates/error.html
@@ -0,0 +1,11 @@
+
+
+
+
+ Упс...
+
+
+Что-то пошло не так. Печалька
+Источник: Неизвестен
+
+
diff --git a/2024-05/spring-24/src/main/resources/templates/index.html b/2024-05/spring-24/src/main/resources/templates/index.html
new file mode 100644
index 00000000..f2d1d1ae
--- /dev/null
+++ b/2024-05/spring-24/src/main/resources/templates/index.html
@@ -0,0 +1,12 @@
+
+
+
+
+ Главная страница
+
+
+/public
+
+/authenticated
+
+
diff --git a/2024-05/spring-24/src/main/resources/templates/public.html b/2024-05/spring-24/src/main/resources/templates/public.html
new file mode 100644
index 00000000..58fca813
--- /dev/null
+++ b/2024-05/spring-24/src/main/resources/templates/public.html
@@ -0,0 +1,10 @@
+
+
+
+
+ Доступен всем
+
+
+Доступен всем, но есть секрет: Нет секрета
+
+
diff --git a/2024-05/spring-24/src/main/resources/templates/success.html b/2024-05/spring-24/src/main/resources/templates/success.html
new file mode 100644
index 00000000..58414c01
--- /dev/null
+++ b/2024-05/spring-24/src/main/resources/templates/success.html
@@ -0,0 +1,10 @@
+
+
+
+
+ Вы успешно вошли !
+
+
+Вы успешно вошли !
+
+
diff --git a/2024-05/spring-24/src/test/java/ru/otus/spring/controller/PagesControllerTest.java b/2024-05/spring-24/src/test/java/ru/otus/spring/controller/PagesControllerTest.java
new file mode 100644
index 00000000..62b6a274
--- /dev/null
+++ b/2024-05/spring-24/src/test/java/ru/otus/spring/controller/PagesControllerTest.java
@@ -0,0 +1,30 @@
+package ru.otus.spring.controller;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.context.annotation.Import;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.web.servlet.MockMvc;
+import ru.otus.spring.security.SecurityConfiguration;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@WebMvcTest(PagesController.class)
+@Import(SecurityConfiguration.class)
+public class PagesControllerTest {
+
+ @Autowired
+ private MockMvc mockMvc;
+
+ @WithMockUser(
+ username = "admin",
+ authorities = {"ROLE_ADMIN"}
+ )
+ @Test
+ public void testAuthenticatedOnAdmin() throws Exception {
+ mockMvc.perform(get("/authenticated"))
+ .andExpect(status().isOk());
+ }
+}