README.md 3.94 KB
Newer Older
1 2
## DARIAHSP - Sample boot app

3
This Spring Boot application serves as simple reference implementation of the [dariahsp-core](../dariashp-core) library. The sample is based on Java ServerPages (JSP) for view rendering and presents itself with login, logout and protected areas.
4 5 6 7

> See the JavaDoc for further explanation on the components of the sample application

### Initialization
8

9 10 11 12
1. [`SampleApplication`](/src/main/java/eu/dariah/de/dariahsp/sample/SampleApplication.java) is the Spring Boot application class and handles initialization

### Configuration

13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
2. [`SampleConfig`](/src/main/java/eu/dariah/de/dariahsp/sample/config/SampleApplication.java) serves as primary application configuration class; it defines the beans of 
    * `profileActionPostprocessor` (optional) for processing of login and logout activity, 
    * `samlMetadataController`, a controller bean that facilitates access to metadata of the SP and
    * `webServerFactoryCustomizer` for changing the context path of the application

    > With a optional custom implementation of the `profileActionPostprocessor`, the `SampleConfig` class can be used as a starting point for configuring futher aspects of the implementing application

3. [`SampleSecurityConfig`](/src/main/java/eu/dariah/de/dariahsp/sample/config/SampleSecurityConfig.java) - by extending the basic `SecurityConfig` class - imports the beans and configuration of the core library; it further imports configuration of the `AuthInfoConfigurer` class; The `@ConfigurationProperties(prefix = "auth")` annotation provides all configuration properties to the implemented `dariahsp-core` configuration

    > The `SampleSecurityConfig` can be used 'as is' in other implementations as all security-related beans are soundly configured

4. [`SampleWebSecurityConfig`](/src/main/java/eu/dariah/de/dariahsp/sample/config/SampleWebSecurityConfig.java) is the basic `WebSecurityConfigurerAdapter` of the sample application and specifies URL and authorization patterns that are specific to the sample application

    > The `SampleWebSecurityConfig` can be used as a starting point for configuring protected areas of the implementing application, but will probably require adaption to existing requirements

### Controllers

5. The [`SampleController`](/src/main/java/eu/dariah/de/dariahsp/sample/controller/SampleController.java) configures the request mappings and views of the sample application

6. [`ErrorController`](/src/main/java/eu/dariah/de/dariahsp/sample/controller/ErrorController.java) as implementation of Spring's `BasicErrorController` configures handling of exceptions that could occur in the application. For the sample application, all errors (e.g. 403 errors attempting to access protected areas) are dispatched to the `index` view, providing error messages

### Profile actions

7. [`SampleProfileActionHandler`](/src/main/java/eu/dariah/de/dariahsp/sample/profiles/SampleProfileActionHandler.java) is an empty implementation of the `ProfileActionHandler` interface - a bean provided that is setup in [`SampleConfig`](/src/main/java/eu/dariah/de/dariahsp/sample/config/SampleApplication.java). Customize behavior upon login and logout e.g. to persist user information in a database or to load save custom attributes of users and adding them to the attribute set of the handled `ExtendedUserProfile`

### Resources

8. [`application.yml`](/src/main/resources/application.yml) is a sample application configuration provided with this application 
9. [`logback.xml`](/src/main/resources/application.yml) customizes logging through [logback](http://logback.qos.ch/)
10. [`sample_keystore.jks`](/src/main/resources/application.yml) is an example Java KeyStore that can be used for initial testing

### JSP views
45

46 47
11. [`index.jsp`](/src/main/webapp/WEB-INF/views/index.jsp) is the main view of the sample application that serves all succeeding and error requests.
12. [`login.jsp`](/src/main/webapp/WEB-INF/views/login.jsp) is the form for querying username and passwords of `local` logins.