updates per review by @mrioan

dogeared · dogeared · commit e17b6759dc20 · 2017-01-09T20:56:27.000-05:00
diff --git a/tutorials/spring-boot/01-some-access-controls/src/main/java/com/stormpath/tutorial/controller/HelloController.java b/tutorials/spring-boot/01-some-access-controls/src/main/java/com/stormpath/tutorial/controller/HelloController.java
@@ -32,6 +32,7 @@ public class HelloController {
 
     private AccountResolver accountResolver;
 
+    @Autowired
     public HelloController(AccountResolver accountResolver) {
         Assert.notNull(accountResolver);
         this.accountResolver = accountResolver;
diff --git a/tutorials/spring/00-the-basics/src/main/java/com/stormpath/tutorial/WebAppInitializer.java b/tutorials/spring/00-the-basics/src/main/java/com/stormpath/tutorial/WebAppInitializer.java
@@ -15,6 +15,7 @@
  */
 package com.stormpath.tutorial;
 
+import com.stormpath.sdk.servlet.filter.StormpathFilter;
 import com.stormpath.tutorial.config.WebAppConfig;
 import org.springframework.web.WebApplicationInitializer;
 import org.springframework.web.context.ContextLoaderListener;
@@ -46,9 +47,10 @@ public void onStartup(ServletContext sc) throws ServletException {
         dispatcher.setLoadOnStartup(1);
         dispatcher.addMapping("/");
 
-        FilterRegistration.Dynamic filter = sc.addFilter("stormpathFilter", new DelegatingFilterProxy());
+        FilterRegistration.Dynamic stormpathFilter =
+            sc.addFilter(StormpathFilter.DEFAULT_FILTER_NAME, DelegatingFilterProxy.class);
         EnumSet<DispatcherType> types =
-                EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
-        filter.addMappingForUrlPatterns(types, false, "/*");
+            EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
+        stormpathFilter.addMappingForUrlPatterns(types, false, "/*");
     }
 }
diff --git a/tutorials/spring/01-some-access-controls/src/main/java/com/stormpath/tutorial/WebAppInitializer.java b/tutorials/spring/01-some-access-controls/src/main/java/com/stormpath/tutorial/WebAppInitializer.java
@@ -15,6 +15,7 @@
  */
 package com.stormpath.tutorial;
 
+import com.stormpath.sdk.servlet.filter.StormpathFilter;
 import com.stormpath.tutorial.config.WebAppConfig;
 import org.springframework.web.WebApplicationInitializer;
 import org.springframework.web.context.ContextLoaderListener;
@@ -46,9 +47,10 @@ public void onStartup(ServletContext sc) throws ServletException {
         dispatcher.setLoadOnStartup(1);
         dispatcher.addMapping("/");
 
-        FilterRegistration.Dynamic filter = sc.addFilter("stormpathFilter", new DelegatingFilterProxy());
+        FilterRegistration.Dynamic stormpathFilter =
+            sc.addFilter(StormpathFilter.DEFAULT_FILTER_NAME, DelegatingFilterProxy.class);
         EnumSet<DispatcherType> types =
-                EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
-        filter.addMappingForUrlPatterns(types, false, "/*");
+            EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
+        stormpathFilter.addMappingForUrlPatterns(types, false, "/*");
     }
 }
diff --git a/tutorials/spring/01-some-access-controls/src/main/java/com/stormpath/tutorial/config/WebAppConfig.java b/tutorials/spring/01-some-access-controls/src/main/java/com/stormpath/tutorial/config/WebAppConfig.java
@@ -45,7 +45,7 @@ public class WebAppConfig {
     private Client client; //can be used to interact with all things in your Stormpath tenant
 
     /**
-     * This bean and the @PropertySource annotation above allow you to configure Stormpath beans with properties
+     * This bean and the @PropertySource annotation above allows you to configure Stormpath beans with properties
      * prefixed with {@code stormpath.}, i.e. {@code stormpath.application.href}, {@code stormpath.client.apiKey.file}, etc.
      *
      * <p>Combine this with Spring's Profile support to override property values based on specific runtime environments,
diff --git a/tutorials/spring/01-some-access-controls/src/main/webapp/WEB-INF/jsp/home.jsp b/tutorials/spring/01-some-access-controls/src/main/webapp/WEB-INF/jsp/home.jsp
@@ -55,13 +55,13 @@
                         <c:when test="${account != null}">
                             <h1>Hello, ${account.givenName}</h1>
                             <form action="${pageContext.request.contextPath}/logout" method="post">
-                                <a href="/restricted" class="btn btn-primary">Restricted</a>
+                                <a href="${pageContext.request.contextPath}/restricted" class="btn btn-primary">Restricted</a>
                                 <input type="submit" class="btn btn-danger" value="Logout"/>
                             </form>
                         </c:when>
                         <c:otherwise>
                             <h1>Who are you?</h1>
-                            <a href="/restricted" class="btn btn-primary">Restricted</a>
+                            <a href="${pageContext.request.contextPath}/restricted" class="btn btn-primary">Restricted</a>
                         </c:otherwise>
                     </c:choose>
                 </div>
diff --git a/tutorials/spring/01-some-access-controls/src/main/webapp/WEB-INF/jsp/restricted.jsp b/tutorials/spring/01-some-access-controls/src/main/webapp/WEB-INF/jsp/restricted.jsp
@@ -45,7 +45,7 @@
                     </div>
 
                     <h1>Hello, ${account.givenName}! You're allowed to see this page!</h1>
-                    <a href="/" class="btn btn-primary">Go Home</a>
+                    <a href="${pageContext.request.contextPath}/" class="btn btn-primary">Go Home</a>
 
                 </div>
             </div>
diff --git a/tutorials/spring/02-spring-security-ftw/src/main/java/com/stormpath/tutorial/WebAppInitializer.java b/tutorials/spring/02-spring-security-ftw/src/main/java/com/stormpath/tutorial/WebAppInitializer.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2017 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package com.stormpath.tutorial;
 
 import com.stormpath.sdk.servlet.filter.StormpathFilter;
@@ -36,7 +51,7 @@ public void onStartup(ServletContext sc) throws ServletException {
         //Stormpath Filter (after Spring Security)
         FilterRegistration.Dynamic stormpathFilter = sc.addFilter(StormpathFilter.DEFAULT_FILTER_NAME, DelegatingFilterProxy.class);
         EnumSet<DispatcherType> types =
-                EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
+            EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
         stormpathFilter.addMappingForUrlPatterns(types, false, "/*");
     }
 }
diff --git a/tutorials/spring/02-spring-security-ftw/src/main/java/com/stormpath/tutorial/config/SpringSecurityWebAppConfig.java b/tutorials/spring/02-spring-security-ftw/src/main/java/com/stormpath/tutorial/config/SpringSecurityWebAppConfig.java
@@ -36,8 +36,8 @@ public class SpringSecurityWebAppConfig extends WebSecurityConfigurerAdapter {
     protected void configure(HttpSecurity http) throws Exception {
 
         http
-            .apply(stormpath())
-            .and() // Starting with Spring Security 4.2 we do not need to explicitly apply the Stormpath configuration in Spring Boot but it is still required in Spring
+            .apply(stormpath()) // Starting with Spring Security 4.2 we do not need to explicitly apply the Stormpath configuration in Spring Boot but it is still required in Spring
+            .and()
                 .authorizeRequests()
                 .antMatchers("/restricted").fullyAuthenticated()
                 .antMatchers("/**").permitAll()
diff --git a/tutorials/spring/02-spring-security-ftw/src/main/webapp/WEB-INF/jsp/error.jsp b/tutorials/spring/02-spring-security-ftw/src/main/webapp/WEB-INF/jsp/error.jsp
@@ -48,7 +48,7 @@
                         <h1>${errors.status}</h1>
                     </div>
                     <p class="lead text-muted">${errors.message}</p>
-                    <a href="/" class="btn btn-primary">Go Home</a>
+                    <a href="${pageContext.request.contextPath}/" class="btn btn-primary">Go Home</a>
                 </div>
             </div>
         </div>
diff --git a/tutorials/spring/02-spring-security-ftw/src/main/webapp/WEB-INF/jsp/home.jsp b/tutorials/spring/02-spring-security-ftw/src/main/webapp/WEB-INF/jsp/home.jsp
@@ -55,13 +55,13 @@
                         <c:when test="${account != null}">
                             <h1>Hello, ${account.givenName}</h1>
                             <form action="${pageContext.request.contextPath}/logout" method="post">
-                                <a href="/restricted" class="btn btn-primary">Restricted</a>
+                                <a href="${pageContext.request.contextPath}/restricted" class="btn btn-primary">Restricted</a>
                                 <input type="submit" class="btn btn-danger" value="Logout"/>
                             </form>
                         </c:when>
                         <c:otherwise>
                             <h1>Who are you?</h1>
-                            <a href="/restricted" class="btn btn-primary">Restricted</a>
+                            <a href="${pageContext.request.contextPath}/restricted" class="btn btn-primary">Restricted</a>
                         </c:otherwise>
                     </c:choose>
                 </div>
diff --git a/tutorials/spring/02-spring-security-ftw/src/main/webapp/WEB-INF/jsp/restricted.jsp b/tutorials/spring/02-spring-security-ftw/src/main/webapp/WEB-INF/jsp/restricted.jsp
@@ -45,8 +45,7 @@
                     </div>
 
                     <h1>Hello, ${account.givenName}! You're allowed to see this page!</h1>
-                    <a href="/" class="btn btn-primary">Go Home</a>
-
+                    <a href="${pageContext.request.contextPath}/" class="btn btn-primary">Go Home</a>
                 </div>
             </div>
         </div>
diff --git a/tutorials/spring/03-spring-security-refined/src/main/java/com/stormpath/tutorial/WebAppInitializer.java b/tutorials/spring/03-spring-security-refined/src/main/java/com/stormpath/tutorial/WebAppInitializer.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2017 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package com.stormpath.tutorial;
 
 import com.stormpath.sdk.servlet.filter.StormpathFilter;
@@ -36,7 +51,7 @@ public void onStartup(ServletContext sc) throws ServletException {
         //Stormpath Filter (after Spring Security)
         FilterRegistration.Dynamic stormpathFilter = sc.addFilter(StormpathFilter.DEFAULT_FILTER_NAME, DelegatingFilterProxy.class);
         EnumSet<DispatcherType> types =
-                EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
+            EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
         stormpathFilter.addMappingForUrlPatterns(types, false, "/*");
     }
 }
diff --git a/tutorials/spring/03-spring-security-refined/src/main/java/com/stormpath/tutorial/service/HelloService.java b/tutorials/spring/03-spring-security-refined/src/main/java/com/stormpath/tutorial/service/HelloService.java
@@ -24,6 +24,7 @@
  */
 @Service
 public class HelloService {
+
     @PreAuthorize("hasAuthority(@groups.USER)")
     public String sayHello(Account account) {
         return "Hello, " + account.getGivenName() +
diff --git a/tutorials/spring/03-spring-security-refined/src/main/webapp/WEB-INF/jsp/error.jsp b/tutorials/spring/03-spring-security-refined/src/main/webapp/WEB-INF/jsp/error.jsp
@@ -48,7 +48,7 @@
                         <h1>${errors.status}</h1>
                     </div>
                     <p class="lead text-muted">${errors.message}</p>
-                    <a href="/" class="btn btn-primary">Go Home</a>
+                    <a href="${pageContext.request.contextPath}/" class="btn btn-primary">Go Home</a>
                 </div>
             </div>
         </div>
diff --git a/tutorials/spring/03-spring-security-refined/src/main/webapp/WEB-INF/jsp/home.jsp b/tutorials/spring/03-spring-security-refined/src/main/webapp/WEB-INF/jsp/home.jsp
@@ -55,13 +55,13 @@
                         <c:when test="${account != null}">
                             <h1>Hello, ${account.givenName}</h1>
                             <form action="${pageContext.request.contextPath}/logout" method="post">
-                                <a href="/restricted" class="btn btn-primary">Restricted</a>
+                                <a href="${pageContext.request.contextPath}/restricted" class="btn btn-primary">Restricted</a>
                                 <input type="submit" class="btn btn-danger" value="Logout"/>
                             </form>
                         </c:when>
                         <c:otherwise>
                             <h1>Who are you?</h1>
-                            <a href="/restricted" class="btn btn-primary">Restricted</a>
+                            <a href="${pageContext.request.contextPath}/restricted" class="btn btn-primary">Restricted</a>
                         </c:otherwise>
                     </c:choose>
                 </div>
diff --git a/tutorials/spring/03-spring-security-refined/src/main/webapp/WEB-INF/jsp/restricted.jsp b/tutorials/spring/03-spring-security-refined/src/main/webapp/WEB-INF/jsp/restricted.jsp
@@ -45,7 +45,7 @@
                     </div>
 
                     <h1>Hello, ${account.givenName}! You're allowed to see this page!</h1>
-                    <a href="/" class="btn btn-primary">Go Home</a>
+                    <a href="${pageContext.request.contextPath}/" class="btn btn-primary">Go Home</a>
 
                 </div>
             </div>
diff --git a/tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/WebAppInitializer.java b/tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/WebAppInitializer.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2017 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package com.stormpath.tutorial;
 
 import com.stormpath.sdk.servlet.filter.StormpathFilter;
@@ -36,7 +51,7 @@ public void onStartup(ServletContext sc) throws ServletException {
         //Stormpath Filter (after Spring Security)
         FilterRegistration.Dynamic stormpathFilter = sc.addFilter(StormpathFilter.DEFAULT_FILTER_NAME, DelegatingFilterProxy.class);
         EnumSet<DispatcherType> types =
-                EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
+            EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
         stormpathFilter.addMappingForUrlPatterns(types, false, "/*");
     }
 }
diff --git a/tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/config/SpringSecurityWebAppConfig.java b/tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/config/SpringSecurityWebAppConfig.java
@@ -36,8 +36,8 @@ public class SpringSecurityWebAppConfig extends WebSecurityConfigurerAdapter {
     protected void configure(HttpSecurity http) throws Exception {
 
         http
-            .apply(stormpath())
-            .and() // Starting with Spring Security 4.2 we do not need to explicitly apply the Stormpath configuration in Spring Boot but it is still required in Spring
+            .apply(stormpath()) // Starting with Spring Security 4.2 we do not need to explicitly apply the Stormpath configuration in Spring Boot but it is still required in Spring
+            .and()
                 .authorizeRequests()
                 .antMatchers("/").permitAll()
             .and()
diff --git a/tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/service/HelloService.java b/tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/service/HelloService.java
@@ -24,6 +24,7 @@
  */
 @Service
 public class HelloService {
+
     @PreAuthorize("hasAuthority(@groups.USER) and hasPermission('say', 'hello')")
     public String sayHello(Account account) {
         return "Hello, " + account.getGivenName() +
diff --git a/tutorials/spring/04-a-finer-grain-of-control/src/main/webapp/WEB-INF/jsp/error.jsp b/tutorials/spring/04-a-finer-grain-of-control/src/main/webapp/WEB-INF/jsp/error.jsp
@@ -48,7 +48,7 @@
                         <h1>${errors.status}</h1>
                     </div>
                     <p class="lead text-muted">${errors.message}</p>
-                    <a href="/" class="btn btn-primary">Go Home</a>
+                    <a href="${pageContext.request.contextPath}/" class="btn btn-primary">Go Home</a>
                 </div>
             </div>
         </div>
diff --git a/tutorials/spring/04-a-finer-grain-of-control/src/main/webapp/WEB-INF/jsp/home.jsp b/tutorials/spring/04-a-finer-grain-of-control/src/main/webapp/WEB-INF/jsp/home.jsp
@@ -55,8 +55,8 @@
                         <c:when test="${account != null}">
                             <h1>Hello, ${account.givenName}</h1>
                             <form action="${pageContext.request.contextPath}/logout" method="post">
-                                <a href="/restricted" class="btn btn-primary">Restricted</a>
-                                <a href="/userdetails" class="btn btn-warning">My Groups</a>
+                                <a href="${pageContext.request.contextPath}/restricted" class="btn btn-primary">Restricted</a>
+                                <a href="${pageContext.request.contextPath}/userdetails" class="btn btn-warning">My Groups</a>
                                 <input type="submit" class="btn btn-danger" value="Logout"/>
                             </form>
                         </c:when>
diff --git a/tutorials/spring/04-a-finer-grain-of-control/src/main/webapp/WEB-INF/jsp/restricted.jsp b/tutorials/spring/04-a-finer-grain-of-control/src/main/webapp/WEB-INF/jsp/restricted.jsp
@@ -45,7 +45,7 @@
                     </div>
 
                     <h1>Hello, ${account.givenName}! You're allowed to see this page!</h1>
-                    <a href="/" class="btn btn-primary">Go Home</a>
+                    <a href="${pageContext.request.contextPath}/" class="btn btn-primary">Go Home</a>
 
                 </div>
             </div>
diff --git a/tutorials/spring/05-token-management/src/main/java/com/stormpath/tutorial/WebAppInitializer.java b/tutorials/spring/05-token-management/src/main/java/com/stormpath/tutorial/WebAppInitializer.java
@@ -54,7 +54,7 @@ public void onStartup(ServletContext sc) throws ServletException {
         //Stormpath Filter (after Spring Security)
         FilterRegistration.Dynamic stormpathFilter = sc.addFilter(StormpathFilter.DEFAULT_FILTER_NAME, DelegatingFilterProxy.class);
         EnumSet<DispatcherType> types =
-                EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
+            EnumSet.of(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST);
         stormpathFilter.addMappingForUrlPatterns(types, false, "/*");
     }
 }
diff --git a/tutorials/spring/05-token-management/src/main/java/com/stormpath/tutorial/config/SpringSecurityWebAppConfig.java b/tutorials/spring/05-token-management/src/main/java/com/stormpath/tutorial/config/SpringSecurityWebAppConfig.java
@@ -33,6 +33,9 @@
 @EnableStormpathWebSecurity
 public class SpringSecurityWebAppConfig extends WebSecurityConfigurerAdapter {
 
+    // This configuration ensures that the static index.html is served
+    // without requiring authentication. Every other custom path would
+    // require authentication.
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http

Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,7 @@ public class WebAppConfig {`
`45`	`45`	`private Client client; //can be used to interact with all things in your Stormpath tenant`
`46`	`46`
`47`	`47`	`/**`
`48`		`- * This bean and the @PropertySource annotation above allow you to configure Stormpath beans with properties`
	`48`	`+ * This bean and the @PropertySource annotation above allows you to configure Stormpath beans with properties`
`49`	`49`	`* prefixed with {@code stormpath.}, i.e. {@code stormpath.application.href}, {@code stormpath.client.apiKey.file}, etc.`
`50`	`50`	`*`
`51`	`51`	`* <p>Combine this with Spring's Profile support to override property values based on specific runtime environments,`