-
Notifications
You must be signed in to change notification settings - Fork 0
Home
tools to make safety checks upon build or startup of your spring app
spring-safe-setup is compatible with JDK 8 or higher
To add dependency in maven, use the following:
<dependency>
<groupId>com.github.zg2pro</groupId>
<artifactId>spring-safe-setup</artifactId>
<version>v.x</version>
</dependency>Replace v.x by the lastest version number, check central maven
This class will help you to check upon each build (if you use it jointly with a maven plugin) or upon each app start (if you want to declare a bean in spring configuration) whether all your remote methods have been secured with a set of permissions
Conditions to make it work: your remote signatures must be placed in a dedicated interface suffixed with "Remote" your local signatures must be placed in an interface suffixed with "Local" however you can always extend Remote or Local to have intermediary interfaces before declaring your implementing class (for instance HelloWorldServiceImpl implements HelloWorldServiceWebService, HelloWorldServiceLocal and HelloWorldServiceWebService extends HelloWorldServiceRemote).
You should also implement org.springframework.security.access.expression.method.MethodSecurityExpressionOperations as well as org.springframework.security.access.expression.method.MethodSecurityExpressionHandler, this will help you binding your annotations using a permissions enumeration, to the usage of PreAuthorize.
After the class is built, just run processVerification().
To make sure your host is configured in UTC timezone, create a spring bean in spring config as follows:
@Bean
Boolean checkHostTimezone(){
UtcVerifier.checkHostTimezone();
return Boolean.TRUE;
}To make sure your host is configured in UTF8, create a spring bean in spring config as follows:
@Bean
Boolean checkHostEncoding(){
Utf8Verifier.checkHostEncoding();
return Boolean.TRUE;
}Check you have enough disk space if you use your filesystem to swap your application data