迁移samples代码
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/ClientApplication.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/ClientApplication.java
new file mode 100644
index 0000000..4d83c0d
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/ClientApplication.java
@@ -0,0 +1,38 @@
+package com.supwisdom.leaveschool.client;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.servlet.ServletRegistrationBean;
+import org.springframework.cloud.client.circuitbreaker.EnableCircuitBreaker;
+import org.springframework.cloud.netflix.hystrix.dashboard.EnableHystrixDashboard;
+import org.springframework.cloud.openfeign.EnableFeignClients;
+import org.springframework.context.annotation.Bean;
+
+import com.netflix.hystrix.contrib.metrics.eventstream.HystrixMetricsStreamServlet;
+import com.supwisdom.infras.security.EnableInfrasWebSecurity;
+
+@SpringBootApplication
+@EnableCircuitBreaker
+@EnableFeignClients(value = "com.supwisdom.leaveschool.client.service")
+@EnableHystrixDashboard
+@EnableInfrasWebSecurity
+public class ClientApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(ClientApplication.class, args);
+ }
+
+
+ @Bean
+ public ServletRegistrationBean<HystrixMetricsStreamServlet> hystrixMetricsStreamServlet() {
+ HystrixMetricsStreamServlet hystrixMetricsStreamServlet = new HystrixMetricsStreamServlet();
+
+ ServletRegistrationBean<HystrixMetricsStreamServlet> servletRegistrationBean = new ServletRegistrationBean<HystrixMetricsStreamServlet>(hystrixMetricsStreamServlet);
+ servletRegistrationBean.setName("hystrixMetricsStreamServlet");
+ servletRegistrationBean.setLoadOnStartup(1);
+ servletRegistrationBean.addUrlMappings("/hystrix.stream");
+
+ return servletRegistrationBean;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/Test.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/Test.java
new file mode 100644
index 0000000..6915296
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/Test.java
@@ -0,0 +1,9 @@
+package com.supwisdom.leaveschool.client;
+
+public class Test {
+
+ public static void main(String[] args) {
+
+
+ }
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/FilterConfig.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/FilterConfig.java
new file mode 100644
index 0000000..4ee7f3c
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/FilterConfig.java
@@ -0,0 +1,14 @@
+package com.supwisdom.leaveschool.client.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+
+@Configuration
+public class FilterConfig extends WebMvcConfigurerAdapter{
+
+ @Override
+ public void addCorsMappings(CorsRegistry registry) {
+ registry.addMapping("/**");
+ }
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/InfrasFilterSecurityInterceptorConfig.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/InfrasFilterSecurityInterceptorConfig.java
new file mode 100644
index 0000000..7f8ed14
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/InfrasFilterSecurityInterceptorConfig.java
@@ -0,0 +1,44 @@
+package com.supwisdom.leaveschool.client.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
+
+import com.supwisdom.infras.security.web.access.intercept.InfrasFilterSecurityInterceptor;
+import com.supwisdom.leaveschool.client.security.web.access.MyAccessDecisionManager;
+import com.supwisdom.leaveschool.client.security.web.access.intercept.MyFilterInvocationSecurityMetadataSource;
+import com.supwisdom.leaveschool.client.security.web.access.intercept.MyFilterSecurityInterceptor;
+
+@Configuration
+public class InfrasFilterSecurityInterceptorConfig {
+
+ private static final Logger logger = LoggerFactory.getLogger(InfrasFilterSecurityInterceptorConfig.class);
+
+ @Bean
+ public FilterInvocationSecurityMetadataSource securityMetadataSource() {
+ MyFilterInvocationSecurityMetadataSource securityMetadataSource = new MyFilterInvocationSecurityMetadataSource();
+ logger.debug("InfrasFilterSecurityInterceptorConfig securityMetadataSource is {}", securityMetadataSource);
+
+ return securityMetadataSource;
+ }
+
+ @Bean
+ public AccessDecisionManager accessDecisionManager() {
+ MyAccessDecisionManager accessDecisionManager = new MyAccessDecisionManager();
+ logger.debug("InfrasFilterSecurityInterceptorConfig accessDecisionManager is {}", accessDecisionManager);
+
+ return accessDecisionManager;
+ }
+
+ @Bean
+ public InfrasFilterSecurityInterceptor infrasFilterSecurityInterceptor() throws Exception {
+ MyFilterSecurityInterceptor myFilterSecurityInterceptor = new MyFilterSecurityInterceptor();
+ logger.debug("InfrasFilterSecurityInterceptorConfig infrasFilterSecurityInterceptor is {}", myFilterSecurityInterceptor);
+
+ return myFilterSecurityInterceptor;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/PasswordEncoderConfig.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/PasswordEncoderConfig.java
new file mode 100644
index 0000000..4957c3c
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/PasswordEncoderConfig.java
@@ -0,0 +1,31 @@
+package com.supwisdom.leaveschool.client.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@SuppressWarnings("deprecation")
+@Configuration
+public class PasswordEncoderConfig {
+
+ private static final Logger logger = LoggerFactory.getLogger(PasswordEncoderConfig.class);
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+
+ PasswordEncoder passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
+
+ if (passwordEncoder instanceof DelegatingPasswordEncoder) {
+ ((DelegatingPasswordEncoder)passwordEncoder).setDefaultPasswordEncoderForMatches(NoOpPasswordEncoder.getInstance());
+ }
+
+ logger.debug("PasswordEncoderConfig passwordEncoder is {}", passwordEncoder);
+ return passwordEncoder;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/UserDetailsServiceConfig.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/UserDetailsServiceConfig.java
new file mode 100644
index 0000000..fa91e80
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/config/UserDetailsServiceConfig.java
@@ -0,0 +1,33 @@
+package com.supwisdom.leaveschool.client.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.userdetails.UserDetailsService;
+
+import com.supwisdom.leaveschool.client.security.core.userdetails.InMemeryUserDetailsService;
+import com.supwisdom.leaveschool.client.security.core.userdetails.MyUserDetailsService;
+
+@Configuration
+public class UserDetailsServiceConfig {
+
+ private static final Logger logger = LoggerFactory.getLogger(UserDetailsServiceConfig.class);
+
+// @Bean
+// public UserDetailsService userDetailsService() throws Exception {
+// MyUserDetailsService myUserDetailsService = new MyUserDetailsService();
+// logger.debug("UserDetailsServiceConfig myUserDetailsService is {}", myUserDetailsService);
+//
+// return myUserDetailsService;
+// }
+
+ @Bean
+ public UserDetailsService userDetailsService() throws Exception {
+ InMemeryUserDetailsService inMemeryUserDetailsService = new InMemeryUserDetailsService();
+ logger.debug("UserDetailsServiceConfig inMemeryUserDetailsService is {}", inMemeryUserDetailsService);
+
+ return inMemeryUserDetailsService;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/api/HelloController.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/api/HelloController.java
new file mode 100644
index 0000000..3c0857d
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/api/HelloController.java
@@ -0,0 +1,32 @@
+package com.supwisdom.leaveschool.client.controller.api;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.supwisdom.leaveschool.client.security.core.userdetails.MyUser;
+import com.supwisdom.leaveschool.client.service.SampleUser1AdminUserRemoteService;
+import com.supwisdom.leaveschool.client.util.MyUserUtil;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.User;
+
+@RestController
+@RequestMapping("/api/hello")
+public class HelloController {
+
+ @Autowired
+ SampleUser1AdminUserRemoteService sampleUser1AdminUserRemoteService;
+
+ @GetMapping(path = "/{name}", produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public PagerResponseModel hello(@PathVariable("name") String name) {
+ MyUser user = MyUserUtil.getCurrentMyUser();
+ PagerResponseModel<User> users = sampleUser1AdminUserRemoteService.list();
+
+ return users;
+ }
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/MainController.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/MainController.java
new file mode 100644
index 0000000..217f944
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/MainController.java
@@ -0,0 +1,53 @@
+/*
+ * Copyright 2002-2016 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.supwisdom.leaveschool.client.controller.web;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+@Controller
+public class MainController {
+
+ @RequestMapping("/")
+ public String root() {
+ return "redirect:/web/index";
+ }
+
+ @RequestMapping("/web/index")
+ public String index() {
+ return "web/index";
+ }
+
+ @RequestMapping(value = "/web/login")
+ public String login() {
+ return "web/login";
+ }
+
+ @RequestMapping(value = "/web/login", method = RequestMethod.POST)
+ public String postLogin() {
+ // TODO Enable form login with Spring Security (trigger error for now)
+ return "redirect:/web/login-error";
+ }
+
+ @RequestMapping("/web/login-error")
+ public String loginError(Model model) {
+ model.addAttribute("loginError", true);
+ return "web/login";
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/admin/WebAdminUserController.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/admin/WebAdminUserController.java
new file mode 100644
index 0000000..8acd62d
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/admin/WebAdminUserController.java
@@ -0,0 +1,45 @@
+package com.supwisdom.leaveschool.client.controller.web.admin;
+
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import com.supwisdom.leaveschool.client.service.SampleUser1AdminUserRemoteService;
+import com.supwisdom.leaveschool.client.util.AuthenticationUtil;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.User;
+
+@Controller
+@RequestMapping("/web/admin/user")
+public class WebAdminUserController {
+
+ private static final Logger logger = LoggerFactory.getLogger(WebAdminUserController.class);
+
+ @Autowired
+ SampleUser1AdminUserRemoteService sampleUser1AdminUserRemoteService;
+
+ @RequestMapping("/index")
+ public String userIndex() {
+
+ logger.debug(AuthenticationUtil.currentUsername());
+
+ PagerResponseModel<User> users = sampleUser1AdminUserRemoteService.list();
+
+ logger.debug("list is {}, {}", users==null?"":users.getClass().getName(), users);
+
+ /*
+ Map<String, Object> map = userRemoteService.greeting("abcd");
+ if (map != null) {
+ logger.debug("message is " + map.get("message"));
+ } else {
+ logger.debug("message is null");
+ }
+ */
+
+ return "web/admin/user/index";
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/InMemeryUserDetailsService.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/InMemeryUserDetailsService.java
new file mode 100644
index 0000000..7f3cf63
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/InMemeryUserDetailsService.java
@@ -0,0 +1,39 @@
+package com.supwisdom.leaveschool.client.security.core.userdetails;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+public class InMemeryUserDetailsService implements UserDetailsService {
+
+ private static final Logger logger = LoggerFactory.getLogger(InMemeryUserDetailsService.class);
+
+ @Autowired
+ PasswordEncoder passwordEncoder;
+
+ @Override
+ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+
+ logger.debug("InMemeryUserDetailsService.loadUserByUsername({})", username);
+
+ List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+ authorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
+ authorities.add(new SimpleGrantedAuthority("administrator"));
+ authorities.add(new SimpleGrantedAuthority("user"));
+
+ MyUser myUser = new MyUser("admin", passwordEncoder.encode("111111"), authorities);
+ logger.debug("myUser is {}", myUser);
+
+ return myUser;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/MyUser.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/MyUser.java
new file mode 100644
index 0000000..dc3a27b
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/MyUser.java
@@ -0,0 +1,30 @@
+package com.supwisdom.leaveschool.client.security.core.userdetails;
+
+import java.util.Collection;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+
+public class MyUser extends User {
+
+ //private static final Log logger = LogFactory.getLog(MyUser.class);
+ private static final Logger logger = LoggerFactory.getLogger(MyUser.class);
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 5438858716934315373L;
+
+ public MyUser(String username, String password,
+ Collection<? extends GrantedAuthority> authorities) {
+ this(username, password, true, true, true, true, authorities);
+ }
+
+ public MyUser(String username, String password, boolean enabled, boolean accountNonExpired,
+ boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
+ super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/MyUserDetailsService.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/MyUserDetailsService.java
new file mode 100644
index 0000000..be7c59f
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/MyUserDetailsService.java
@@ -0,0 +1,52 @@
+package com.supwisdom.leaveschool.client.security.core.userdetails;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import com.supwisdom.leaveschool.client.service.SampleUser1SecurityUserRemoteService;
+import com.supwisdom.leaveschool.proxy.user.domain.Role;
+import com.supwisdom.leaveschool.proxy.user.model.SecurityUser;
+
+public class MyUserDetailsService implements UserDetailsService {
+
+ private static final Logger logger = LoggerFactory.getLogger(MyUserDetailsService.class);
+
+ @Autowired
+ PasswordEncoder passwordEncoder;
+
+ @Autowired
+ SampleUser1SecurityUserRemoteService sampleUser1SecurityUserRemoteService;
+
+ @Override
+ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+
+ logger.debug("MyUserDetailsService.loadUserByUsername({})", username);
+
+ SecurityUser securityUser = sampleUser1SecurityUserRemoteService.loadUserByUsername(username);
+ if (securityUser == null) {
+ throw new UsernameNotFoundException(String.format("%s not found", username));
+ }
+
+ // TODO: 从数据库获取
+ List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+ for (Role role : securityUser.getRoles()) {
+ authorities.add(new SimpleGrantedAuthority(role.getCode()));
+ }
+
+ MyUser myUser = new MyUser(securityUser.getUser().getUsername(), securityUser.getUser().getPassword(), authorities);
+ logger.debug("myUser is {}", myUser);
+
+ return myUser;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/MyAccessDecisionManager.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/MyAccessDecisionManager.java
new file mode 100644
index 0000000..003410a
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/MyAccessDecisionManager.java
@@ -0,0 +1,48 @@
+package com.supwisdom.leaveschool.client.security.web.access;
+
+import java.util.Collection;
+import java.util.Iterator;
+
+import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.authentication.InsufficientAuthenticationException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+
+public class MyAccessDecisionManager implements AccessDecisionManager {
+
+ @Override
+ public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes)
+ throws AccessDeniedException, InsufficientAuthenticationException {
+
+ if (null == configAttributes || configAttributes.size() <= 0) {
+ return;
+ }
+
+ ConfigAttribute ca;
+ String needRole;
+ for (Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext();) {
+ ca = iter.next();
+ needRole = ca.getAttribute();
+ for (GrantedAuthority ga : authentication.getAuthorities()) { // authentication 为在注释1 中循环添加到 GrantedAuthority 对象中的权限信息集合
+ if (needRole.trim().equals(ga.getAuthority())) {
+ return;
+ }
+ }
+ }
+
+ throw new AccessDeniedException("no right");
+ }
+
+ @Override
+ public boolean supports(ConfigAttribute attribute) {
+ return true;
+ }
+
+ @Override
+ public boolean supports(Class<?> clazz) {
+ return true;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterInvocationSecurityMetadataSource.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterInvocationSecurityMetadataSource.java
new file mode 100644
index 0000000..596f8a5
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterInvocationSecurityMetadataSource.java
@@ -0,0 +1,92 @@
+package com.supwisdom.leaveschool.client.security.web.access.intercept;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.access.SecurityConfig;
+import org.springframework.security.web.FilterInvocation;
+import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.util.matcher.RequestMatcher;
+
+import com.supwisdom.leaveschool.client.service.SampleUser1SecurityUserRemoteService;
+
+public class MyFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
+
+ @Autowired
+ SampleUser1SecurityUserRemoteService sampleUser1SecurityUserRemoteService;
+
+ private Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = null;
+ //private Map<String, Collection<ConfigAttribute>> permissionRoles;
+
+ private void loadRequestMap() {
+ if (requestMap == null) {
+ requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
+
+ //sampleUser1SecurityUserRemoteService.loadPermissionsByAppcode()
+
+ AntPathRequestMatcher requestMatcher0 = new AntPathRequestMatcher("/api/**");
+ Collection<ConfigAttribute> attributes0 = new ArrayList<ConfigAttribute>(); // FIXME: 返回当前请求的url 对应的 角色代码
+ attributes0.add(new SecurityConfig("user"));
+ requestMap.put(requestMatcher0, attributes0);
+
+
+ AntPathRequestMatcher requestMatcher = new AntPathRequestMatcher("/web/**");
+
+ Collection<ConfigAttribute> attributes = new ArrayList<ConfigAttribute>(); // FIXME: 返回当前请求的url 对应的 角色代码
+ attributes.add(new SecurityConfig("user"));
+
+ requestMap.put(requestMatcher, attributes);
+ }
+ }
+
+ /**
+ * 获取当前请求关联的所有角色code {@link SecurityConfig}
+ * 用于和用户拥有的角色code 进行比对
+ */
+ @Override
+ public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
+
+ if (requestMap == null) {
+ loadRequestMap();
+ }
+
+ HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
+
+ RequestMatcher requestMatcher;
+ for(Iterator<RequestMatcher> iter = requestMap.keySet().iterator(); iter.hasNext(); ) {
+ requestMatcher = iter.next();
+
+ if(requestMatcher.matches(request)) {
+ return requestMap.get(requestMatcher);
+ }
+ }
+
+ return null;
+
+// Collection<ConfigAttribute> attributes = new ArrayList<ConfigAttribute>(); // FIXME: 返回当前请求的url 对应的 角色代码
+// attributes.add(new SecurityConfig("administrator"));
+//
+// return attributes;
+ }
+
+ @Override
+ public Collection<ConfigAttribute> getAllConfigAttributes() {
+
+ return null;
+ }
+
+ @Override
+ public boolean supports(Class<?> clazz) {
+
+ return true;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterSecurityInterceptor.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterSecurityInterceptor.java
new file mode 100644
index 0000000..32e0232
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterSecurityInterceptor.java
@@ -0,0 +1,80 @@
+package com.supwisdom.leaveschool.client.security.web.access.intercept;
+
+import java.io.IOException;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.servlet.ServletException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.access.SecurityMetadataSource;
+import org.springframework.security.access.intercept.InterceptorStatusToken;
+//import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.web.FilterInvocation;
+import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
+
+import com.supwisdom.infras.security.web.access.intercept.InfrasFilterSecurityInterceptor;
+
+public class MyFilterSecurityInterceptor extends InfrasFilterSecurityInterceptor {
+
+ private static final Logger logger = LoggerFactory.getLogger(MyFilterSecurityInterceptor.class);
+
+ @Autowired
+ private FilterInvocationSecurityMetadataSource securityMetadataSource;
+
+ @Autowired
+ public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager) {
+
+ super.setAccessDecisionManager(accessDecisionManager);
+ }
+
+// @Autowired
+// public void setAuthenticationManager(AuthenticationManager newManager) {
+//
+// super.setAuthenticationManager(newManager);
+// };
+
+ @Override
+ public void invoke(FilterInvocation fi) throws IOException, ServletException {
+
+ Set<String> noneSecurityUrl = new HashSet<String>(); // FIXME: 对无须访问控制的url,支持可配置
+ noneSecurityUrl.add("/web/login");
+ noneSecurityUrl.add("/web/logout");
+ noneSecurityUrl.add("/web/index");
+
+ if (fi.getRequest() != null) {
+ String requestUrl = fi.getRequestUrl(); logger.debug("MyFilterSecurityInterceptor invoke requestUrl: {}", requestUrl);
+ if (noneSecurityUrl.contains(requestUrl)) {
+ fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
+ return;
+ }
+ }
+
+ // fi里面有一个被拦截的url
+ // 里面调用MyInvocationSecurityMetadataSource的getAttributes(Object object)这个方法获取fi对应的所有权限
+ // 再调用MyAccessDecisionManager的decide方法来校验用户的权限是否足够
+ InterceptorStatusToken token = super.beforeInvocation(fi);
+ try {
+ // 执行下一个拦截器
+ fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
+ } finally {
+ super.afterInvocation(token, null);
+ }
+ }
+
+ @Override
+ public Class<?> getSecureObjectClass() {
+
+ return FilterInvocation.class;
+ }
+
+ @Override
+ public SecurityMetadataSource obtainSecurityMetadataSource() {
+
+ return this.securityMetadataSource;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/DemoUserRemoteService.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/DemoUserRemoteService.java
new file mode 100644
index 0000000..2fa6624
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/DemoUserRemoteService.java
@@ -0,0 +1,23 @@
+package com.supwisdom.leaveschool.client.service;
+
+import java.util.Map;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.supwisdom.leaveschool.client.service.fallback.DemoUserRemoteHystrix;
+
+@FeignClient(
+ name = "sample-user",
+ url = "${sample-user.api.url}/api/demo/users",
+ fallback = DemoUserRemoteHystrix.class
+)
+public interface DemoUserRemoteService {
+
+ @RequestMapping(method = RequestMethod.GET, value = "/greeting/{name}", produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ Map<String, Object> greeting(@PathVariable("name") String name);
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminGroupRemoteService.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminGroupRemoteService.java
new file mode 100644
index 0000000..bd98ff5
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminGroupRemoteService.java
@@ -0,0 +1,38 @@
+package com.supwisdom.leaveschool.client.service;
+
+import java.util.Map;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.supwisdom.leaveschool.client.service.fallback.SampleUser1AdminGroupRemoteHystrix;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.Group;
+
+@FeignClient(
+ name = "sample-user-1-admin-group",
+ url = "${sample-user.api.url}/api/v1/admin/groups",
+ fallback = SampleUser1AdminGroupRemoteHystrix.class
+)
+public interface SampleUser1AdminGroupRemoteService {
+
+ @RequestMapping(method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public PagerResponseModel<Group> list();
+
+ @RequestMapping(path = "/{id}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Group get(@PathVariable("id") String id);
+
+ @RequestMapping(method = RequestMethod.POST, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> create(@RequestBody Group user);
+
+ @RequestMapping(method = RequestMethod.PUT, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> update(@RequestBody Group user);
+
+ @RequestMapping(path = "/{id}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> delete(@PathVariable("id") String id);
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminRoleRemoteService.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminRoleRemoteService.java
new file mode 100644
index 0000000..669675a
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminRoleRemoteService.java
@@ -0,0 +1,38 @@
+package com.supwisdom.leaveschool.client.service;
+
+import java.util.Map;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.supwisdom.leaveschool.client.service.fallback.SampleUser1AdminRoleRemoteHystrix;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.Role;
+
+@FeignClient(
+ name = "sample-user-1-admin-role",
+ url = "${sample-user.api.url}/api/v1/admin/roles",
+ fallback = SampleUser1AdminRoleRemoteHystrix.class
+)
+public interface SampleUser1AdminRoleRemoteService {
+
+ @RequestMapping(method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public PagerResponseModel<Role> list();
+
+ @RequestMapping(path = "/{id}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Role get(@PathVariable("id") String id);
+
+ @RequestMapping(method = RequestMethod.POST, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> create(@RequestBody Role user);
+
+ @RequestMapping(method = RequestMethod.PUT, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> update(@RequestBody Role user);
+
+ @RequestMapping(path = "/{id}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> delete(@PathVariable("id") String id);
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminUserRemoteService.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminUserRemoteService.java
new file mode 100644
index 0000000..74012c0
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1AdminUserRemoteService.java
@@ -0,0 +1,38 @@
+package com.supwisdom.leaveschool.client.service;
+
+import java.util.Map;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.supwisdom.leaveschool.client.service.fallback.SampleUser1AdminUserRemoteHystrix;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.User;
+
+@FeignClient(
+ name = "sample-user-1-admin-user",
+ url = "${sample-user.api.url}/api/v1/admin/users",
+ fallback = SampleUser1AdminUserRemoteHystrix.class
+)
+public interface SampleUser1AdminUserRemoteService {
+
+ @RequestMapping(method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public PagerResponseModel<User> list();
+
+ @RequestMapping(path = "/{id}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public User get(@PathVariable("id") String id);
+
+ @RequestMapping(method = RequestMethod.POST, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> create(@RequestBody User user);
+
+ @RequestMapping(method = RequestMethod.PUT, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> update(@RequestBody User user);
+
+ @RequestMapping(path = "/{id}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> delete(@PathVariable("id") String id);
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1SecurityUserRemoteService.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1SecurityUserRemoteService.java
new file mode 100644
index 0000000..9a55516
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/SampleUser1SecurityUserRemoteService.java
@@ -0,0 +1,36 @@
+package com.supwisdom.leaveschool.client.service;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import com.supwisdom.leaveschool.client.service.fallback.SampleUser1SecurityUserRemoteHystrix;
+import com.supwisdom.leaveschool.proxy.user.model.SecurityUser;
+
+@FeignClient(
+ name = "sample-user-1-security-user",
+ url = "${sample-user.api.url}/api/v1/security/users",
+ fallback = SampleUser1SecurityUserRemoteHystrix.class
+)
+public interface SampleUser1SecurityUserRemoteService {
+
+ @RequestMapping(path = "/{username}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public SecurityUser loadUserByUsername(@PathVariable("username") String username);
+
+ /**
+ *
+ * @param username
+ * @param applicationCode
+ * @param type
+ * @return
+ */
+ @RequestMapping(path = "/{username}/{applicationCode}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public SecurityUser loadPermissionsByUsernameAppcode(
+ @PathVariable("username") String username,
+ @PathVariable("applicationCode") String applicationCode,
+ @RequestParam(value = "type", required = false) String type);
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/DemoUserRemoteHystrix.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/DemoUserRemoteHystrix.java
new file mode 100644
index 0000000..00dd73d
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/DemoUserRemoteHystrix.java
@@ -0,0 +1,22 @@
+package com.supwisdom.leaveschool.client.service.fallback;
+
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import com.supwisdom.leaveschool.client.service.DemoUserRemoteService;
+
+@Component
+public class DemoUserRemoteHystrix implements DemoUserRemoteService {
+
+ private static final Logger logger = LoggerFactory.getLogger(DemoUserRemoteHystrix.class);
+
+ @Override
+ public Map<String, Object> greeting(String name) {
+ logger.debug("greeting failure!");
+ return null;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminGroupRemoteHystrix.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminGroupRemoteHystrix.java
new file mode 100644
index 0000000..dd985e0
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminGroupRemoteHystrix.java
@@ -0,0 +1,43 @@
+package com.supwisdom.leaveschool.client.service.fallback;
+
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import com.supwisdom.leaveschool.client.service.SampleUser1AdminGroupRemoteService;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.Group;
+
+@Component
+public class SampleUser1AdminGroupRemoteHystrix implements SampleUser1AdminGroupRemoteService {
+
+ private static final Logger logger = LoggerFactory.getLogger(SampleUser1AdminGroupRemoteHystrix.class);
+
+ @Override
+ public PagerResponseModel<Group> list() {
+ return null;
+ }
+
+ @Override
+ public Group get(String id) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> create(Group user) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> update(Group user) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> delete(String id) {
+ return null;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminRoleRemoteHystrix.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminRoleRemoteHystrix.java
new file mode 100644
index 0000000..dcb8cc5
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminRoleRemoteHystrix.java
@@ -0,0 +1,43 @@
+package com.supwisdom.leaveschool.client.service.fallback;
+
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import com.supwisdom.leaveschool.client.service.SampleUser1AdminRoleRemoteService;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.Role;
+
+@Component
+public class SampleUser1AdminRoleRemoteHystrix implements SampleUser1AdminRoleRemoteService {
+
+ private static final Logger logger = LoggerFactory.getLogger(SampleUser1AdminRoleRemoteHystrix.class);
+
+ @Override
+ public PagerResponseModel<Role> list() {
+ return null;
+ }
+
+ @Override
+ public Role get(String id) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> create(Role user) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> update(Role user) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> delete(String id) {
+ return null;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminUserRemoteHystrix.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminUserRemoteHystrix.java
new file mode 100644
index 0000000..0f4f9a8
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1AdminUserRemoteHystrix.java
@@ -0,0 +1,43 @@
+package com.supwisdom.leaveschool.client.service.fallback;
+
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import com.supwisdom.leaveschool.client.service.SampleUser1AdminUserRemoteService;
+import com.supwisdom.leaveschool.proxy.common.model.PagerResponseModel;
+import com.supwisdom.leaveschool.proxy.user.domain.User;
+
+@Component
+public class SampleUser1AdminUserRemoteHystrix implements SampleUser1AdminUserRemoteService {
+
+ private static final Logger logger = LoggerFactory.getLogger(SampleUser1AdminUserRemoteHystrix.class);
+
+ @Override
+ public PagerResponseModel<User> list() {
+ return null;
+ }
+
+ @Override
+ public User get(String id) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> create(User user) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> update(User user) {
+ return null;
+ }
+
+ @Override
+ public Map<String, Object> delete(String id) {
+ return null;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1SecurityUserRemoteHystrix.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1SecurityUserRemoteHystrix.java
new file mode 100644
index 0000000..a2cbaaf
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/service/fallback/SampleUser1SecurityUserRemoteHystrix.java
@@ -0,0 +1,21 @@
+package com.supwisdom.leaveschool.client.service.fallback;
+
+import org.springframework.stereotype.Component;
+
+import com.supwisdom.leaveschool.client.service.SampleUser1SecurityUserRemoteService;
+import com.supwisdom.leaveschool.proxy.user.model.SecurityUser;
+
+@Component
+public class SampleUser1SecurityUserRemoteHystrix implements SampleUser1SecurityUserRemoteService {
+
+ @Override
+ public SecurityUser loadUserByUsername(String username) {
+ return null;
+ }
+
+ @Override
+ public SecurityUser loadPermissionsByUsernameAppcode(String username, String applicationCode, String type) {
+ return null;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/util/AuthenticationUtil.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/util/AuthenticationUtil.java
new file mode 100644
index 0000000..438477b
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/util/AuthenticationUtil.java
@@ -0,0 +1,44 @@
+package com.supwisdom.leaveschool.client.util;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+import com.supwisdom.leaveschool.client.security.core.userdetails.MyUser;
+
+public class AuthenticationUtil {
+
+ private static final Logger logger = LoggerFactory.getLogger(AuthenticationUtil.class);
+
+ public static String currentUsername() {
+
+ Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+ if (authentication == null) {
+ logger.error("authentication is null");
+ return null;
+ }
+
+ logger.debug("authentication is {}", authentication.getPrincipal());
+
+ if (!authentication.isAuthenticated()) {
+ logger.error("authentication is not authenticated");
+ return null;
+ }
+
+ if (authentication.getPrincipal() == null) {
+ logger.error("authentication's principal is null");
+ return null;
+ }
+
+ logger.debug("authentication's principal is {}", authentication.getPrincipal());
+
+ if (authentication.getPrincipal() instanceof MyUser) {
+ return ((MyUser) authentication.getPrincipal()).getUsername();
+ }
+
+ return null;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/util/MyUserUtil.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/util/MyUserUtil.java
new file mode 100644
index 0000000..3cd0a58
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/client/util/MyUserUtil.java
@@ -0,0 +1,49 @@
+package com.supwisdom.leaveschool.client.util;
+
+
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+import com.supwisdom.leaveschool.client.security.core.userdetails.MyUser;
+
+/**
+ * @author Sheng.Wang
+ *
+ */
+public class MyUserUtil {
+
+ public static MyUser getCurrentMyUser(){
+ Authentication au = SecurityContextHolder.getContext().getAuthentication();
+ if (au == null) return null;
+ if (au.getPrincipal() == null) return null;
+ if (au != null && au.getPrincipal() instanceof MyUser){
+ return (MyUser)au.getPrincipal();
+ }else {
+ MyUser MyUser = new MyUser(au.getPrincipal().toString(),au.getCredentials() == null?null:au.getCredentials().toString(),null);
+ return MyUser;
+ }
+ }
+ public static String getCurrentMyUserName(){
+ MyUser MyUser = getCurrentMyUser();
+ if (MyUser == null) return "";
+ return MyUser.getUsername();
+ }
+ public static boolean isLogged(){
+ Authentication au = SecurityContextHolder.getContext().getAuthentication();
+ if (au == null) return false;
+ if (au.getPrincipal() == null) return false;
+ if (au.getPrincipal() instanceof MyUser) return true;
+ return false;
+ }
+
+ public static String getMyUserTpye(){
+ Authentication au = SecurityContextHolder.getContext().getAuthentication();
+ if (au == null) return "";
+ if (au.getPrincipal() == null) return "";
+ if (au.getPrincipal() instanceof MyUser) return ((MyUser)au.getPrincipal()).getClass().getSimpleName();
+ return "";
+ }
+
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/domain/ABaseDomain.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/domain/ABaseDomain.java
new file mode 100644
index 0000000..166cc6b
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/domain/ABaseDomain.java
@@ -0,0 +1,109 @@
+package com.supwisdom.leaveschool.proxy.common.domain;
+
+import java.io.Serializable;
+import java.util.Date;
+
+public abstract class ABaseDomain implements Serializable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -4987240608338421556L;
+
+ private String id;
+
+ /**
+ * 获取主键
+ */
+ public String getId() {
+ return id;
+ }
+
+ /**
+ * 设置ID属性,主要用于人工指定键值
+ */
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ private String companyId = null;
+
+ private Boolean deleted = false;
+
+ private String addAccount = null;
+
+ private Date addTime = null;
+
+ private String editAccount = null;
+
+ private Date editTime = null;
+
+ private String deleteAccount = null;
+
+ private Date deleteTime = null;
+
+ public String getCompanyId() {
+ return companyId;
+ }
+
+ public void setCompanyId(String companyId) {
+ this.companyId = companyId;
+ }
+
+ public Boolean isDeleted() {
+ return deleted;
+ }
+
+ public void setDeleted(Boolean deleted) {
+ this.deleted = deleted;
+ }
+
+ public String getAddAccount() {
+ return addAccount;
+ }
+
+ public void setAddAccount(String addAccount) {
+ this.addAccount = addAccount;
+ }
+
+ public Date getAddTime() {
+ return addTime;
+ }
+
+ public void setAddTime(Date addTime) {
+ this.addTime = addTime;
+ }
+
+ public String getEditAccount() {
+ return editAccount;
+ }
+
+ public void setEditAccount(String editAccount) {
+ this.editAccount = editAccount;
+ }
+
+ public Date getEditTime() {
+ return editTime;
+ }
+
+ public void setEditTime(Date editTime) {
+ this.editTime = editTime;
+ }
+
+ public String getDeleteAccount() {
+ return deleteAccount;
+ }
+
+ public void setDeleteAccount(String deleteAccount) {
+ this.deleteAccount = deleteAccount;
+ }
+
+ public Date getDeleteTime() {
+ return deleteTime;
+ }
+
+ public void setDeleteTime(Date deleteTime) {
+ this.deleteTime = deleteTime;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/model/PagerRequestModel.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/model/PagerRequestModel.java
new file mode 100644
index 0000000..75007e0
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/model/PagerRequestModel.java
@@ -0,0 +1,42 @@
+package com.supwisdom.leaveschool.proxy.common.model;
+
+import java.io.Serializable;
+import java.util.Map;
+
+public class PagerRequestModel implements Serializable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 6099787167570502127L;
+
+ private int pageIndex = 0;
+ private int pageSize = 20;
+
+ public int getPageIndex() {
+ return pageIndex;
+ }
+
+ public void setPageIndex(int pageIndex) {
+ this.pageIndex = pageIndex;
+ }
+
+ public int getPageSize() {
+ return pageSize;
+ }
+
+ public void setPageSize(int pageSize) {
+ this.pageSize = pageSize;
+ }
+
+ private Map<String, Object> mapBean;
+
+ public Map<String, Object> getMapBean() {
+ return mapBean;
+ }
+
+ public void setMapBean(Map<String, Object> mapBean) {
+ this.mapBean = mapBean;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/model/PagerResponseModel.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/model/PagerResponseModel.java
new file mode 100644
index 0000000..7be5a93
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/common/model/PagerResponseModel.java
@@ -0,0 +1,71 @@
+package com.supwisdom.leaveschool.proxy.common.model;
+
+import java.io.Serializable;
+import java.util.Collection;
+
+public class PagerResponseModel<T> extends PagerRequestModel implements Serializable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -3449591075961852442L;
+
+ private int currentItemCount;
+
+ private int pageCount;
+ private long recordCount;
+
+ private Collection<T> items;
+
+ public PagerResponseModel() {
+
+ }
+
+ public PagerResponseModel(PagerRequestModel pagerRequestModel) {
+ super.setPageIndex(pagerRequestModel.getPageIndex());
+ super.setPageSize(pagerRequestModel.getPageSize());
+ super.setMapBean(pagerRequestModel.getMapBean());
+ }
+
+ public static <T> PagerResponseModel<T> of(PagerRequestModel pagerRequestModel) {
+ PagerResponseModel<T> pagerResponseModell = new PagerResponseModel<T>();
+ pagerResponseModell.setPageIndex(pagerRequestModel.getPageIndex());
+ pagerResponseModell.setPageSize(pagerRequestModel.getPageSize());
+ pagerResponseModell.setMapBean(pagerRequestModel.getMapBean());
+
+ return pagerResponseModell;
+ }
+
+ public int getCurrentItemCount() {
+ return currentItemCount;
+ }
+
+ public void setCurrentItemCount(int currentItemCount) {
+ this.currentItemCount = currentItemCount;
+ }
+
+ public int getPageCount() {
+ return pageCount;
+ }
+
+ public void setPageCount(int pageCount) {
+ this.pageCount = pageCount;
+ }
+
+ public long getRecordCount() {
+ return recordCount;
+ }
+
+ public void setRecordCount(long recordCount) {
+ this.recordCount = recordCount;
+ }
+
+ public Collection<T> getItems() {
+ return items;
+ }
+
+ public void setItems(Collection<T> items) {
+ this.items = items;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Group.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Group.java
new file mode 100644
index 0000000..1269f29
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Group.java
@@ -0,0 +1,64 @@
+package com.supwisdom.leaveschool.proxy.user.domain;
+
+import com.supwisdom.leaveschool.proxy.common.domain.ABaseDomain;
+
+public class Group extends ABaseDomain {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 4260326816456622523L;
+
+ /**
+ * 代码
+ */
+ private String code;
+
+ /**
+ * 名称
+ */
+ private String name;
+
+ /**
+ * 备注
+ */
+ private String memo;
+
+ /**
+ * 状态(1 启用,0 停用)
+ */
+ private String status;
+
+ public String getCode() {
+ return code;
+ }
+
+ public void setCode(String code) {
+ this.code = code;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getMemo() {
+ return memo;
+ }
+
+ public void setMemo(String memo) {
+ this.memo = memo;
+ }
+
+ public String getStatus() {
+ return status;
+ }
+
+ public void setStatus(String status) {
+ this.status = status;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Permission.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Permission.java
new file mode 100644
index 0000000..c856618
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Permission.java
@@ -0,0 +1,155 @@
+package com.supwisdom.leaveschool.proxy.user.domain;
+
+import com.supwisdom.leaveschool.proxy.common.domain.ABaseDomain;
+
+public class Permission extends ABaseDomain {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -8834200833972243635L;
+
+ /**
+ * 代码
+ */
+ private String code;
+
+ /**
+ * 名称
+ */
+ private String name;
+
+ /**
+ * 备注
+ */
+ private String memo;
+
+ /**
+ * 状态(1 启用,0 停用)
+ */
+ private String status;
+
+ /**
+ * 类型(1 应用,2 页面,3 操作)
+ */
+ private String type;
+
+ /**
+ * URL地址
+ */
+ private String url;
+
+ /**
+ * 父级ID
+ */
+ private String parentId;
+
+ /**
+ * 排序
+ */
+ private String order;
+
+ /**
+ * 层次
+ */
+ private String level;
+
+ /**
+ * 左序
+ */
+ private int lft;
+
+ /**
+ * 右序
+ */
+ private int rgt;
+
+ public String getCode() {
+ return code;
+ }
+
+ public void setCode(String code) {
+ this.code = code;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getMemo() {
+ return memo;
+ }
+
+ public void setMemo(String memo) {
+ this.memo = memo;
+ }
+
+ public String getStatus() {
+ return status;
+ }
+
+ public void setStatus(String status) {
+ this.status = status;
+ }
+
+ public String getType() {
+ return type;
+ }
+
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ public String getUrl() {
+ return url;
+ }
+
+ public void setUrl(String url) {
+ this.url = url;
+ }
+
+ public String getParentId() {
+ return parentId;
+ }
+
+ public void setParentId(String parentId) {
+ this.parentId = parentId;
+ }
+
+ public String getOrder() {
+ return order;
+ }
+
+ public void setOrder(String order) {
+ this.order = order;
+ }
+
+ public String getLevel() {
+ return level;
+ }
+
+ public void setLevel(String level) {
+ this.level = level;
+ }
+
+ public int getLft() {
+ return lft;
+ }
+
+ public void setLft(int lft) {
+ this.lft = lft;
+ }
+
+ public int getRgt() {
+ return rgt;
+ }
+
+ public void setRgt(int rgt) {
+ this.rgt = rgt;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Role.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Role.java
new file mode 100644
index 0000000..207c3ef
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/Role.java
@@ -0,0 +1,64 @@
+package com.supwisdom.leaveschool.proxy.user.domain;
+
+import com.supwisdom.leaveschool.proxy.common.domain.ABaseDomain;
+
+public class Role extends ABaseDomain {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 5470129732727732514L;
+
+ /**
+ * 代码
+ */
+ private String code;
+
+ /**
+ * 名称
+ */
+ private String name;
+
+ /**
+ * 备注
+ */
+ private String memo;
+
+ /**
+ * 状态(1 启用,0 停用)
+ */
+ private String status;
+
+ public String getCode() {
+ return code;
+ }
+
+ public void setCode(String code) {
+ this.code = code;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getMemo() {
+ return memo;
+ }
+
+ public void setMemo(String memo) {
+ this.memo = memo;
+ }
+
+ public String getStatus() {
+ return status;
+ }
+
+ public void setStatus(String status) {
+ this.status = status;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/User.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/User.java
new file mode 100644
index 0000000..6298188
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/domain/User.java
@@ -0,0 +1,138 @@
+package com.supwisdom.leaveschool.proxy.user.domain;
+
+import com.supwisdom.leaveschool.proxy.common.domain.ABaseDomain;
+
+public class User extends ABaseDomain {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -151087923960172281L;
+
+ /**
+ * 用户名
+ */
+ private String username;
+
+ /**
+ * 密码
+ */
+ private String password;
+
+ /**
+ * 是否可用,1 可用,0 不可用,默认:1
+ */
+ private Boolean enabled;
+ /**
+ * 账号未过期,1 未过期,0 过期,默认:1
+ */
+ private Boolean accountNonExpired;
+ /**
+ * 账号未锁定,1 未锁定,0 锁定,默认:1
+ */
+ private Boolean accountNonLocked;
+ /**
+ * 密码未过期,1 未过期,0 过期,默认:1
+ */
+ private Boolean credentialsNonExpired;
+
+ /**
+ * 姓名
+ */
+ private String name;
+
+ /**
+ * 状态(1 启用,0 停用)
+ */
+ private String status;
+
+ /**
+ * 登录手机
+ */
+ private String mobile;
+ /**
+ * 登录邮箱
+ */
+ private String email;
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ public Boolean getEnabled() {
+ return enabled;
+ }
+
+ public void setEnabled(Boolean enabled) {
+ this.enabled = enabled;
+ }
+
+ public Boolean getAccountNonExpired() {
+ return accountNonExpired;
+ }
+
+ public void setAccountNonExpired(Boolean accountNonExpired) {
+ this.accountNonExpired = accountNonExpired;
+ }
+
+ public Boolean getAccountNonLocked() {
+ return accountNonLocked;
+ }
+
+ public void setAccountNonLocked(Boolean accountNonLocked) {
+ this.accountNonLocked = accountNonLocked;
+ }
+
+ public Boolean getCredentialsNonExpired() {
+ return credentialsNonExpired;
+ }
+
+ public void setCredentialsNonExpired(Boolean credentialsNonExpired) {
+ this.credentialsNonExpired = credentialsNonExpired;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getStatus() {
+ return status;
+ }
+
+ public void setStatus(String status) {
+ this.status = status;
+ }
+
+ public String getMobile() {
+ return mobile;
+ }
+
+ public void setMobile(String mobile) {
+ this.mobile = mobile;
+ }
+
+ public String getEmail() {
+ return email;
+ }
+
+ public void setEmail(String email) {
+ this.email = email;
+ }
+
+}
diff --git a/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/model/SecurityUser.java b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/model/SecurityUser.java
new file mode 100644
index 0000000..798926a
--- /dev/null
+++ b/leaveschool/client/src/main/java/com/supwisdom/leaveschool/proxy/user/model/SecurityUser.java
@@ -0,0 +1,47 @@
+package com.supwisdom.leaveschool.proxy.user.model;
+
+import java.io.Serializable;
+import java.util.List;
+
+import com.supwisdom.leaveschool.proxy.user.domain.Permission;
+import com.supwisdom.leaveschool.proxy.user.domain.Role;
+import com.supwisdom.leaveschool.proxy.user.domain.User;
+
+public class SecurityUser implements Serializable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -1068580365294859071L;
+
+ private User user;
+
+ private List<Role> roles;
+
+ private List<Permission> permissions;
+
+ public User getUser() {
+ return user;
+ }
+
+ public void setUser(User user) {
+ this.user = user;
+ }
+
+ public List<Role> getRoles() {
+ return roles;
+ }
+
+ public void setRoles(List<Role> roles) {
+ this.roles = roles;
+ }
+
+ public List<Permission> getPermissions() {
+ return permissions;
+ }
+
+ public void setPermissions(List<Permission> permissions) {
+ this.permissions = permissions;
+ }
+
+}
diff --git a/leaveschool/client/src/main/resources/application.yml b/leaveschool/client/src/main/resources/application.yml
new file mode 100644
index 0000000..ad1efe4
--- /dev/null
+++ b/leaveschool/client/src/main/resources/application.yml
@@ -0,0 +1,60 @@
+server:
+ port: 8080
+
+## logging
+logging:
+ level:
+ root: INFO
+ org.springframework.web: INFO
+ org.springframework.cloud.openfeign: TRACE
+ com.supwisdom.infras.security: DEBUG
+ com.supwisdom.leaveschool: DEBUG
+
+spring:
+ application:
+ name: sample-client
+ thymeleaf:
+ cache: false
+
+feign:
+ client:
+ config:
+ default:
+ connectTimeout: 12000
+ readTimeout: 12000
+ loggerLevel: full
+ hystrix:
+ enabled: true
+
+hystrix:
+ command:
+ default:
+ execution:
+ timeout:
+ enabled: true
+ isolation:
+ thread:
+ timeoutInMilliseconds: 12000
+
+#infras.security.cas.enabled: true
+
+## CAS
+#应用访问地址
+app.server.host.url: http://localhost:8080
+#应用登录地址
+app.login.url: /web/caslogin
+#应用登出地址
+app.logout.url: /web/logout
+
+#CAS服务地址
+cas.server.host.url: http://101.231.81.202:9080/cas
+#CAS服务登录地址
+cas.server.host.login_url: ${cas.server.host.url}/login
+#CAS服务登出地址
+cas.server.host.logout_url: ${cas.server.host.url}/logout?service=${app.server.host.url}
+
+
+gateway.api.url: http://localhost:5555
+
+#sample-user.api.url: ${gateway.api.url}/sample-user
+sample-user.api.url: http://localhost:10010
diff --git a/leaveschool/client/src/main/resources/static/assets/css/CSS b/leaveschool/client/src/main/resources/static/assets/css/CSS
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/leaveschool/client/src/main/resources/static/assets/css/CSS
diff --git a/leaveschool/client/src/main/resources/static/assets/css/main.css b/leaveschool/client/src/main/resources/static/assets/css/main.css
new file mode 100644
index 0000000..5e6687a
--- /dev/null
+++ b/leaveschool/client/src/main/resources/static/assets/css/main.css
@@ -0,0 +1,13 @@
+body {
+ font-family: sans;
+ font-size: 1em;
+}
+
+p.error {
+ font-weight: bold;
+ color: red;
+}
+
+div.logout {
+ float: right;
+}
\ No newline at end of file
diff --git a/leaveschool/client/src/main/resources/static/assets/images/IMAGES b/leaveschool/client/src/main/resources/static/assets/images/IMAGES
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/leaveschool/client/src/main/resources/static/assets/images/IMAGES
diff --git a/leaveschool/client/src/main/resources/static/assets/js/JS b/leaveschool/client/src/main/resources/static/assets/js/JS
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/leaveschool/client/src/main/resources/static/assets/js/JS
diff --git a/leaveschool/client/src/main/resources/templates/web/admin/user/index.html b/leaveschool/client/src/main/resources/templates/web/admin/user/index.html
new file mode 100644
index 0000000..2326203
--- /dev/null
+++ b/leaveschool/client/src/main/resources/templates/web/admin/user/index.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
+<head>
+<title>Hello Spring Security</title>
+<meta charset="utf-8" />
+<link rel="stylesheet" href="/assets/css/main.css" th:href="@{/assets/css/main.css}" />
+</head>
+<body>
+ <div th:substituteby="web/index::logout"></div>
+ <h1>This is a secured page!</h1>
+ <p>
+ <a href="/web/index" th:href="@{/web/index}">Back to home page</a>
+ </p>
+</body>
+</html>
\ No newline at end of file
diff --git a/leaveschool/client/src/main/resources/templates/web/index.html b/leaveschool/client/src/main/resources/templates/web/index.html
new file mode 100644
index 0000000..b9dcbf4
--- /dev/null
+++ b/leaveschool/client/src/main/resources/templates/web/index.html
@@ -0,0 +1,26 @@
+<!DOCTYPE HTML>
+<!-- <html xmlns:th="http://www.thymeleaf.org"> -->
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
+<head>
+<title>Hello Spring Security</title>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+<meta charset="utf-8" />
+<link rel="stylesheet" href="/assets/css/main.css" th:href="@{/assets/css/main.css}" />
+</head>
+<body>
+ <div th:fragment="logout" class="logout" sec:authorize="isAuthenticated()">
+ Logged in user: <span sec:authentication="name"></span> |
+ Roles: <span sec:authentication="principal.authorities"></span>
+ <div>
+ <form action="#" th:action="@{/web/logout}" method="post">
+ <input type="submit" value="Logout" />
+ </form>
+ </div>
+ </div>
+ <h1>Hello Spring Security</h1>
+ <p>This is an unsecured page, but you can access the secured pages after authenticating.</p>
+ <ul>
+ <li>Go to the <a href="/web/admin/user/index" th:href="@{/web/admin/user/index}">secured pages</a></li>
+ </ul>
+</body>
+</html>
diff --git a/leaveschool/client/src/main/resources/templates/web/login.html b/leaveschool/client/src/main/resources/templates/web/login.html
new file mode 100644
index 0000000..1bc5e4d
--- /dev/null
+++ b/leaveschool/client/src/main/resources/templates/web/login.html
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
+ <head>
+ <title>Login page</title>
+ <meta charset="utf-8" />
+ <link rel="stylesheet" href="/assets/css/main.css" th:href="@{/assets/css/main.css}" />
+ </head>
+ <body>
+ <h1>Login page</h1>
+ <p>Example user: user / password</p>
+ <p th:if="${loginError}" class="error">Wrong user or password</p>
+ <div th:if="${param.error}" class="alert alert-error">Invalid username and password.</div>
+ <div th:if="${param.logout}" class="alert alert-success">You have been logged out.</div>
+
+ <form th:action="@{/web/login}" method="post">
+ <label for="username">Username</label>:
+ <input type="text" id="username" name="username" autofocus="autofocus" /> <br />
+ <label for="password">Password</label>:
+ <input type="password" id="password" name="password" /> <br />
+ <input type="submit" value="Log in" />
+ </form>
+ <p><a href="/index" th:href="@{/index}">Back to home page</a></p>
+ </body>
+</html>