[JAVA] Use Spring Security JSP tags with FreeMarker

Thing you want to do

I want to use JSP tags such as <security: authorize> on FreeMarker. I would like to confirm for myself that it was introduced at https://vorba.ch/2018/spring-boot-freemarker-security-jsp-taglib.html.

It seems that FreeMarker originally has a function to use JSP tags. → Reference URL

environment

Dependence

pom.xml


    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-freemarker</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-taglibs</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.apache.tomcat</groupId>
            <artifactId>tomcat-jsp-api</artifactId>
        </dependency>
    </dependencies>

The point is that you need the Spring Security JSP tag (spring-security-taglibs) and JSP API (tomcat-jsp-api).

Java Config class

SecurityConfig.java


@Configuration
public class MyFreeMarkerConfig {

    private final FreeMarkerConfigurer freeMarkerConfigurer;

    public MyFreeMarkerConfig(FreeMarkerConfigurer freeMarkerConfigurer) {
        this.freeMarkerConfigurer = freeMarkerConfigurer;
    }

    @PostConstruct
    public void init() {
        freeMarkerConfigurer.getTaglibFactory().setClasspathTlds(
                Collections.singletonList("/META-INF/security.tld"));
    }
}

The point is to specify the path of the TLD file.

How to write the screen

index.ftlh


<#assign security=JspTaglibs["http://www.springframework.org/security/tags"]/>
<html>
<head>
    <title>Index</title>
    <meta charset="UTF-8">
</head>
<body>
<h1>Index</h1>
<@security.authorize access="isAuthenticated()">
    <p>Hello, <@security.authentication property="principal.username"/>!</p>
</@security.authorize>
<p><a href="/secret">Go to secret page</a></p>
<form action="/logout" method="post">
    <input type="submit" value="Logout">
    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
</body>
</html>

Specify the JSP tags with <# assign security = JspTaglibs [" http://www.springframework.org/security/tags "] />.

When using tags, <@ security. Tag name Property name =" Property value ">.

The big picture of the code

https://github.com/MasatoshiTada/freemarker-spring-security-sample

Recommended Posts

Use Spring Security JSP tags with FreeMarker
Login function with Spring Security
Use Spring JDBC with Spring Boot
Use Basic Authentication with Spring Boot
Implemented authentication function with Spring Security ②
Implemented authentication function with Spring Security ③
Implemented authentication function with Spring Security ①
Beginning with Spring Boot 0. Use Spring CLI
Authentication / authorization with Spring Security & Thymeleaf
DB authentication with Spring Security & hashing with BCrypt
How Spring Security works with Hello World
Use cache with EhCashe 2.x with Spring Boot
Achieve BASIC authentication with Spring Boot + Spring Security
Hash passwords with Spring Boot + Spring Security (with salt, with stretching)
How to use MyBatis2 (iBatis) with Spring Boot 1.4 (Spring 4)
How to use built-in h2db with spring boot
You use context to use MDC with Spring WebFlux
Try LDAP authentication with Spring Security (Spring Boot) + OpenLDAP
Add your own authentication items with Spring Security
[JAVA] [Spring] [MyBatis] Use IN () with SQL Builder
[Introduction to Spring Boot] Authentication function with Spring Security
Create Spring Cloud Config Server with security with Spring Boot 2.0
Spring Security usage memo: Cooperation with Spring MVC and Boot
Spring Boot with Spring Security Filter settings and addictive points
Implement a simple Rest API with Spring Security with Spring Boot 2.0
Handle passwords hashed with BCryptPasswordEncoder in Spring Security in Perl
Create a simple demo site with Spring Security with Spring Boot 2.1
Try to work with Keycloak using Spring Security SAML (Spring 5)
File upload with Spring Boot (do not use Multipart File)
Call your own method with PreAuthorize in Spring Security
Use ProGuard with Gradle
About Spring Security authentication
Spring with Kotorin --- 5. Actuator
Use Puphpeteer with Docker
Use XVim2 with Xcode 12.0.1
Use CentOS with LXD
Use Interceptor in Spring
Spring Security causes 403 forbidden
Use ngrok with Docker
Use webmock with Rspec
Self-made Validation with Spring
Use WebJars with Gradle
Use jlink with gradle
Spring with Kotorin ―― 1. SPRING INITIALIZR
Download with Spring Boot
Use thymeleaf3 with parent without specifying spring-boot-starter-parent in Spring Boot
Implement a simple Rest API with Spring Security & JWT with Spring Boot 2.0
Login with HttpServletRequest # login in Spring Security of Servlet 3.x environment