/AbacSpringSecurity

Attribute-Based Access Control with Spring Security

Primary LanguageJavaMIT LicenseMIT

AbacSpringSecurity

Attribute-Based Access Control with Spring Security

For more details, check The DZone article

All REST requests with sample data are in AbacSpringSecurity.postman_collection.json, you can import it into Postman chrome extension.

How to Build

mvn clean install

Sample Application

How to deploy and run

  • Copy sample-issue-tracker/target/sample-issue-tracker.war to your tomcat webapps folder
  • Start tomcat

How to test

  • Add new project using POST /sample-issue-tracker/projects/
  • Assign PM to the project using PUT /sample-issue-tracker/projects/{project_id}/pm/
  • Add users to the project using POST /sample-issue-tracker/projects/{project_id}/users/
  • Add issues to the project using POST /sample-issue-tracker/projects/{project_id}/issues/
  • Assign issues to users using PUT /sample-issue-tracker/projects/{project_id}/issues/{issue_id}/assignee
  • Update issue's status PUT /sample-issue-tracker/projects/{project_id}/issues/{issue_id}/status

User Authentication

The sample application uses HTTP Basic Authentication and blow are the users that can be used:

  • admin/password
  • pm1/password
  • pm2/password
  • dev1/password
  • dev2/password
  • test1/password
  • test2/password

All users can be found and modified in edu.mostafa.abac.config.InMemoryUserDetailsService class.