Spring Boot Google App Engine security annotation?

Question

I'm currently working on a Spring Boot project with Google App Engine & I'm trying to check if my user is logged in on my controller actions thanks to annotations, like @PreAuthorize(isAuthenticated()). This annotation would return a HTTP 403 error if false.

Currently, my users are logged in with the Google App Engine basic UserService & I already tried to use this annotation without success (it does nothing).

Here is my pom file :

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-tomcat</artifactId>
            <version>2.1.3.RELEASE</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
            <version>2.1.3.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <version>2.1.3.RELEASE</version>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
            <version>2.1.3.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>javax.servlet-api</artifactId>
            <version>4.0.1</version>
            <scope>provided</scope>
        </dependency>
        <dependency>                        
            <groupId>com.google.cloud</groupId>
            <artifactId>google-cloud</artifactId>
            <version>0.47.0-alpha</version>
        </dependency>
        <dependency>
            <groupId>org.webjars</groupId>
            <artifactId>jquery</artifactId>
            <version>3.3.1-2</version>
        </dependency>
        <dependency>
            <groupId>org.webjars</groupId>
            <artifactId>materializecss</artifactId>
            <version>1.0.0</version>
        </dependency>
        <dependency>
            <groupId>com.google.appengine</groupId>
            <artifactId>appengine-api-1.0-sdk</artifactId>
            <version>1.9.71</version>
        </dependency>

I'm trying to make my code more readable currently I'm doing this on my controller :

private UserService userService = UserServiceFactory.getUserService();

@GetMapping("/pizza/create")
public String createPizza(Model model) {
    if (!userService.isUserLoggedIn()) { // used in every actions that need an authentication check
        return "error";
    }

    model.addAttribute("pizza", new Pizza());
    return "create";
}

But I'd like to have this :

@PreAuthorize(isAuthenticated())
@GetMapping("/pizza/create")
public String createPizza(Model model) {
    model.addAttribute("pizza", new Pizza());
    return "create";
}

Try adding `` on `...-servlet.xml`. Check [https://stackoverflow.com/a/3087646/8889821] — Nahuel Varela, Mar 18 '19 at 10:02

Spring Boot Google App Engine security annotation?

0 Answers0