WIP Spring Boot

libresonic-main/pom.xml

@@ -30,23 +30,23 @@
             <version>${project.version}</version>
         </dependency>
 
-        <!-- Metrics -->
+        <!-- Metrics
+             Metrics is a cool framework used here
+             to compute musures and statistics during automated testing
+         -->
         <dependency>
             <groupId>io.dropwizard.metrics</groupId>
             <artifactId>metrics-core</artifactId>
             <version>${metrics.version}</version>
             <scope>test</scope>
         </dependency>
+        <!-- END Metrics -->
 
-
+        <!-- Spring -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>jstl</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-tomcat</artifactId>
@@ -69,7 +69,20 @@
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-ldap</artifactId>
         </dependency>
+        <!-- END Spring -->
 
+        <!-- taglibs -->
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>jstl</artifactId>
+            <version>1.2</version>
+        </dependency>
+        <dependency>
+            <groupId>taglibs</groupId>
+            <artifactId>string</artifactId>
+            <version>1.1.0</version>
+        </dependency>
+        <!-- END taglibs -->
 
         <dependency>
             <groupId>org.apache.lucene</groupId>

libresonic-main/src/main/java/org/libresonic/player/boot/Application.java

@@ -4,8 +4,16 @@ import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.builder.SpringApplicationBuilder;
 import org.springframework.boot.web.support.SpringBootServletInitializer;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.ImportResource;
 
 @SpringBootApplication
+@Configuration
+@ImportResource(value = {"classpath:/applicationContext-service.xml",
+        "classpath:/applicationContext-cache.xml",
+        "classpath:/applicationContext-sonos.xml",
+        "classpath:/applicationContext-security.xml",
+        "classpath:/libresonic-servlet.xml"})
 public class Application extends SpringBootServletInitializer {
 
     @Override

libresonic-main/src/main/resources/applicationContext-security.xml

@@ -8,21 +8,21 @@
           http://www.springframework.org/schema/security/spring-security.xsd">
 
     <security:http auto-config='true'>
-        <!-- IS_AUTHENTICATED_ANONYMOUSLY -->
-        <security:intercept-url pattern="/login.*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
-        <security:intercept-url pattern="/recover.view" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/accessDenied.view" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/coverArt.view" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/hls/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/stream/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/ws/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/share/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/style/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/icons/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/flash/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/script/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/sonos/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-        <security:intercept-url pattern="/crossdomain.xml" access="IS_AUTHENTICATED_ANONYMOUSLY" />
+        <!-- permitAll -->
+        <security:intercept-url pattern="/login.*" access="permitAll"/>
+        <security:intercept-url pattern="/recover.view" access="permitAll" />
+        <security:intercept-url pattern="/accessDenied.view" access="permitAll" />
+        <security:intercept-url pattern="/coverArt.view" access="permitAll" />
+        <security:intercept-url pattern="/hls/**" access="permitAll" />
+        <security:intercept-url pattern="/stream/**" access="permitAll" />
+        <security:intercept-url pattern="/ws/**" access="permitAll" />
+        <security:intercept-url pattern="/share/**" access="permitAll" />
+        <security:intercept-url pattern="/style/**" access="permitAll" />
+        <security:intercept-url pattern="/icons/**" access="permitAll" />
+        <security:intercept-url pattern="/flash/**" access="permitAll" />
+        <security:intercept-url pattern="/script/**" access="permitAll" />
+        <security:intercept-url pattern="/sonos/**" access="permitAll" />
+        <security:intercept-url pattern="/crossdomain.xml" access="permitAll" />
 
         <!-- ROLE_SETTINGS -->
         <security:intercept-url pattern="/personalSettings.view" access="ROLE_SETTINGS" />
@@ -55,7 +55,7 @@
         <security:intercept-url pattern="/podcastReceiverAdmin.view" access="ROLE_PODCAST" />
 
         <!-- ROLE_USER -->
-        <security:intercept-url pattern="/**" access="ROLE_USER" />
+        <security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
         <security:form-login login-page="/login.view" default-target-url="/home.view" authentication-failure-url="/login.view?error=1"/>
     </security:http>