|
| 1 | += Spring Data AOT Sample |
| 2 | + |
| 3 | +To compile this project, you will need to use a special Java compiler. |
| 4 | +If you are using SDKMan!, then the version will be correctly selected for you. |
| 5 | +Or, you can do the following: |
| 6 | + |
| 7 | +```bash |
| 8 | +sdk use java 23.0.5.r17-nik |
| 9 | +``` |
| 10 | + |
| 11 | +After that, you can compile like so: |
| 12 | + |
| 13 | +```bash |
| 14 | +./gradlew nativeCompile |
| 15 | +``` |
| 16 | + |
| 17 | +Once compiled, you can run like so: |
| 18 | + |
| 19 | +```bash |
| 20 | +./build/native/nativeCompile/data |
| 21 | +``` |
| 22 | + |
| 23 | +Then you can query for messages using `luke/password` and `rob/password`. |
| 24 | + |
| 25 | +Because the domain objects are secured, you will see a subset of fields with `luke`. |
| 26 | + |
| 27 | +For example, querying `/` with `luke`, you'll see: |
| 28 | + |
| 29 | +```json |
| 30 | + ... |
| 31 | + { |
| 32 | + "created": "2014-07-12T16:00:00Z", |
| 33 | + "id": 112, |
| 34 | + "summary": "Is this secure?", |
| 35 | + "text": "This message is for Luke", |
| 36 | + "to": { |
| 37 | + "email": "luke@example.com", |
| 38 | + "id": "luke", |
| 39 | + "password": "password" |
| 40 | + } |
| 41 | + } |
| 42 | + ... |
| 43 | +``` |
| 44 | + |
| 45 | +However, with `rob`, you'll also see `firstName` and `lastName` like so: |
| 46 | + |
| 47 | +```json |
| 48 | + ... |
| 49 | + { |
| 50 | + "created": "2014-07-12T04:00:00Z", |
| 51 | + "id": 102, |
| 52 | + "summary": "Is this secure?", |
| 53 | + "text": "This message is for Rob", |
| 54 | + "to": { |
| 55 | + "email": "rob@example.com", |
| 56 | + "firstName": "Rob", |
| 57 | + "id": "rob", |
| 58 | + "lastName": "Winch", |
| 59 | + "password": "password" |
| 60 | + } |
| 61 | + } |
| 62 | + ... |
| 63 | +``` |
| 64 | + |
| 65 | +You can also change the message text. |
| 66 | +To do this, copy and paste the `X-CSRF-TOKEN` and `Cookie: JSESSION` headers and include them in a `PUT :8080/102` request. |
| 67 | + |
| 68 | +An example of this request using HTTPie can be seen below: |
| 69 | + |
| 70 | +```bash |
| 71 | +echo -n "updated message" | http -a rob:password PUT :8080/102 "X-CSRF-TOKEN: {copied from GET request}" "Cookie: JSESSIONID={copied from GET request}" |
| 72 | +``` |
| 73 | + |
| 74 | +Read more about the https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#authorize-object[`@AuthorizeReturnObject`] and https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#fallback-values-authorization-denied[]`@DeniedHandler`] in the Spring Security Reference. |
0 commit comments