Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding Kotlin How to enable spring security kotlin DSL?

Thread Rating:
  • 376 Vote(s) - 3.51 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
How to enable spring security kotlin DSL?

Offline deandramwxkezrls


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Sep 2021
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
07-20-2023, 03:22 PM
How can we enable support for the spring security kotlin DSL?

As you can see from the Screenshot of the IDE (IntelliJ), the DSL is not available:

[![enter image description here][1]][1]

This is the full `SecurityConfig.kt` file:
```
package com.example.backend.core

import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
import org.springframework.security.config.web.server.ServerHttpSecurity
import org.springframework.security.web.server.SecurityWebFilterChain

@EnableWebFluxSecurity
class SecurityConfig {

@Bean
fun springSecurityFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain? {
return http {
csrf { disable() }
formLogin { disable() }
httpBasic { disable() }
// ...
}
}

}

```

This is our **build.gradle.kts**
```
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile

val springBootVersion = "2.4.2"

plugins {
id("org.springframework.boot") version "2.4.2"
id("io.spring.dependency-management") version "1.0.11.RELEASE"
kotlin("jvm") version "1.4.21"
kotlin("plugin.spring") version "1.4.21"
}

group = "com.example"
version = "0.0.1-SNAPSHOT"
java.sourceCompatibility = JavaVersion.VERSION_11

configurations {
compileOnly {
extendsFrom(configurations.annotationProcessor.get())
}
}

repositories {
mavenCentral()
}

dependencies {
implementation("org.springframework.boot:spring-boot-starter-actuator")
implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server")
implementation("org.springframework.boot:spring-boot-starter-oauth2-client")
implementation("org.springframework.boot:spring-boot-starter-security")
implementation("org.springframework.boot:spring-boot-starter-webflux")
implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
implementation("io.projectreactor.kotlin:reactor-kotlin-extensions")
implementation("org.flywaydb:flyway-core")
implementation("org.jetbrains.kotlin:kotlin-reflect")
implementation("org.jetbrains.kotlin:kotlin-stdlib-jdk8")
implementation("org.jetbrains.kotlinx:kotlinx-coroutines-reactor")
developmentOnly("org.springframework.boot:spring-boot-devtools")
runtimeOnly("io.micrometer:micrometer-registry-prometheus")
runtimeOnly("org.postgresql:postgresql")
annotationProcessor("org.springframework.boot:spring-boot-configuration-processor")
testImplementation("org.springframework.boot:spring-boot-starter-test")
testImplementation("io.projectreactor:reactor-test")
testImplementation("org.springframework.security:spring-security-test")
}

tasks.withType<KotlinCompile> {
kotlinOptions {
freeCompilerArgs = listOf("-Xjsr305=strict")
jvmTarget = "11"
}
}

tasks.withType<Test> {
useJUnitPlatform()
}
```
And this is the intellij version:
```
IntelliJ IDEA 2020.3 (Community Edition)
Build #IC-203.5981.155, built on November 30, 2020
Runtime version: 11.0.9+11-b1145.21 amd64
VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o.
Linux 5.4.0-64-generic
GC: ParNew, ConcurrentMarkSweep
Memory: 1979M
Cores: 12
Registry: compiler.automake.allow.when.app.running=true
Non-Bundled Plugins: Key Promoter X, Dart, io.flutter, Lombook Plugin, org.jetbrains.kotlin
Current Desktop: X-Cinnamon
```

Do we miss some dependency? Does it require any specific intellij setup?


[1]:
Reply

Offline jobhezkexscks


Member
*
Member
Posts: 0
Threads: 0
Joined: Jan 2023
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
07-20-2023, 03:31 PM
This DSL is built in starting since Spring Security 5.3 version. For example the `org.springframework.security:spring-security-config:5.3.4.RELEASE` library has it: `org.springframework.security.config.web.servlet.HttpSecurityDsl#csrf` And for example the

compile group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '2.3.3.RELEASE'

library will contain it.
Reply

Offline mcnamara919


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Apr 2019
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#3
07-20-2023, 03:57 PM
You need to manually import the `ServerHttpSecurity` `invoke`.
```
import org.springframework.security.config.web.server.invoke
```

Because of [this Kotlin issue][1] in 1.4, the IDE does not suggest it to you as it should.

This is scheduled to be fixed in Kotlin 1.4.30.


[1]:

[To see links please register here]

Reply

Offline Prodisturbingly517


Luxury
*****
Luxury
Posts: 0
Threads: 0
Joined: Nov 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#4
07-20-2023, 04:17 PM
I noticed your question was regarding `WebFlux`, but just complementing **@Eleftheria's** answer.

For `WebMvc` folks you should import:

```kotlin
import org.springframework.security.config.web.servlet.invoke
```

*(servlet vs server)*
Reply

Offline azaleeazan104


Member
*
Member
Posts: 0
Threads: 0
Joined: May 2018
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#5
07-20-2023, 04:25 PM
What worked for me was to explicitly call the `.invoke` method on the `HttpSecurity` object:

```kotlin
http.invoke {
csrf { disable }
}
```

which will force my IDE (I'm using IntelliJ) to import the `.invoke`.
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through