added login page

pom.xml

@@ -149,6 +149,16 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-validation</artifactId>
         </dependency>
+        <!-- security starter required for login page -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <!-- security taglibs required to enable csrf -->
+        <dependency>
+             <groupId>org.springframework.security</groupId>
+             <artifactId>spring-security-taglibs</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.kafka</groupId>
             <artifactId>spring-kafka</artifactId>

src/main/java/kafdrop/config/WebSecurityConfiguration.java

@@ -0,0 +1,69 @@
+package kafdrop.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+@ConfigurationProperties(prefix = "spring.security.user")
+public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
+    private static final Logger LOG = LoggerFactory.getLogger(WebSecurityConfiguration.class);
+
+    private String name;
+    private String password;
+    private String roles;
+
+    // public setters required for property initialization
+    public void setName(String name) { this.name = name; }
+    public void setPassword(String password) { this.password = password; }
+    public void setRoles(String roles) { this.roles = roles; }
+
+
+    // allow access to /login. Require authentication for all other pages.
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                .antMatchers("/login*").permitAll()
+                .anyRequest().authenticated()
+              .and()
+                .formLogin()
+                .loginPage("/login")
+                .permitAll();
+
+        // http.csrf().disable();
+    }
+
+    // authenticate user
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        LOG.info(String.format("authenticating user with name: %s password: %s role: %s",
+                this.name, this.password, this.roles));
+        auth.inMemoryAuthentication()
+                .passwordEncoder(passwordEncoder())
+                .withUser(this.name)
+                .password(passwordEncoder().encode(this.password))
+                .roles(this.roles);
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    // don't enforce access to these static resources
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        web.ignoring().antMatchers("/resources/**", "/static/**", "/css/**", "/js/**", "/images/**");
+    }
+}

src/main/java/kafdrop/controller/AuthController.java

@@ -0,0 +1,24 @@
+package kafdrop.controller;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+@Controller
+public class AuthController {
+
+    @RequestMapping(value = "/login", method = RequestMethod.GET)
+    public String login(Model model, String error, String logout) {
+        if (error != null) {
+            model.addAttribute("errorMsg", "Your username and password are invalid.");
+        }
+
+        if (logout != null) {
+            model.addAttribute("msg", "You have been logged out successfully.");
+        }
+
+        return "login";
+    }
+
+}

src/main/resources/application.yml

@@ -7,6 +7,11 @@ server:
       enabled: false
 
 spring:
+  security:
+    user:
+      name: admin
+      password: admin
+      roles: USER
   jmx:
     enabled: true
     default_domain: Kafdrop
@@ -33,4 +38,4 @@ kafka:
   securityProtocol: "SASL_PLAINTEXT"
   truststoreFile: "${KAFKA_TRUSTSTORE_FILE:kafka.truststore.jks}"
   propertiesFile : "${KAFKA_PROPERTIES_FILE:kafka.properties}"
-  keystoreFile: "${KAFKA_KEYSTORE_FILE:kafka.keystore.jks}"
+  keystoreFile: "${KAFKA_KEYSTORE_FILE:kafka.keystore.jks}"

src/main/resources/templates/login.ftlh

@@ -0,0 +1,30 @@
+<#import "/spring.ftl" as spring />
+<#import "lib/template.ftlh" as template>
+<@template.header "Enter Login Information"/>
+
+<div class="container ">
+    <br/><br/><br/>
+    <div class="row ">
+        <div class="col-md"><span></span></div>
+        <div class="col-md"><span></span></div>
+        <div class="col-md">
+            <form method="post" action="<@spring.url '/login'/>">
+                <h3 class="form-signin-heading">Please sign in</h3><br/>
+                <p>
+                    <label for="username">User Name:</label><br/>
+                    <input type="text" id="username" name="username" placeholder="Username" required>
+                </p>
+                <p>
+                    <label for="password">Password:</label><br/>
+                    <input type="password" id="password" name="password" placeholder="Password" required>
+                </p>
+                <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
+                <button type="submit">Sign in</button>
+            </form>
+        </div>
+        <div class="col-md"><span></span></div>
+        <div class="col-md"><span></span></div>
+    </div>
+</div>
+
+<@template.footer/>

src/main/resources/templates/topic-create.ftlh

@@ -46,6 +46,8 @@
                     </tr>
                     </tbody>
                 </table>
+                <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
+
 
                 <button class="btn btn-success" type="submit">
                     <i class="fa fa-plus"></i> Create

src/main/resources/templates/topic-detail.ftlh

@@ -47,6 +47,7 @@
     <#if topicDeleteEnabled>
         <form id="delete-topic-form" action="<@spring.url '/topic/${topic.name}/delete'/>" method="POST">
             <button class="btn btn-danger" type="submit"><i class="fa fa-remove"></i> Delete topic</button>
+            <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
         </form>
     </#if>
 </div>