Fix rest auth. Review filters.

wise-webapp/src/main/java/com/wisemapping/config/Application.java

@@ -2,7 +2,7 @@ package com.wisemapping.config;
 
 import com.wisemapping.config.mvc.MvcAppConfig;
 import com.wisemapping.config.mvc.MvcSecurityConfig;
-import com.wisemapping.config.mvc.ServletConfig;
+import com.wisemapping.config.rest.ServletConfig;
 import com.wisemapping.config.rest.RestAppConfig;
 import org.springframework.boot.WebApplicationType;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
@@ -13,20 +13,15 @@ import org.springframework.context.annotation.ImportResource;
 import org.springframework.security.web.firewall.StrictHttpFirewall;
 
 @SpringBootApplication
-@ImportResource(value = {"classpath:spring/wisemapping-service.xml"})
-@ComponentScan({"com.wisemapping.security", "com.wisemapping.service", "com.wisemapping.dao", "com.wisemapping.util", "com.wisemapping.model"})
 public class Application {
 
     public static void main(String[] args) {
 
         new SpringApplicationBuilder()
-                .parent(Application.class, MethodSecurityConfig.class, HibernateConfig.class).web(WebApplicationType.NONE)
+                .parent(MethodSecurityConfig.class, HibernateConfig.class).web(WebApplicationType.NONE)
-                .child(MvcAppConfig.class, MvcSecurityConfig.class, ServletConfig.class).web(WebApplicationType.SERVLET)
+//                .child(MvcAppConfig.class, MvcSecurityConfig.class).web(WebApplicationType.SERVLET)
-                .sibling(RestAppConfig.class).web(WebApplicationType.SERVLET)
+                .child(RestAppConfig.class, ServletConfig.class).web(WebApplicationType.SERVLET)
                 .run(args);
-
-//        new SpringApplicationBuilder(Application.class, MethodSecurityConfig.class,MvcAppConfig.class, MvcSecurityConfig.class, HibernateConfig.class, ServletConfig.class).web(WebApplicationType.SERVLET).run(args);
-
     }
 
     @Bean

wise-webapp/src/main/java/com/wisemapping/config/MethodSecurityConfig.java

@@ -5,7 +5,9 @@ import com.wisemapping.security.ReadSecurityAdvise;
 import com.wisemapping.security.UpdateSecurityAdvise;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.ImportResource;
 import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
 import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
@@ -14,6 +16,8 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
 @EnableMethodSecurity(
         securedEnabled = true,
         jsr250Enabled = true)
+@ImportResource(value = {"classpath:spring/wisemapping-service.xml"})
+@ComponentScan({"com.wisemapping.security", "com.wisemapping.service", "com.wisemapping.dao", "com.wisemapping.util", "com.wisemapping.model"})
 public class MethodSecurityConfig  {
 
     @Autowired

wise-webapp/src/main/java/com/wisemapping/config/rest/RestAppConfig.java

@@ -4,7 +4,10 @@ import org.jetbrains.annotations.NotNull;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.ImportResource;
 import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@@ -13,32 +16,43 @@ import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
 import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 
+import static org.springframework.security.config.Customizer.withDefaults;
+
 
 @SpringBootApplication
 @EnableWebSecurity
-@ComponentScan("com.wisemapping.rest")
+@ImportResource(value = {"classpath:spring/wisemapping-service.xml"})
+@ComponentScan({"com.wisemapping.rest"})
 public class RestAppConfig {
     @Bean
     @Order(2)
     SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
-        final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector).servletPath("/service");
+//        final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector).servletPath("**");
-        return http
+//        return http
-                .securityMatchers((matchers) ->
+//                .securityMatchers((matchers) ->
-                        matchers.requestMatchers(matcher.pattern(("/**"))))
+//                        matchers.requestMatchers(matcher.pattern(("/**"))))
-                .authorizeHttpRequests(auth ->
+//                .authorizeHttpRequests(auth -> auth
-                        auth
+//                        .requestMatchers(matcher.pattern("api/restfull/users/")).permitAll()
-                                .requestMatchers(matcher.pattern("/users/")).permitAll()
+//                        .requestMatchers(matcher.pattern("api/restfull/users/resetPassword")).permitAll()
-                                .requestMatchers(matcher.pattern("/users/resetPassword")).permitAll()
+//                        .requestMatchers(matcher.pattern("api/restfull/oauth2/googlecallback")).permitAll()
-                                .requestMatchers(matcher.pattern("/oauth2/googlecallback")).permitAll()
+//                        .requestMatchers(matcher.pattern("api/restfull/oauth2/confirmaccountsync")).permitAll()
-                                .requestMatchers(matcher.pattern("/oauth2/confirmaccountsync")).permitAll()
+//                        .requestMatchers(matcher.pattern("api/restfull/admin/**")).hasAnyRole("ADMIN")
-                                .requestMatchers(matcher.pattern("/admin/**")).hasAnyRole("ADMIN")
+//                        .requestMatchers(matcher.pattern("/**"))
-                                .requestMatchers(matcher.pattern("/**")).hasAnyRole("USER", "ADMIN")
+//                        .authenticated()
-                )
+////                        .hasAnyRole("USER", "ADMIN")
-                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+//                )
-                .httpBasic(httpBasic -> {
+//                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                })
+//                .httpBasic(withDefaults())
-                .csrf(AbstractHttpConfigurer::disable)
+//                .csrf(AbstractHttpConfigurer::disable)
-                .build();
+//                .build();
+
+        http.csrf().disable()
+                .authorizeHttpRequests()
+                .anyRequest()
+                .authenticated()
+                .and()
+                .httpBasic(withDefaults());
+        return http.build();
     }
 
 }

wise-webapp/src/main/java/com/wisemapping/config/rest/ServletConfig.java

@@ -1,4 +1,4 @@
-package com.wisemapping.config.mvc;
+package com.wisemapping.config.rest;
 
 import org.springframework.boot.web.server.WebServerFactoryCustomizer;
 import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;

wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java

@@ -24,6 +24,7 @@ import com.wisemapping.rest.model.*;
 import com.wisemapping.security.Utils;
 import com.wisemapping.service.*;
 import com.wisemapping.validator.MapInfoValidator;
+import jakarta.servlet.http.HttpServletResponse;
 import org.apache.commons.validator.routines.EmailValidator;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -34,15 +35,12 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.stereotype.Controller;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.validation.BeanPropertyBindingResult;
 import org.springframework.validation.BindingResult;
 import org.springframework.web.bind.annotation.*;
 
-import jakarta.servlet.http.HttpServletResponse;
-
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
@@ -73,7 +71,7 @@ public class MindmapController extends BaseController {
 
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.GET, value = "/maps/{id}", produces = {"application/json"})
+        @RequestMapping(method = RequestMethod.GET, value = "api/restfull/maps/{id}", produces = {"application/json"})
     @ResponseBody
     public RestMindmap retrieve(@PathVariable int id) throws WiseMappingException {
         final User user = Utils.getUser();
@@ -82,7 +80,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.GET, value = "/maps/", produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.GET, value = "api/restfull/maps/", produces = {"application/json"})
     public RestMindmapList retrieveList(@RequestParam(required = false) String q) {
         final User user = Utils.getUser();
 
@@ -96,7 +94,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.GET, value = "/maps/{id}/history/", produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.GET, value = "api/restfull/maps/{id}/history/", produces = {"application/json"})
     public RestMindmapHistoryList fetchHistory(@PathVariable int id) {
         final List<MindMapHistory> histories = mindmapService.findMindmapHistory(id);
         final RestMindmapHistoryList result = new RestMindmapHistoryList();
@@ -106,7 +104,7 @@ public class MindmapController extends BaseController {
         return result;
     }
 
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/document", consumes = {"application/json"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}/document", consumes = {"application/json"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
 
@@ -138,7 +136,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(value = "/maps/{id}/history/{hid}", method = RequestMethod.POST)
+    @RequestMapping(value = "api/restfull/maps/{id}/history/{hid}", method = RequestMethod.POST)
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updateRevertMindmap(@PathVariable int id, @PathVariable String hid) throws WiseMappingException, IOException {
         final Mindmap mindmap = findMindmapById(id);
@@ -158,7 +156,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("permitAll()")
-    @RequestMapping(method = RequestMethod.GET, value = {"/maps/{id}/document/xml", "/maps/{id}/document/xml-pub"}, consumes = {"text/plain"}, produces = {"application/xml; charset=UTF-8"})
+    @RequestMapping(method = RequestMethod.GET, value = {"api/restfull/maps/{id}/document/xml", "api/restfull/maps/{id}/document/xml-pub"}, consumes = {"text/plain"}, produces = {"application/xml; charset=UTF-8"})
     @ResponseBody
     public byte[] retrieveDocument(@PathVariable int id, @NotNull HttpServletResponse response) throws WiseMappingException, IOException {
         final Mindmap mindmap = findMindmapById(id);
@@ -168,7 +166,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = {"/maps/{id}/document/xml"}, consumes = {"text/plain"})
+    @RequestMapping(method = RequestMethod.PUT, value = {"api/restfull/maps/{id}/document/xml"}, consumes = {"text/plain"})
     @ResponseBody
     public void updateDocument(@PathVariable int id, @RequestBody String xmlDoc) throws WiseMappingException, IOException {
         final Mindmap mindmap = findMindmapById(id);
@@ -180,7 +178,7 @@ public class MindmapController extends BaseController {
 
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.GET, value = {"/maps/{id}/{hid}/document/xml"}, consumes = {"text/plain"}, produces = {"application/xml; charset=UTF-8"})
+    @RequestMapping(method = RequestMethod.GET, value = {"api/restfull/maps/{id}/{hid}/document/xml"}, consumes = {"text/plain"}, produces = {"application/xml; charset=UTF-8"})
     @ResponseBody
     public byte[] retrieveDocument(@PathVariable int id, @PathVariable int hid, @NotNull HttpServletResponse response) throws WiseMappingException, IOException {
         final MindMapHistory mindmapHistory = mindmapService.findMindmapHistory(id, hid);
@@ -192,7 +190,7 @@ public class MindmapController extends BaseController {
      * The intention of this method is the update of several properties at once ...
      */
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}", consumes = {"application/json"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}", consumes = {"application/json"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updateProperties(@RequestBody RestMindmap restMindmap, @PathVariable int id, @RequestParam(required = false) boolean minor) throws IOException, WiseMappingException {
 
@@ -247,7 +245,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/title", consumes = {"text/plain"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}/title", consumes = {"text/plain"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updateTitle(@RequestBody String title, @PathVariable int id) throws WiseMappingException {
 
@@ -266,7 +264,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.POST, value = "/maps/{id}/collabs/", consumes = {"application/json"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.POST, value = "api/restfull/maps/{id}/collabs/", consumes = {"application/json"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updateCollabs(@PathVariable int id, @NotNull @RequestBody RestCollaborationList restCollabs) throws CollaborationException, MapCouldNotFoundException, AccessDeniedSecurityException, InvalidEmailException, TooManyInactiveAccountsExceptions {
         final Mindmap mindMap = findMindmapById(id);
@@ -316,7 +314,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/collabs/", consumes = {"application/json"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}/collabs/", consumes = {"application/json"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void addCollab(@PathVariable int id, @NotNull @RequestBody RestCollaborationList restCollabs) throws CollaborationException, MapCouldNotFoundException, AccessDeniedSecurityException, InvalidEmailException, TooManyInactiveAccountsExceptions, OwnerCannotChangeException {
         final Mindmap mindMap = findMindmapById(id);
@@ -384,7 +382,7 @@ public class MindmapController extends BaseController {
 
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.GET, value = "/maps/{id}/collabs", produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.GET, value = "api/restfull/maps/{id}/collabs", produces = {"application/json"})
     public RestCollaborationList retrieveList(@PathVariable int id) throws MapCouldNotFoundException, AccessDeniedSecurityException {
         final Mindmap mindMap = findMindmapById(id);
 
@@ -401,7 +399,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/description", consumes = {"text/plain"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}/description", consumes = {"text/plain"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updateDescription(@RequestBody String description, @PathVariable int id) throws WiseMappingException {
         final Mindmap mindmap = findMindmapById(id);
@@ -410,7 +408,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/publish", consumes = {"text/plain"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}/publish", consumes = {"text/plain"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updatePublishState(@RequestBody String value, @PathVariable int id) throws WiseMappingException {
 
@@ -428,7 +426,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.DELETE, value = "/maps/{id}")
+    @RequestMapping(method = RequestMethod.DELETE, value = "api/restfull/maps/{id}")
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void deleteMapById(@PathVariable int id) throws IOException, WiseMappingException {
         final User user = Utils.getUser();
@@ -437,7 +435,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.DELETE, value = "/maps/{id}/collabs")
+    @RequestMapping(method = RequestMethod.DELETE, value = "api/restfull/maps/{id}/collabs")
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void deleteCollabByEmail(@PathVariable int id, @RequestParam(required = false) String email) throws IOException, WiseMappingException {
         logger.debug("Deleting permission for email:" + email);
@@ -469,7 +467,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/starred", consumes = {"text/plain"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}/starred", consumes = {"text/plain"}, produces = {"application/json"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updateStarredState(@RequestBody String value, @PathVariable int id) throws WiseMappingException {
 
@@ -488,7 +486,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.GET, value = "/maps/{id}/starred", produces = {"text/plain"})
+    @RequestMapping(method = RequestMethod.GET, value = "api/restfull/maps/{id}/starred", produces = {"text/plain"})
     @ResponseBody
     public String fetchStarred(@PathVariable int id) throws WiseMappingException {
         final Mindmap mindmap = findMindmapById(id);
@@ -503,7 +501,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.DELETE, value = "/maps/batch")
+    @RequestMapping(method = RequestMethod.DELETE, value = "api/restfull/maps/batch")
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void batchDelete(@RequestParam() String ids) throws IOException, WiseMappingException {
         final User user = Utils.getUser();
@@ -552,12 +550,12 @@ public class MindmapController extends BaseController {
         mindmapService.addMindmap(mindmap, user);
 
         // Return the new created map ...
-        response.setHeader("Location", "/service/maps/" + mindmap.getId());
+        response.setHeader("Location", "/serviceapi/restfull/maps/" + mindmap.getId());
         response.setHeader("ResourceId", Integer.toString(mindmap.getId()));
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.POST, value = "/maps/{id}", consumes = {"application/json"}, produces = {"application/json", "text/plain"})
+    @RequestMapping(method = RequestMethod.POST, value = "api/restfull/maps/{id}", consumes = {"application/json"}, produces = {"application/json", "text/plain"})
     @ResponseStatus(value = HttpStatus.CREATED)
     public void createDuplicate(@RequestBody RestMindmapInfo restMindmap, @PathVariable int id, @NotNull HttpServletResponse response) throws IOException, WiseMappingException {
         // Validate ...
@@ -580,13 +578,13 @@ public class MindmapController extends BaseController {
         mindmapService.addMindmap(clonedMap, user);
 
         // Return the new created map ...
-        response.setHeader("Location", "/service/maps/" + clonedMap.getId());
+        response.setHeader("Location", "/serviceapi/restfull/maps/" + clonedMap.getId());
         response.setHeader("ResourceId", Integer.toString(clonedMap.getId()));
     }
 
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.DELETE, value = "/maps/{id}/labels/{lid}")
+    @RequestMapping(method = RequestMethod.DELETE, value = "api/restfull/maps/{id}/labels/{lid}")
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void removeLabelFromMap(@PathVariable int id, @PathVariable int lid) throws WiseMappingException {
         final User user = Utils.getUser();
@@ -602,7 +600,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.POST, value = "/maps/{id}/labels", consumes = {"application/json"})
+    @RequestMapping(method = RequestMethod.POST, value = "api/restfull/maps/{id}/labels", consumes = {"application/json"})
     @ResponseStatus(value = HttpStatus.OK)
     public void updateLabel(@PathVariable int id, @RequestBody int lid) throws WiseMappingException {
         final User user = Utils.getUser();
@@ -617,7 +615,7 @@ public class MindmapController extends BaseController {
     }
 
     @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/lock", consumes = {"text/plain"}, produces = {"application/json"})
+    @RequestMapping(method = RequestMethod.PUT, value = "api/restfull/maps/{id}/lock", consumes = {"text/plain"}, produces = {"application/json"})
     public ResponseEntity<RestLockInfo> lockMindmap(@RequestBody String value, @PathVariable int id) throws WiseMappingException {
         final User user = Utils.getUser();
         final LockManager lockManager = mindmapService.getLockManager();

wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java

@@ -39,10 +39,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.ui.Model;
-import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.*;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.servlet.ModelAndView;
 
 import java.util.Locale;

wise-webapp/src/main/resources/application.properties

@@ -1,7 +1,8 @@
 ##################################################################################
-Springboot Common
+SpringBoot Common
 ##################################################################################
 
+# JPA
 spring.datasource.initialize=true
 spring.main.allow-circular-references=true
 
@@ -10,11 +11,9 @@ spring.jpa.properties.hibernate.current_session_context_class=thread
 spring.jpa.properties.hibernate.format_sql=true
 spring.sql.init.mode=always
 
-##################################################################################
+# LOG
-Log Level 
-##################################################################################
 
-logging.level.root=INFO
+logging.level.root=TRACE
 logging.level.org.apache.tomcat=INFO
 
 ##################################################################################

wise-webapp/src/main/resources/log4j2.xml

@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<Configuration status="TRACE">
-    <Appenders>
-        <Console name="LogToConsole" target="SYSTEM_OUT">
-            <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
-        </Console>
-    </Appenders>
-    <Loggers>
-        <Logger name="com.wisemapping" level="trace">
-            <AppenderRef ref="LogToConsole"/>
-        </Logger>
-        <Logger name="org.springframework" level="trace">
-            <AppenderRef ref="LogToConsole"/>
-        </Logger>
-        <Root level="trace">
-            <AppenderRef ref="LogToConsole"/>
-        </Root>
-    </Loggers>
-</Configuration>