COG-GTM · devin-ai-integration · Nov 25, 2025
diff --git a/Dockerfile b/Dockerfile
@@ -17,8 +17,8 @@ WORKDIR /src
 # Copy source code from local to container
 COPY . /src
 
-# Build application and skip test cases
-RUN mvn clean install -DskipTests=true
+# Build application and run tests
+RUN mvn clean install
 
 #--------------------------------------
 # Stage 2

diff --git a/pom.xml b/pom.xml
@@ -46,6 +46,10 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-validation</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.thymeleaf.extras</groupId>
 			<artifactId>thymeleaf-extras-springsecurity6</artifactId>

diff --git a/src/main/java/com/example/bankapp/config/CustomAccessDeniedHandler.java b/src/main/java/com/example/bankapp/config/CustomAccessDeniedHandler.java
@@ -0,0 +1,37 @@
+package com.example.bankapp.config;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+@Component
+public class CustomAccessDeniedHandler implements AccessDeniedHandler {
+
+    private static final Logger logger = LoggerFactory.getLogger(CustomAccessDeniedHandler.class);
+
+    @Override
+    public void handle(HttpServletRequest request, 
+                       HttpServletResponse response,
+                       AccessDeniedException accessDeniedException) throws IOException, ServletException {
+
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        String username = auth != null ? auth.getName() : "anonymous";
+        String requestUri = request.getRequestURI();
+
+        logger.error("Access denied for user: {} - Attempted to access: {} - Error: {}", 
+                    username, requestUri, accessDeniedException.getMessage());
+
+        request.setAttribute("error", "You do not have permission to access this resource");
+        request.setAttribute("status", HttpServletResponse.SC_FORBIDDEN);
+        request.getRequestDispatcher("/error").forward(request, response);
+    }
+}
diff --git a/src/main/java/com/example/bankapp/config/CustomAuthenticationEntryPoint.java b/src/main/java/com/example/bankapp/config/CustomAuthenticationEntryPoint.java
@@ -0,0 +1,40 @@
+package com.example.bankapp.config;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+@Component
+public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint {
+
+    private static final Logger logger = LoggerFactory.getLogger(CustomAuthenticationEntryPoint.class);
+
+    @Override
+    public void commence(HttpServletRequest request, 
+                         HttpServletResponse response,
+                         AuthenticationException authException) throws IOException, ServletException {
+
+        String requestUri = request.getRequestURI();
+        logger.warn("Unauthorized access attempt to: {} - Error: {}", requestUri, authException.getMessage());
+
+        if (isAjaxRequest(request)) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.setContentType("application/json");
+            response.getWriter().write("{\"error\": \"Unauthorized\", \"message\": \"Please log in to access this resource\"}");
+        } else {
+            response.sendRedirect("/login");
+        }
+    }
+
+    private boolean isAjaxRequest(HttpServletRequest request) {
+        String ajaxHeader = request.getHeader("X-Requested-With");
+        return "XMLHttpRequest".equals(ajaxHeader);
+    }
+}
diff --git a/src/main/java/com/example/bankapp/config/CustomAuthenticationFailureHandler.java b/src/main/java/com/example/bankapp/config/CustomAuthenticationFailureHandler.java
@@ -0,0 +1,49 @@
+package com.example.bankapp.config;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.DisabledException;
+import org.springframework.security.authentication.LockedException;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+
+@Component
+public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
+
+    private static final Logger logger = LoggerFactory.getLogger(CustomAuthenticationFailureHandler.class);
+
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest request, 
+                                        HttpServletResponse response,
+                                        AuthenticationException exception) throws IOException, ServletException {
+
+        String username = request.getParameter("username");
+        String errorMessage;
+
+        if (exception instanceof BadCredentialsException) {
+            logger.error("Authentication failed - bad credentials for user: {}", username);
+            errorMessage = "Invalid username or password";
+        } else if (exception instanceof DisabledException) {
+            logger.error("Authentication failed - account disabled for user: {}", username);
+            errorMessage = "Your account has been disabled";
+        } else if (exception instanceof LockedException) {
+            logger.error("Authentication failed - account locked for user: {}", username);
+            errorMessage = "Your account has been locked";
+        } else {
+            logger.error("Authentication failed for user: {} - Error: {}", username, exception.getMessage());
+            errorMessage = "Authentication failed. Please try again.";
+        }
+
+        String encodedMessage = URLEncoder.encode(errorMessage, StandardCharsets.UTF_8);
+        response.sendRedirect("/login?error=true&message=" + encodedMessage);
+    }
+}
diff --git a/src/main/java/com/example/bankapp/config/SecurityConfig.java b/src/main/java/com/example/bankapp/config/SecurityConfig.java
@@ -1,6 +1,8 @@
 package com.example.bankapp.config;
 
 import com.example.bankapp.service.AccountService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -16,26 +18,40 @@
 @EnableWebSecurity
 public class SecurityConfig {
 
+    private static final Logger logger = LoggerFactory.getLogger(SecurityConfig.class);
+
     @Autowired
     AccountService accountService;
 
+    @Autowired
+    private CustomAuthenticationFailureHandler authenticationFailureHandler;
+
+    @Autowired
+    private CustomAccessDeniedHandler accessDeniedHandler;
+
+    @Autowired
+    private CustomAuthenticationEntryPoint authenticationEntryPoint;
+
     @Bean
     public static PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        logger.info("Configuring security filter chain");
+
         http
                 .csrf(csrf -> csrf.disable())
                 .authorizeHttpRequests(authz -> authz
-                        .requestMatchers("/register").permitAll()
+                        .requestMatchers("/register", "/error", "/images/**").permitAll()
                         .anyRequest().authenticated()
                 )
                 .formLogin(form -> form
                         .loginPage("/login")
                         .loginProcessingUrl("/login")
                         .defaultSuccessUrl("/dashboard", true)
+                        .failureHandler(authenticationFailureHandler)
                         .permitAll()
                 )
                 .logout(logout -> logout
@@ -45,6 +61,10 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                         .logoutSuccessUrl("/login?logout")
                         .permitAll()
                 )
+                .exceptionHandling(exception -> exception
+                        .accessDeniedHandler(accessDeniedHandler)
+                        .authenticationEntryPoint(authenticationEntryPoint)
+                )
                 .headers(headers -> headers
                         .frameOptions(frameOptions -> frameOptions.sameOrigin())
                 );
@@ -54,7 +74,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        logger.info("Configuring global authentication");
         auth.userDetailsService(accountService).passwordEncoder(passwordEncoder());
-
     }
-}
+}
diff --git a/src/main/java/com/example/bankapp/dto/AmountRequest.java b/src/main/java/com/example/bankapp/dto/AmountRequest.java
@@ -0,0 +1,28 @@
+package com.example.bankapp.dto;
+
+import jakarta.validation.constraints.DecimalMin;
+import jakarta.validation.constraints.NotNull;
+
+import java.math.BigDecimal;
+
+public class AmountRequest {
+
+    @NotNull(message = "Amount is required")
+    @DecimalMin(value = "0.01", message = "Amount must be greater than zero")
+    private BigDecimal amount;
+
+    public AmountRequest() {
+    }
+
+    public AmountRequest(BigDecimal amount) {
+        this.amount = amount;
+    }
+
+    public BigDecimal getAmount() {
+        return amount;
+    }
+
+    public void setAmount(BigDecimal amount) {
+        this.amount = amount;
+    }
+}
diff --git a/src/main/java/com/example/bankapp/dto/RegistrationRequest.java b/src/main/java/com/example/bankapp/dto/RegistrationRequest.java
@@ -0,0 +1,41 @@
+package com.example.bankapp.dto;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Pattern;
+import jakarta.validation.constraints.Size;
+
+public class RegistrationRequest {
+
+    @NotBlank(message = "Username is required")
+    @Size(min = 3, max = 50, message = "Username must be between 3 and 50 characters")
+    @Pattern(regexp = "^[\\w.-]+$", message = "Username can only contain alphanumeric characters, underscores, dots, and hyphens")
+    private String username;
+
+    @NotBlank(message = "Password is required")
+    @Size(min = 6, max = 100, message = "Password must be between 6 and 100 characters")
+    private String password;
+
+    public RegistrationRequest() {
+    }
+
+    public RegistrationRequest(String username, String password) {
+        this.username = username;
+        this.password = password;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+}
diff --git a/src/main/java/com/example/bankapp/dto/TransferRequest.java b/src/main/java/com/example/bankapp/dto/TransferRequest.java
@@ -0,0 +1,43 @@
+package com.example.bankapp.dto;
+
+import jakarta.validation.constraints.DecimalMin;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Pattern;
+
+import java.math.BigDecimal;
+
+public class TransferRequest {
+
+    @NotBlank(message = "Recipient username is required")
+    @Pattern(regexp = "^[\\w.-]+$", message = "Recipient username can only contain alphanumeric characters, underscores, dots, and hyphens")
+    private String toUsername;
+
+    @NotNull(message = "Amount is required")
+    @DecimalMin(value = "0.01", message = "Amount must be greater than zero")
+    private BigDecimal amount;
+
+    public TransferRequest() {
+    }
+
+    public TransferRequest(String toUsername, BigDecimal amount) {
+        this.toUsername = toUsername;
+        this.amount = amount;
+    }
+
+    public String getToUsername() {
+        return toUsername;
+    }
+
+    public void setToUsername(String toUsername) {
+        this.toUsername = toUsername;
+    }
+
+    public BigDecimal getAmount() {
+        return amount;
+    }
+
+    public void setAmount(BigDecimal amount) {
+        this.amount = amount;
+    }
+}
diff --git a/src/main/java/com/example/bankapp/exception/AccountNotFoundException.java b/src/main/java/com/example/bankapp/exception/AccountNotFoundException.java
@@ -0,0 +1,12 @@
+package com.example.bankapp.exception;
+
+public class AccountNotFoundException extends RuntimeException {
+
+    public AccountNotFoundException(String message) {
+        super(message);
+    }
+
+    public AccountNotFoundException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}
diff --git a/src/main/java/com/example/bankapp/exception/DuplicateUsernameException.java b/src/main/java/com/example/bankapp/exception/DuplicateUsernameException.java
@@ -0,0 +1,12 @@
+package com.example.bankapp.exception;
+
+public class DuplicateUsernameException extends RuntimeException {
+
+    public DuplicateUsernameException(String message) {
+        super(message);
+    }
+
+    public DuplicateUsernameException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}