DaoAuthenticationProvider Implementation for Part 6

README.md

@@ -1,9 +1,6 @@
 # Spring Boot Web Application
-#Part 6
 
-##Part 5
-This repository has the project files for a tutorial series on Spring Boot available from by website at [Spring Framework Guru](https://springframework.guru)
-##Part 4
-This repository has the project files for a tutorial series on Spring Boot available from by website at [Spring Framework Guru](https://springframework.guru/spring-boot-web-application-part-4-spring-mvc/)
+##Part 6
+This repository has the project files for the post SPRING BOOT WEB APPLICATION, PART 6 – SPRING SECURITY WITH DAO Authentication Provider
+that is part of the tutorial series on Spring Boot available from by website at [Spring Framework Guru](https://springfrspringframework.guru)
 
-In this part of the tutorial series, I show how to setup a Spring MVC controller to suport CRUD operations, a Spring service facad over a Spring Data JPA repository, and Thymeleaf templates for the web application.

pom.xml

@@ -47,17 +47,17 @@
 		</dependency>
 
 		<!--WebJars-->
+
 		<dependency>
 			<groupId>org.webjars</groupId>
-			<artifactId>bootstrap</artifactId>
-			<version>3.3.4</version>
+			<artifactId>jquery</artifactId>
+			<version>2.1.4</version>
 		</dependency>
 		<dependency>
 			<groupId>org.webjars</groupId>
-			<artifactId>jquery</artifactId>
-			<version>2.1.4</version>
+			<artifactId>bootstrap</artifactId>
+			<version>3.3.4</version>
 		</dependency>
-
 		<dependency>
 			<groupId>com.h2database</groupId>
 			<artifactId>h2</artifactId>
@@ -67,6 +67,20 @@
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
+
+		<!--encryption lib-->
+	<dependency>
+			<groupId>org.jasypt</groupId>
+			<artifactId>jasypt</artifactId>
+			<version>1.9.2</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.jasypt</groupId>
+			<artifactId>jasypt-springsecurity3</artifactId>
+			<version>1.9.2</version>
+		</dependency>
+
 	</dependencies>
 
 	<build>

src/main/java/guru/springframework/bootstrap/SpringJpaBootstrap.java

@@ -0,0 +1,127 @@
+package guru.springframework.bootstrap;
+
+import guru.springframework.domain.Product;
+import guru.springframework.domain.Role;
+import guru.springframework.domain.User;
+import guru.springframework.repositories.ProductRepository;
+import guru.springframework.services.RoleService;
+import guru.springframework.services.UserService;
+import org.apache.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationListener;
+import org.springframework.context.event.ContextRefreshedEvent;
+import org.springframework.stereotype.Component;
+
+import java.math.BigDecimal;
+import java.util.List;
+
+@Component
+public class SpringJpaBootstrap implements ApplicationListener<ContextRefreshedEvent> {
+
+    private ProductRepository productRepository;
+    private UserService userService;
+    private RoleService roleService;
+
+    private Logger log = Logger.getLogger(SpringJpaBootstrap.class);
+
+    @Autowired
+    public void setProductRepository(ProductRepository productRepository) {
+        this.productRepository = productRepository;
+    }
+
+    @Autowired
+    public void setUserService(UserService userService) {
+        this.userService = userService;
+    }
+
+    @Autowired
+    public void setRoleService(RoleService roleService) {
+        this.roleService = roleService;
+    }
+
+
+    @Override
+    public void onApplicationEvent(ContextRefreshedEvent event) {
+        loadProducts();
+        loadUsers();
+        loadRoles();
+        assignUsersToUserRole();
+        assignUsersToAdminRole();
+    }
+
+    private void loadProducts() {
+        Product shirt = new Product();
+        shirt.setDescription("Spring Framework Guru Shirt");
+        shirt.setPrice(new BigDecimal("18.95"));
+        shirt.setImageUrl("https://springframework.guru/wp-content/uploads/2015/04/spring_framework_guru_shirt-rf412049699c14ba5b68bb1c09182bfa2_8nax2_512.jpg");
+        shirt.setProductId("235268845711068308");
+        productRepository.save(shirt);
+
+        log.info("Saved Shirt - id: " + shirt.getId());
+
+        Product mug = new Product();
+        mug.setDescription("Spring Framework Guru Mug");
+        mug.setImageUrl("https://springframework.guru/wp-content/uploads/2015/04/spring_framework_guru_coffee_mug-r11e7694903c348e1a667dfd2f1474d95_x7j54_8byvr_512.jpg");
+        mug.setProductId("168639393495335947");
+        mug.setPrice(new BigDecimal("11.95"));
+        productRepository.save(mug);
+
+        log.info("Saved Mug - id:" + mug.getId());
+    }
+
+    private void loadUsers() {
+        User user1 = new User();
+        user1.setUsername("user");
+        user1.setPassword("user");
+        userService.saveOrUpdate(user1);
+
+        User user2 = new User();
+        user2.setUsername("admin");
+        user2.setPassword("admin");
+        userService.saveOrUpdate(user2);
+
+    }
+
+    private void loadRoles() {
+        Role role = new Role();
+        role.setRole("USER");
+        roleService.saveOrUpdate(role);
+        log.info("Saved role" + role.getRole());
+        Role adminRole = new Role();
+        adminRole.setRole("ADMIN");
+        roleService.saveOrUpdate(adminRole);
+        log.info("Saved role" + adminRole.getRole());
+    }
+    private void assignUsersToUserRole() {
+        List<Role> roles = (List<Role>) roleService.listAll();
+        List<User> users = (List<User>) userService.listAll();
+
+        roles.forEach(role -> {
+            if (role.getRole().equalsIgnoreCase("USER")) {
+                users.forEach(user -> {
+                    if (user.getUsername().equals("user")) {
+                        user.addRole(role);
+                        userService.saveOrUpdate(user);
+                    }
+                });
+            }
+        });
+    }
+    private void assignUsersToAdminRole() {
+        List<Role> roles = (List<Role>) roleService.listAll();
+        List<User> users = (List<User>) userService.listAll();
+
+        roles.forEach(role -> {
+            if (role.getRole().equalsIgnoreCase("ADMIN")) {
+                users.forEach(user -> {
+                    if (user.getUsername().equals("admin")) {
+                        user.addRole(role);
+                        userService.saveOrUpdate(user);
+                    }
+                });
+            }
+        });
+    }
+}
+
+

src/main/java/guru/springframework/config/CommonBeanConfig.java

@@ -0,0 +1,15 @@
+package guru.springframework.config;
+
+import org.jasypt.util.password.StrongPasswordEncryptor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class CommonBeanConfig {
+
+    @Bean
+    public StrongPasswordEncryptor strongEncryptor(){
+        StrongPasswordEncryptor encryptor = new StrongPasswordEncryptor();
+        return encryptor;
+    }
+}

src/main/java/guru/springframework/config/SpringSecConfig.java

@@ -0,0 +1,67 @@
+package guru.springframework.config;
+
+import org.jasypt.springsecurity3.authentication.encoding.PasswordEncoder;
+import org.jasypt.util.password.StrongPasswordEncryptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+
+@Configuration
+public class SpringSecConfig extends WebSecurityConfigurerAdapter {
+
+    private AuthenticationProvider authenticationProvider;
+
+    @Autowired
+    @Qualifier("daoAuthenticationProvider")
+    public void setAuthenticationProvider(AuthenticationProvider authenticationProvider) {
+        this.authenticationProvider = authenticationProvider;
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder(StrongPasswordEncryptor passwordEncryptor){
+        PasswordEncoder passwordEncoder = new PasswordEncoder();
+        passwordEncoder.setPasswordEncryptor(passwordEncryptor);
+        return passwordEncoder;
+    }
+
+    @Bean
+    public DaoAuthenticationProvider daoAuthenticationProvider(PasswordEncoder passwordEncoder,
+                                                               UserDetailsService userDetailsService){
+
+        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
+        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);
+        daoAuthenticationProvider.setUserDetailsService(userDetailsService);
+        return daoAuthenticationProvider;
+    }
+
+    @Autowired
+    public void configureAuthManager(AuthenticationManagerBuilder authenticationManagerBuilder){
+        authenticationManagerBuilder.authenticationProvider(authenticationProvider);
+    }
+    @Override
+    protected void configure(HttpSecurity httpSecurity) throws Exception {
+           httpSecurity
+                .authorizeRequests().antMatchers("/","/products","/product/show/*","/console/**","/h2-console/**").permitAll()
+                .anyRequest().authenticated()
+                .and()
+                .formLogin().loginPage("/login").permitAll()
+                .and()
+                .logout().permitAll();
+
+        httpSecurity.csrf().disable();
+        httpSecurity.headers().frameOptions().disable();
+      // httpSecurity.csrf().disable();
+    //   httpSecurity.headers().frameOptions().disable();
+
+    }
+
+
+}

src/main/java/guru/springframework/configuration/WebConfiguration.java → src/main/java/guru/springframework/config/WebConfig.java

@@ -1,12 +1,11 @@
-package guru.springframework.configuration;
-
+package guru.springframework.config;
 import org.h2.server.web.WebServlet;
-import org.springframework.boot.web.servlet.ServletRegistrationBean;
+import org.springframework.boot.context.embedded.ServletRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
 @Configuration
-public class WebConfiguration {
+public class WebConfig {
     @Bean
     ServletRegistrationBean h2servletRegistration(){
         ServletRegistrationBean registrationBean = new ServletRegistrationBean( new WebServlet());