[BAEL-3066] Spring Security: Exploring JDBC Authentication

spring-security-mvc-boot/pom.xml

@@ -1,12 +1,13 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.baeldung</groupId>
     <artifactId>spring-security-mvc-boot</artifactId>
     <version>0.0.1-SNAPSHOT</version>
     <name>spring-security-mvc-boot</name>
-    <packaging>war</packaging>
+    <packaging>pom</packaging>
     <description>Spring Security MVC Boot</description>
 
     <parent>
@@ -45,10 +46,6 @@
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-data</artifactId>
         </dependency>
-        <dependency>
-            <groupId>com.h2database</groupId>
-            <artifactId>h2</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.hamcrest</groupId>
             <artifactId>hamcrest-core</artifactId>
@@ -198,7 +195,7 @@
                                     <excludes>
                                         <exclude>**/*LiveTest.java</exclude>
                                         <exclude>**/*IntegrationTest.java</exclude>
-                        				<exclude>**/*IntTest.java</exclude>
+                                        <exclude>**/*IntTest.java</exclude>
                                     </excludes>
                                     <includes>
                                         <include>**/*EntryPointsTest.java</include>
@@ -217,22 +214,13 @@
         </profile>
     </profiles>
 
+    <modules>
+        <module>spring-security-mvc-boot-default</module>
+        <module>spring-security-mvc-boot-mysql</module>
+        <module>spring-security-mvc-boot-postgre</module>
+    </modules>
 
     <properties>
-        <start-class>org.baeldung.custom.Application</start-class>
-        <!--If you want to run the example with the voters comment the tag 
-            above and uncomment the one below -->
-        <!--<start-class>org.baeldung.voter.VoterApplication</start-class> -->
-        <!--If you want to run the example with the multiple logins, comment 
-            the tag above and uncomment the one below -->
-        <!--<start-class>org.baeldung.multiplelogin.MultipleLoginApplication</start-class> -->
-        <!--If you want to run the example with the multiple http elements, 
-            comment the tag above and uncomment the one below -->
-        <!--<start-class>org.baeldung.multipleentrypoints.MultipleEntryPointsApplication</start-class>-->
-        <!--If you want to run the example with the Https enabled endpoints,
-            comment the tag above and uncomment the one below -->
-       <!-- <start-class>org.baeldung.ssl.HttpsEnabledApplication</start-class> -->
-
         <taglibs-standard.version>1.1.2</taglibs-standard.version>
         <cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>
         <ehcache-core.version>2.6.11</ehcache-core.version>

spring-security-mvc-boot/spring-security-mvc-boot-default/pom.xml

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>com.baeldung</groupId>
+    <artifactId>spring-security-mvc-boot-default</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <name>spring-security-mvc-boot-default</name>
+    <packaging>jar</packaging>
+    <description>Spring Security MVC Boot</description>
+
+    <parent>
+        <artifactId>spring-security-mvc-boot</artifactId>
+        <groupId>com.baeldung</groupId>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>../</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+        </dependency>
+    </dependencies>
+
+    <properties>
+        <start-class>org.baeldung.custom.Application</start-class>
+        <!--If you want to run the example with the voters comment the tag 
+            above and uncomment the one below -->
+        <!--<start-class>org.baeldung.voter.VoterApplication</start-class> -->
+        <!--If you want to run the example with the multiple logins, comment 
+            the tag above and uncomment the one below -->
+        <!--<start-class>org.baeldung.multiplelogin.MultipleLoginApplication</start-class> -->
+        <!--If you want to run the example with the multiple http elements, 
+            comment the tag above and uncomment the one below -->
+        <!--<start-class>org.baeldung.multipleentrypoints.MultipleEntryPointsApplication</start-class>-->
+        <!--If you want to run the example with the Https enabled endpoints,
+            comment the tag above and uncomment the one below -->
+       <!-- <start-class>org.baeldung.ssl.HttpsEnabledApplication</start-class> -->
+    </properties>
+
+</project>

spring-security-mvc-boot/src/main/java/org/baeldung/custom/Application.java → spring-security-mvc-boot/spring-security-mvc-boot-default/src/main/java/org/baeldung/custom/Application.java

@@ -1,12 +1,8 @@
 package org.baeldung.custom;
 
 import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
-import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
 
 @SpringBootApplication
 public class Application extends SpringBootServletInitializer {

spring-security-mvc-boot/spring-security-mvc-boot-default/src/main/java/org/baeldung/jdbcauthentication/h2/H2JdbcAuthenticationApplication.java

@@ -0,0 +1,15 @@
+package org.baeldung.jdbcauthentication.h2;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+@SpringBootApplication
+@EnableWebSecurity
+public class H2JdbcAuthenticationApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(H2JdbcAuthenticationApplication.class, args);
+    }
+
+}

spring-security-mvc-boot/spring-security-mvc-boot-default/src/main/java/org/baeldung/jdbcauthentication/h2/config/SecurityConfiguration.java

@@ -0,0 +1,51 @@
+package org.baeldung.jdbcauthentication.h2.config;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+    @Override
+    protected void configure(HttpSecurity httpSecurity) throws Exception {
+        httpSecurity.authorizeRequests()
+            .antMatchers("/h2-console/**")
+            .permitAll()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .formLogin()
+            .permitAll();
+        httpSecurity.csrf()
+            .ignoringAntMatchers("/h2-console/**");
+        httpSecurity.headers()
+            .frameOptions()
+            .sameOrigin();
+    }
+
+    @Autowired
+    private DataSource dataSource;
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.jdbcAuthentication()
+            .dataSource(dataSource)
+            .withDefaultSchema()
+            .withUser(User.withUsername("user")
+                .password(passwordEncoder().encode("pass"))
+                .roles("USER"));
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}

spring-security-mvc-boot/spring-security-mvc-boot-default/src/main/java/org/baeldung/jdbcauthentication/h2/web/UserController.java

@@ -0,0 +1,17 @@
+package org.baeldung.jdbcauthentication.h2.web;
+
+import java.security.Principal;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/principal")
+public class UserController {
+
+    @GetMapping
+    public Principal retrievePrincipal(Principal principal) {
+        return principal;
+    }
+}

spring-security-mvc-boot/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java → spring-security-mvc-boot/spring-security-mvc-boot-default/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java

@@ -1,11 +1,8 @@
 package org.baeldung.multiplelogin;
 
 import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.context.annotation.ComponentScan;
 
 @SpringBootApplication
 @ComponentScan("org.baeldung.multiplelogin")

spring-security-mvc-boot/src/main/resources/application.properties → spring-security-mvc-boot/spring-security-mvc-boot-default/src/main/resources/application.properties

@@ -8,5 +8,7 @@ spring.jpa.database=H2
 spring.jpa.show-sql=false
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.H2Dialect
 
+logging.level.org.springframework.security.web.FilterChainProxy=DEBUG
 
-#logging.level.org.springframework.security.web.FilterChainProxy=DEBUG
+spring.h2.console.enabled=true
+spring.h2.console.path=/h2-console

spring-security-mvc-boot/spring-security-mvc-boot-default/src/test/java/org/baeldung/jdbcauthentication/h2/web/UserControllerLiveTest.java

@@ -0,0 +1,35 @@
+package org.baeldung.jdbcauthentication.h2.web;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.is;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpStatus;
+
+import io.restassured.authentication.FormAuthConfig;
+import io.restassured.filter.session.SessionFilter;
+
+/**
+ * This Live Test requires the H2JdbcAuthenticationApplication application to be up and running
+ */
+public class UserControllerLiveTest {
+
+    private static final String PRINCIPAL_SVC_URL = "http://localhost:8082/principal";
+
+    @Test
+    public void givenExisting_whenRequestPrincipal_thenRetrieveData() throws Exception {
+        SessionFilter filter = new SessionFilter();
+        given().auth()
+            .form("user", "pass", new FormAuthConfig("/login", "username", "password").withCsrfFieldName("_csrf"))
+            .and()
+            .filter(filter)
+            .when()
+            .get(PRINCIPAL_SVC_URL)
+            .then()
+            .statusCode(HttpStatus.OK.value())
+            .and()
+            .body("authorities[0].authority", is("ROLE_USER"))
+            .body("principal.username", is("user"))
+            .body("name", is("user"));
+    }
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/pom.xml

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>com.baeldung</groupId>
+    <artifactId>spring-security-mvc-boot-mysql</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <name>spring-security-mvc-boot-mysql</name>
+    <packaging>jar</packaging>
+    <description>Spring Security MVC Boot using MySQL</description>
+
+    <parent>
+        <artifactId>spring-security-mvc-boot</artifactId>
+        <groupId>com.baeldung</groupId>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>..</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+    </dependencies>
+
+</project>

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/java/com/baeldung/jdbcauthentication/mysql/MySqlJdbcAuthenticationApplication.java

@@ -0,0 +1,13 @@
+package com.baeldung.jdbcauthentication.mysql;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class MySqlJdbcAuthenticationApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(MySqlJdbcAuthenticationApplication.class, args);
+    }
+
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/java/com/baeldung/jdbcauthentication/mysql/config/SecurityConfiguration.java

@@ -0,0 +1,35 @@
+package com.baeldung.jdbcauthentication.mysql.config;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfiguration {
+
+    @Autowired
+    private DataSource dataSource;
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.jdbcAuthentication()
+            .dataSource(dataSource)
+            .usersByUsernameQuery("select email,password,enabled "
+                + "from bael_users "
+                + "where email = ?")
+            .authoritiesByUsernameQuery("select email,authority "
+                + "from authorities "
+                + "where email = ?");
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/java/com/baeldung/jdbcauthentication/mysql/web/UserController.java

@@ -0,0 +1,17 @@
+package com.baeldung.jdbcauthentication.mysql.web;
+
+import java.security.Principal;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/principal")
+public class UserController {
+
+    @GetMapping
+    public Principal retrievePrincipal(Principal principal) {
+        return principal;
+    }
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/resources/application.properties

@@ -0,0 +1,8 @@
+server.port=8082
+
+spring.datasource.url=jdbc:mysql://localhost:3306/jdbc_authentication
+spring.datasource.username=root
+spring.datasource.password=pass
+
+spring.datasource.initialization-mode=always
+spring.jpa.hibernate.ddl-auto=none

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/resources/data.sql

@@ -0,0 +1,4 @@
+-- User user@email.com/pass
+INSERT INTO bael_users (name, email, password, enabled) values ('user', 'user@email.com', '$2a$10$8.UnVuG9HHgffUDAlk8qfOuVGkqRzgVymGe07xd00DMxs.AQubh4a', 1);
+
+INSERT INTO authorities (email, authority) values ('user@email.com', 'ROLE_USER');