Spring Boot: Secure your application with JDBC-Based Authentication

The previous Spring Security tutorial taught us to configure JDBC authentication using the Spring Security recommended database table. The Spring Security Framework is so flexible that we can use our custom database table for JDBC authentication. So in this tutorial, we connect our custom database table with Spring Security for JDBC authentication.

>>> Read full article <<<

👉 First, we will create a registration service through which we can create a new student. Then configure the student database table for JDBC authentication.

POM.XML

The Spring Boot project's pom.xml is shown below:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>2.7.7</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>
	<groupId>com.raven</groupId>
	<artifactId>spring-boot-security-authorization-custom-table</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<name>spring-boot-security-authorization-custom-table</name>
	<description>Spring Boot project to manage user in custom table in Spring Security</description>
	<properties>
		<java.version>11</java.version>
	</properties>
	<dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-data-jdbc</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-devtools</artifactId>
			<scope>runtime</scope>
			<optional>true</optional>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-data-jpa</artifactId>
		</dependency>
		<dependency>
			<groupId>mysql</groupId>
			<artifactId>mysql-connector-java</artifactId>
			<version>8.0.29</version>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>
		<dependency>
			<groupId>org.springframework.security</groupId>
			<artifactId>spring-security-test</artifactId>
			<scope>test</scope>
		</dependency>
	</dependencies>

	<build>
		<finalName>spring-boot-security-with-custom-table</finalName>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>

</project>

Spring Boot version 2.7.6 is what we use. This version of Spring Boot, Spring Framework, and Spring Security is 5.3.24 and 5.7.5, respectively. To implement Spring Security in this application, we have added the spring-boot-starter-security dependency.

Entity

Create a model package under the root package. Create the Student entity within this model package:

package com.raven.springbootsecurityauthorizationcustomtable.model;
import javax.persistence.*;

@Entity
@Table(name = "STUDENT")
public class Student {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private long id;

    @Column(name = "full_name", length = 50)
    private String fullName;

    @Column(name = "phone", length = 15)
    private String phone;

    @Column(name = "email", length = 60)
    private String email;

    @Column(name = "pwd", length = 200)
    private String pwd;

    @Column(name = "role", length = 40)
    private String role;

    public Student() {
    }

    public Student(String fullName, String phone, String email, String pwd, String role) {
        this.fullName = fullName;
        this.phone = phone;
        this.email = email;
        this.pwd = pwd;
        this.role = role;
    }

    public long getId() { return id;}

    public String getFullName() { return fullName; }

    public void setFullName(String fullName) { this.fullName = fullName; }

    public String getPhone() { return phone; }

    public void setPhone(String phone) { this.phone = phone; }

    public String getEmail() { return email;}

    public void setEmail(String email) { this.email = email; }

    public String getPwd() { return pwd; }

    public void setPwd(String pwd) { this.pwd = pwd;}

    public String getRole() { return role; }

    public void setRole(String role) { this.role = role; }

    @Override
    public String toString() {
        return "Student{" +
                "id=" + id +
                ", fullName='" + fullName + '\'' +
                ", phone='" + phone + '\'' +
                ", email='" + email + '\'' +
                ", pwd='" + pwd + '\'' +
                ", role='" + role + '\'' +
                '}';
    }
}

So by leveraging the Spring Data JPA Framework, we are creating a database table of the name STUDENT. We use this database table later to configure JDBC authentication. Before that, we will develop a service to save new student details with encrypted credentials.

...

>>> Read full article <<<

You can download the source code from here.

Happy coding!!! 😊

Java Code Nice To Me Dear

Saturday, February 11, 2023