Skip to main content


Showing posts with the label Spring Boot

Spring Security - Form based authentication

In this post, we will use Spring security to handle form based authentication. You can also read my previous posts on Basic Authentication and Digest Authentication . Technologies/ Frameworks used Spring Boot, Spring Security, Thymeleaf, AngularJS, Bootstrap Adding depedencies in pom.xml In the example, we will use Spring Boot, Spring Security, Undertow and thymeleaf and will add their starters as shown below. <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> <exclusions> <exclusion> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-tomcat</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-undertow</artifactId> <

Spring Security: Digest Authentication example

In this post, we will discuss about Digest Authentication with Spring Security. You can also read my previous post on Basic Authentication with Spring Security . What is Digest Authentication? This authentication method makes use of a hashing algorithms to encrypt the password (called password hash) entered by the user before sending it to the server. This, obviously, makes it much safer than the basic authentication method, in which the user’s password travels in plain text (or base64 encoded) that can be easily read by whoever intercepts it. There are many such hashing algorithms in java also, which can prove really effective for password security such as MD5, SHA, BCrypt, SCrypt and PBKDF2WithHmacSHA1 algorithms. Please remember that once this password hash is generated and stored in database, you can not convert it back to original password. Each time user login into application, you have to regenerate password hash again, and match with hash stored in database. So, if user

Spring Security: Basic Authentication example

In this post we will discuss about Basic Authentication and how to use it using Spring Security. BASIC Authentication It’s simplest of all techniques and probably most used as well. You use login/password forms – it’s basic authentication only. You input your username and password and submit the form to server, and application identify you as a user – you are allowed to use the system – else you get error. The main problem with this security implementation is that credentials are propagated in a plain way from the client to the server. Credentials are merely encoded with Base64 in transit, but not encrypted or hashed in any way. This way, any sniffer could read the sent packages over the network. HTTPS is, therefore, typically preferred over or used in conjunction with Basic Authentication which makes the conversation with the web server entirely encrypted. The best part is that nobody can even guess from the outside that Basic Auth is taking place. Let's create a simple S

Spring Data JPA with embedded database and Spring Boot

In this post, we will create a Restful web-services which will use JPA to persist the data in the embedded database(h2). Also, you can read more on Restful web-services . Adding pom.xml dependencies We will add spring-boot-starter-jpa to manage dependencies. We will use h2 embedded database server for persistence. <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> <dependency> <groupId>com.h2database</groupId> <artifactId>h2</artifactId> <scope>runtime</scope> </dependency> Creating entities We have three entities in the example project viz. Product, Rating, User. @Entity @Table(name = "product_ratings", schema = "product") public class Rating { @Id @GeneratedValue @Column(name="rating_id") private Long ratingId; private double rating; @Column(name="product_

Spring Boot - Restful webservices with Jersey

In the previous posts, we have created a Spring Boot QuickStart , customized the embedded server and properties and running specific code after spring boot application starts . Now in this post, we will create Restful webservices with Jersey deployed on Undertow as a Spring Boot Application. Adding dependencies in pom.xml We will add spring-boot-starter-parent as parent of our maven based project. The added benefit of this is version management for spring dependencies. <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>1.5.0.RELEASE</version> </parent> Adding spring-boot-starter-jersey dependency This will add/ configure the jersey related dependencies. <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-jersey</artifactId> </dependency> Adding spring-boot-starter-undertow depend

Spring Boot - ApplicationRunner and CommandLineRunner

Spring Boot provides two interfaces CommandLineRunner and ApplicationRunner to run specific piece of code when application is fully started. These interfaces get called just before run() on SpringApplication completes. CommandLineRunner This interface provides access to application arguments as string array. Let's see the example code for more clarity. @Component public class CommandLineAppStartupRunner implements CommandLineRunner { private static final Logger logger = LoggerFactory.getLogger(CommandLineAppStartupRunner.class); @Override public void run(String... args) throws Exception {"Application started with command-line arguments: {} . \n To kill this application, press Ctrl + C.", Arrays.toString(args)); } } ApplicationRunner ApplicationRunner wraps the raw application arguments and exposes interface ApplicationArguments which have many convinent methods to get arguments like getOptionNames() return all the arguments names

Spring Boot - changing/ configuring default embedded server

In the previous post , we have created a web-based Spring Boot application which uses Embedded Tomcat as the default server running on default port 8080 . Spring Boot supports Tomcat, Undetow and Jetty as embedded servers. Now, we will change and/ or configure the default embedded server and common properties to all the available servers. Spring Boot provides convenient way of configuring dependencies with its starters. For changing the embedded server, we will user its spring-boot-starter-undertow . Adding dependencies <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-undertow</artifactId> </dependency> spring-boot-starter-web comes with Embedded Tomcat. We need to exclude this dependency. <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> <exclusions> <exclusion> <groupId>org.s

Spring Boot - A quick start

In this post, we will create a simple Spring Boot application which will run on embedded Apache Tomcat. What is Spring Boot? Spring Boot helps in creating stand-alone, production-grade application easily with minimum fuss. It is the opinionated view of Spring framework and other third party libraries which believes in convenient configuration based setup. Let's start building Spring Boot Application. Adding dependencies in pom.xml We will first add spring-boot-starter-parent as parent of our maven based project. <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>1.5.1.RELEASE</version> </parent> The benefit of adding spring-boot-starter-parent is that version managing of dependency is easy. You can omit the required version on the dependency. It will pick the one configured the parent pom or from starters pom. Also, it conveniently setup the build r

Spring 4.3 - New @RequestMapping annotation

Spring 4.3 - @GetMapping, @PostMapping, @PutMapping and @DeleteMapping There are some new improvements in Spring Boot 1.4 and Spring 4.3 which lead to a better readability and some use of annotations, particularly with HTTP request methods. We usually map GET, PUT, POST and DELETE HTTP method in rest controller in the following way. @RestController @RequestMapping ( "/api/employees" ) public class EmployeeController { @RequestMapping public ResponseEntity < List < Employee >> getAll () { return ResponseEntity . ok ( Collections . emptyList ()); } @RequestMapping ( "/{employeeId}" ) public ResponseEntity < Employee > findById ( @PathVariable Long employeeId ) { return ResponseEntity . ok ( EmployeeStub . findById ( employeeId )); } @RequestMapping ( method = RequestMethod . POST ) public ResponseEntity < Employee > addEmployee ( @RequestBody Employee employee ) { return Respons