[BAEL-3066] Spring Security: Exploring JDBC Authentication (#7441)

* created multi-module project from spring-security-mvc-boot

* Added JDBC Authentication application to spring-security-mvc-boot-default

* Added JDBC Authentication application to spring-security-mvc-boot-mysql

* Added JDBC Authentication application to spring-security-mvc-boot-postgre

* adding new modules to parent spring-security-mvc-boot module, reformatting sql scripts, and added form fields to H2 LiveTest

spring-security-mvc-boot/spring-security-mvc-boot-mysql/pom.xml

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>com.baeldung</groupId>
+    <artifactId>spring-security-mvc-boot-mysql</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <name>spring-security-mvc-boot-mysql</name>
+    <packaging>jar</packaging>
+    <description>Spring Security MVC Boot using MySQL</description>
+
+    <parent>
+        <artifactId>spring-security-mvc-boot</artifactId>
+        <groupId>com.baeldung</groupId>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>..</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+    </dependencies>
+
+</project>

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/java/com/baeldung/jdbcauthentication/mysql/MySqlJdbcAuthenticationApplication.java

@@ -0,0 +1,13 @@
+package com.baeldung.jdbcauthentication.mysql;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class MySqlJdbcAuthenticationApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(MySqlJdbcAuthenticationApplication.class, args);
+    }
+
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/java/com/baeldung/jdbcauthentication/mysql/config/SecurityConfiguration.java

@@ -0,0 +1,35 @@
+package com.baeldung.jdbcauthentication.mysql.config;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfiguration {
+
+    @Autowired
+    private DataSource dataSource;
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.jdbcAuthentication()
+            .dataSource(dataSource)
+            .usersByUsernameQuery("select email,password,enabled "
+                + "from bael_users "
+                + "where email = ?")
+            .authoritiesByUsernameQuery("select email,authority "
+                + "from authorities "
+                + "where email = ?");
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/java/com/baeldung/jdbcauthentication/mysql/web/UserController.java

@@ -0,0 +1,17 @@
+package com.baeldung.jdbcauthentication.mysql.web;
+
+import java.security.Principal;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/principal")
+public class UserController {
+
+    @GetMapping
+    public Principal retrievePrincipal(Principal principal) {
+        return principal;
+    }
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/resources/application.properties

@@ -0,0 +1,8 @@
+server.port=8082
+
+spring.datasource.url=jdbc:mysql://localhost:3306/jdbc_authentication
+spring.datasource.username=root
+spring.datasource.password=pass
+
+spring.datasource.initialization-mode=always
+spring.jpa.hibernate.ddl-auto=none

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/resources/data.sql

@@ -0,0 +1,4 @@
+-- User user@email.com/pass
+INSERT INTO bael_users (name, email, password, enabled) values ('user', 'user@email.com', '$2a$10$8.UnVuG9HHgffUDAlk8qfOuVGkqRzgVymGe07xd00DMxs.AQubh4a', 1);
+
+INSERT INTO authorities (email, authority) values ('user@email.com', 'ROLE_USER');

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/main/resources/schema.sql

@@ -0,0 +1,18 @@
+DROP TABLE IF EXISTS authorities;
+DROP TABLE IF EXISTS bael_users;
+
+CREATE  TABLE bael_users (
+  name VARCHAR(50) NOT NULL,
+  email VARCHAR(50) NOT NULL,
+  password VARCHAR(100) NOT NULL,
+  enabled TINYINT NOT NULL DEFAULT 1,
+  PRIMARY KEY (email)
+);
+  
+CREATE TABLE authorities (
+  email VARCHAR(50) NOT NULL,
+  authority VARCHAR(50) NOT NULL,
+  FOREIGN KEY (email) REFERENCES bael_users(email)
+);
+
+CREATE UNIQUE INDEX ix_auth_email on authorities (email,authority);

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/test/java/com/baeldung/jdbcauthentication/mysql/SpringContextIntegrationTest.java

@@ -0,0 +1,15 @@
+package com.baeldung.jdbcauthentication.mysql;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(classes = MySqlJdbcAuthenticationApplication.class)
+public class SpringContextIntegrationTest {
+
+    @Test
+    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
+    }
+}

spring-security-mvc-boot/spring-security-mvc-boot-mysql/src/test/java/com/baeldung/jdbcauthentication/mysql/web/UserControllerLiveTest.java

@@ -0,0 +1,35 @@
+package com.baeldung.jdbcauthentication.mysql.web;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.is;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpStatus;
+
+/**
+ * This Live Test requires:
+ * *  a MySql instance running, that allows a 'root' user with password 'pass', and with a database named jdbc_authentication
+ * (e.g. with the following command `docker run -p 3306:3306 --name bael-mysql -e MYSQL_ROOT_PASSWORD=pass -e MYSQL_DATABASE=jdbc_authentication mysql:latest`)
+ * * the service up and running
+ *
+ */
+public class UserControllerLiveTest {
+
+    private static final String PRINCIPAL_SVC_URL = "http://localhost:8082/principal";
+
+    @Test
+    public void givenExisting_whenRequestPrincipal_thenRetrieveData() throws Exception {
+        given().auth()
+            .preemptive()
+            .basic("user@email.com", "pass")
+            .when()
+            .get(PRINCIPAL_SVC_URL)
+            .then()
+            .statusCode(HttpStatus.OK.value())
+            .and()
+            .body("authorities[0].authority", is("ROLE_USER"))
+            .body("principal.username", is("user@email.com"))
+            .body("name", is("user@email.com"));
+    }
+
+}