Spring Boot + Spring Security + JWT Authentication and Authorization Example

Hello everyone, Hope you are doing well, Today we will learn how to handle authentication and authorization on RESTful APIs written with Spring Boot. The GitHub repository link is provided at the end of this tutorial. You can download the source code.

A little bit of Background

Spring Boot

Spring Boot makes it easy to create stand-alone, production-grade Spring-based Applications that you can "just run". 


Spring Security

Spring Security is a framework that provides authentication, authorization, and protection against common attacks. With first-class support for securing both imperative and reactive applications, it is the de-facto standard for securing Spring-based applications.


JSON Web Token(JWT)

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.


MongoDB

MongoDB is a document database designed for ease of application development and scaling.


Token-based Authentication system flow diagram




Final Project Directory



Maven[pom.xml] 

Puts spring-boot-starter-data-mongodb, spring-boot-starter-webspring-boot-starter-security, jjwt dependencies.
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
  https://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <parent>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-parent</artifactId>
      <version>2.7.1</version>
      <relativePath /> <!-- lookup parent from repository -->
   </parent>
   <groupId>com.knf.dev</groupId>
   <artifactId>spring-boot-security-jwt-mongodb</artifactId>
   <version>0.0.1-SNAPSHOT</version>
   <name>spring-boot-security-jwt-mongodb</name>
   <description>Demo project for Spring Boot </description>

   <properties>
      <java.version>17</java.version>
   </properties>

   <dependencies>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-data-mongodb</artifactId>
      </dependency>

      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-security</artifactId>
      </dependency>

      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-web</artifactId>
      </dependency>

      <dependency>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt</artifactId>
         <version>0.9.1</version>
      </dependency>
      <dependency>
         <groupId>javax.xml.bind</groupId>
         <artifactId>jaxb-api</artifactId>
      </dependency>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-test</artifactId>
         <scope>test</scope>
         <exclusions>
            <exclusion>
               <groupId>org.junit.vintage</groupId>
               <artifactId>junit-vintage-engine</artifactId>
            </exclusion>
         </exclusions>
      </dependency>
      <dependency>
         <groupId>org.springframework.security</groupId>
         <artifactId>spring-security-test</artifactId>
         <scope>test</scope>
      </dependency>
   </dependencies>

   <build>
      <plugins>
         <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
         </plugin>
      </plugins>
   </build>

</project>


application.yaml

knf:
    app:
        jwtExpirationMs: 76300000
        jwtSecret: knowledgeFactory
spring:
    data:
        mongodb:
            database: knfDemoDb
            host: localhost
            port: 27017


Creat Employee Document

@Document(collection = "employees")
public class Employee {
   @Id
   private String id;

   private String employeename;

   private String email;

   private String password;

   @DBRef
   private Set<Role> roles = new HashSet<>();

   public Employee() {
   }

   public Employee(String employeename, 
         String email, String password) {
      super();
      this.employeename = employeename;
      this.email = email;
      this.password = password;
   }

   public String getEmployeename() {
      return employeename;
   }

   public void setEmployeename(String employeename) {
      this.employeename = employeename;
   }

   public String getId() {
      return id;
   }

   public void setId(String id) {
      this.id = id;
   }

   public String getEmail() {
      return email;
   }

   public void setEmail(String email) {
      this.email = email;
   }

   public String getPassword() {
      return password;
   }

   public void setPassword(String password) {
      this.password = password;
   }

   public Set<Role> getRoles() {
      return roles;
   }

   public void setRoles(Set<Role> roles) {
      this.roles = roles;
   }
}
  • @Id annotation is currently used by Spring to support mapping for other non-relational persistence databases or frameworks that do not have a defined common persistence API like JPA.
  • @Document is an annotation provided by the Spring Data project. It is used to identify a domain object, which is persisted to MongoDB. So you can use it to map a Java class into a collection inside MongoDB.


Create Role Document

@Document(collection = "roles")
public class Role {
   @Id
   private String id;
   @Indexed(unique = true)
   private ERole name;

   public Role() {

   }

   public Role(ERole name) {
      this.name = name;
   }

   public String getId() {
      return id;
   }

   public void setId(String id) {
      this.id = id;
   }

   public ERole getName() {
      return name;
   }

   public void setName(ERole name) {
      this.name = name;
   }
}


Create Enum ERole

public enum ERole {
   ROLE_EMPLOYEE, ROLE_ADMIN
}


Create Employee Repository

public interface EmployeeRepository 
                extends MongoRepository<Employee, String> {
   
   Optional<Employee> findByEmployeename(String employeename);

   Boolean existsByEmployeename(String employeename);

   Boolean existsByEmail(String email);
}
MongoRepository is just a specialized PagingAndSortingRepository suited to Mongo, which in turn is a specialized CrudRepository.


Create Role Repository

public interface RoleRepository 
         extends MongoRepository<Role, String> {
   
   Optional<Role> findByName(ERole name);
}


Create Service EmployeeDetailsImpl

public class EmployeeDetailsImpl implements UserDetails {
   
   private static final long serialVersionUID = 1L;

   private String id;

   private String username;

   private String email;

   @JsonIgnore
   private String password;

   private Collection<? extends GrantedAuthority> authorities;

   public EmployeeDetailsImpl(String id, 
         String username, String email, String password,
         Collection<? extends GrantedAuthority> authorities) {
      
      this.id = id;
      this.username = username;
      this.email = email;
      this.password = password;
      this.authorities = authorities;
   }

   public static EmployeeDetailsImpl build(Employee user) {
      
      List<GrantedAuthority> authorities = user.getRoles().stream()
            .map(role -> new SimpleGrantedAuthority
                  (role.getName().name()))
            .collect(Collectors.toList());

      return new EmployeeDetailsImpl(user.getId(),
            user.getEmployeename(), user.getEmail(),
            user.getPassword(),authorities);
   }

   @Override
   public Collection<? extends
         GrantedAuthority> getAuthorities() {
      
      return authorities;
   }

   public String getId() {
      return id;
   }

   public String getEmail() {
      return email;
   }

   @Override
   public String getPassword() {
      return password;
   }

   @Override
   public String getUsername() {
      return username;
   }

   @Override
   public boolean isAccountNonExpired() {
      return true;
   }

   @Override
   public boolean isAccountNonLocked() {
      return true;
   }

   @Override
   public boolean isCredentialsNonExpired() {
      return true;
   }

   @Override
   public boolean isEnabled() {
      return true;
   }

   @Override
   public boolean equals(Object o) {
      if (this == o)
         return true;
      if (o == null || getClass() != o.getClass())
         return false;
      EmployeeDetailsImpl user = (EmployeeDetailsImpl) o;
      return Objects.equals(id, user.id);
   }
}


Create Service EmployeeDetailsServiceImpl

@Service
public class EmployeeDetailsServiceImpl 
        implements UserDetailsService {
   
   @Autowired
   EmployeeRepository employeeRepository;

   @Override
   @Transactional
   public UserDetails loadUserByUsername(String employeename) 
           throws UsernameNotFoundException {
      
      Employee employee = employeeRepository
            .findByEmployeename(employeename)
            .orElseThrow(() -> new UsernameNotFoundException
                  ("Employee Not Found with username: " 
            + employeename));

      return EmployeeDetailsImpl.build(employee);
   }
}


Create Jwt Utility

@Component
public class JwtUtils {
   
   private static final Logger logger = LoggerFactory
         .getLogger(JwtUtils.class);
   
   @Value("${knf.app.jwtExpirationMs}")
   private int jwtExpirationMs;
   @Value("${knf.app.jwtSecret}")
   private String jwtSecret;

   public boolean validateJwtToken(String authToken) {
      try {
         Jwts.parser().setSigningKey(jwtSecret)
            .parseClaimsJws(authToken);
         return true;
      } catch (SignatureException e) {
         logger.error("Invalid JWT signature: {}", e.getMessage());
      } catch (MalformedJwtException e) {
         logger.error("Invalid JWT token: {}", e.getMessage());
      } catch (ExpiredJwtException e) {
         logger.error("JWT token is expired: {}", e.getMessage());
      } catch (UnsupportedJwtException e) {
      logger.error("JWT token is unsupported: {}", e.getMessage());
      } catch (IllegalArgumentException e) {
      logger.error("JWT claims string is empty: {}", e.getMessage());
      }

      return false;
   }

   public String generateJwtToken(Authentication authentication) {

      EmployeeDetailsImpl employeePrincipal = 
            (EmployeeDetailsImpl) authentication.getPrincipal();

      return Jwts.builder().setSubject((employeePrincipal
            .getUsername())).setIssuedAt(new Date())
            .setExpiration(new Date((new Date()).getTime()
                  + jwtExpirationMs))
        .signWith(SignatureAlgorithm.HS512, jwtSecret).compact();
   }

   public String getEmployeeNameFromJwtToken(String token) {
      return Jwts.parser().setSigningKey(jwtSecret)
            .parseClaimsJws(token).getBody().getSubject();
   }

}


Create AuthTokenFilter

public class AuthTokenFilter extends OncePerRequestFilter {
   @Autowired
   private JwtUtils jwtUtils;

   @Autowired
   private EmployeeDetailsServiceImpl employeeDetailsService;

   private static final Logger logger = LoggerFactory
         .getLogger(AuthTokenFilter.class);

   @Override
   protected void doFilterInternal(HttpServletRequest request,
           HttpServletResponse response, FilterChain filterChain)
         throws ServletException, IOException {

      try {
         String jwt = parseJwt(request);
         if (jwt != null && jwtUtils.validateJwtToken(jwt)) {
            
            String employeename = jwtUtils
                  .getEmployeeNameFromJwtToken(jwt);

            UserDetails employeeDetails = employeeDetailsService
                   .loadUserByUsername(employeename);

            UsernamePasswordAuthenticationToken authentication = 
                  new UsernamePasswordAuthenticationToken(
                  employeeDetails, null, 
                      employeeDetails.getAuthorities());
            
    authentication.setDetails(new WebAuthenticationDetailsSource()
                  .buildDetails(request));

            SecurityContextHolder.getContext()
                .setAuthentication(authentication);
         }
      } catch (Exception e) {
      logger.error("Cannot set employee authentication: {}", e);
      }

      filterChain.doFilter(request, response);
   }

   private String parseJwt(HttpServletRequest request) {
      String headerAuth = request.getHeader("Authorization");

      if (StringUtils.hasText(headerAuth) 
            && headerAuth.startsWith("Bearer ")) {
         return headerAuth.substring(7, headerAuth.length());
      }

      return null;
   }
}


Create AuthEntryPointJwt

@Component
public class AuthEntryPointJwt 
    implements AuthenticationEntryPoint {

   private static final Logger logger = LoggerFactory
          .getLogger(AuthEntryPointJwt.class);

   @Override
   public void commence(HttpServletRequest request, 
         HttpServletResponse response,
         AuthenticationException authException) 
               throws IOException, ServletException {
      
      logger.error("Unauthorized error: {}", 
            authException.getMessage());
      
      response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
            "Error: Unauthorized");
   }

}


Create Web Security Configuration

WebSecurityConfigurerAdapter is deprecated, So going forward, the recommended way of doing this is registering a SecurityFilterChain bean like below.
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig {

   @Autowired
   private AuthEntryPointJwt unauthorizedHandler;

   @Autowired
   EmployeeDetailsServiceImpl employeeDetailsService;

   @Bean
   public SecurityFilterChain filterChain(HttpSecurity http) 
         throws Exception {

      http.cors().and().csrf().disable().exceptionHandling()
       .authenticationEntryPoint(unauthorizedHandler).and()
         .sessionManagement().sessionCreationPolicy
           (SessionCreationPolicy.STATELESS).and()
            .authorizeRequests()
             .antMatchers("/api/auth/**").permitAll()
              .antMatchers("/api/test/**").permitAll()
               .anyRequest()
            .authenticated();

      http.addFilterBefore(authenticationJwtTokenFilter(),
            UsernamePasswordAuthenticationFilter.class);

      return http.build();
   }

   @Bean
   public PasswordEncoder passwordEncoder() {
      return new BCryptPasswordEncoder();
   }

   @Bean
   public AuthTokenFilter authenticationJwtTokenFilter() {
      return new AuthTokenFilter();
   }

   @Bean
   public AuthenticationManager authenticationManager
     (AuthenticationConfiguration authenticationConfiguration)
         throws Exception {
      
      return authenticationConfiguration
            .getAuthenticationManager();
   }
}


Create Login Request

public class LoginRequest {
   
   private String employeename;
   
   private String password;

   public String getEmployeename() {
      return employeename;
   }

   public void setEmployeename(String employeename) {
      this.employeename = employeename;
   }

   public String getPassword() {
      return password;
   }

   public void setPassword(String password) {
      this.password = password;
   }
}

Create Signup Request

public class SignupRequest {

   private String employeename;

   private String email;

   private Set<String> roles;

   private String password;

   public String getEmployeename() {
      return employeename;
   }

   public void setEmployeename(String employeename) {
      this.employeename = employeename;
   }

   public String getEmail() {
      return email;
   }

   public void setEmail(String email) {
      this.email = email;
   }

   public String getPassword() {
      return password;
   }

   public void setPassword(String password) {
      this.password = password;
   }

   public Set<String> getRoles() {
      return this.roles;
   }

   public void setRole(Set<String> roles) {
      this.roles = roles;
   }
}


Create Jwt Response

public class JwtResponse {
   
   private String token;
   private String type = "Bearer";
   private String id;
   private String employeename;
   private String email;
   private List<String> roles;

   public JwtResponse(String accessToken, 
         String id, String employeename, 
         String email, List<String> roles) {
      
      this.token = accessToken;
      this.id = id;
      this.employeename = employeename;
      this.email = email;
      this.roles = roles;
   }

   public String getAccessToken() {
      return token;
   }

   public void setAccessToken(String accessToken) {
      this.token = accessToken;
   }

   public String getTokenType() {
      return type;
   }

   public void setTokenType(String tokenType) {
      this.type = tokenType;
   }

   public String getId() {
      return id;
   }

   public void setId(String id) {
      this.id = id;
   }

   public String getEmail() {
      return email;
   }

   public void setEmail(String email) {
      this.email = email;
   }

   public String getEmployeename() {
      return employeename;
   }

   public void setEmployeename(String employeename) {
      this.employeename = employeename;
   }

   public List<String> getRoles() {
      return roles;
   }
}


Create Message Response

public class MessageResponse {
   private String message;

   public MessageResponse(String message) {
       this.message = message;
     }

   public String getMessage() {
      return message;
   }

   public void setMessage(String message) {
      this.message = message;
   }
}


Create Auth Controller

@CrossOrigin(origins = "*", maxAge = 3600)
@RestController
@RequestMapping("/api/auth")
public class AuthController {
   @Autowired
   AuthenticationManager authenticationManager;

   @Autowired
   EmployeeRepository employeeRepository;

   @Autowired
   RoleRepository roleRepository;

   @Autowired
   PasswordEncoder encoder;

   @Autowired
   JwtUtils jwtUtils;

   @PostMapping("/signin")
   public ResponseEntity<?> authenticateEmployee
          (@RequestBody LoginRequest loginRequest) {

      Authentication authentication = authenticationManager
         .authenticate(new UsernamePasswordAuthenticationToken
                  (loginRequest.getEmployeename(), 
                        loginRequest.getPassword()));

      SecurityContextHolder.getContext()
              .setAuthentication(authentication);
      String jwt = jwtUtils.generateJwtToken(authentication);

      EmployeeDetailsImpl employeeDetails = (EmployeeDetailsImpl) 
            authentication.getPrincipal();
      List<String> roles = employeeDetails.getAuthorities()
            .stream().map(item -> item.getAuthority())
            .collect(Collectors.toList());

      return ResponseEntity.ok(new JwtResponse(jwt,
            employeeDetails.getId(), 
            employeeDetails.getUsername(),
            employeeDetails.getEmail(), roles));
   }

   @PostMapping("/signup")
   public ResponseEntity<?> registerUser
        (@RequestBody SignupRequest signUpRequest) {
      
      if (employeeRepository.existsByEmployeename
            (signUpRequest.getEmployeename())) {
         
         return ResponseEntity.badRequest()
               .body(new MessageResponse
              ("Error: Employeename is already taken!"));
      }

      if (employeeRepository
            .existsByEmail(signUpRequest.getEmail())) {
         
         return ResponseEntity.badRequest()
               .body(new MessageResponse
            ("Error: Email is already in use!"));
      }

      // Create new employee account
      Employee employee = new Employee(signUpRequest
               .getEmployeename(), signUpRequest.getEmail(),
            encoder.encode(signUpRequest.getPassword()));

      Set<String> strRoles = signUpRequest.getRoles();
      Set<Role> roles = new HashSet<>();

      if (strRoles == null) {
         Role employeeRole = roleRepository
                .findByName(ERole.ROLE_EMPLOYEE)
                 .orElseThrow(() -> new RuntimeException
                       ("Error: Role is not found."));
         roles.add(employeeRole);
      } else {
         strRoles.forEach(role -> {
            switch (role) {
            case "admin":
               Role adminRole = roleRepository
                   .findByName(ERole.ROLE_ADMIN)
                     .orElseThrow(() -> new RuntimeException
                           ("Error: Role is not found."));
               roles.add(adminRole);

               break;
            default:
               Role defaultRole = roleRepository
                  .findByName(ERole.ROLE_EMPLOYEE)
                     .orElseThrow(() -> new RuntimeException
                           ("Error: Role is not found."));
               roles.add(defaultRole);
            }
         });
      }

      employee.setRoles(roles);
      employeeRepository.save(employee);

      return ResponseEntity.ok(new MessageResponse
            ("Employee registered successfully!"));
   }
}


Create Employee Controller

@CrossOrigin(origins = "*", maxAge = 4800)
@RestController
@RequestMapping("/api/test")
public class EmployeeController {
   @GetMapping("/all")
   public MessageResponse allAccess() {
      return new MessageResponse("Public ");
   }

   @GetMapping("/employee")
   @PreAuthorize("hasRole('EMPLOYEE') ")
   public MessageResponse employeeAccess() {

      return new MessageResponse("Employee zone");
   }

   @GetMapping("/admin")
   @PreAuthorize("hasRole('ADMIN')")
   public MessageResponse adminAccess() {
      return new MessageResponse("Admin zone");
   }
}


Spring Boot Main Driver

@SpringBootApplication
public class Application implements CommandLineRunner {
   @Autowired
   RoleRepository roleRepository;

   public static void main(String[] args) {
      SpringApplication.run(Application.class, args);
   }

   /* Add some rows into roles collection 
    * before assigning any role to Employee. */
   @Override
   public void run(String... args) throws Exception {
      try {
         if (roleRepository.findAll().isEmpty()) {
            Role role = new Role();
            role.setName(ERole.ROLE_EMPLOYEE);
            roleRepository.save(role);
            Role role2 = new Role();
            role2.setName(ERole.ROLE_ADMIN);
            roleRepository.save(role2);
         } else {

         }
      } catch (Exception e) {

      }
   }

}


Local Setup and Run the application

Step 1: Download or clone the source code from GitHub to the local machine - Click here


Step 2: mvn clean install


Step 3: Run the Spring Boot application - 

mvn spring-boot:run or Run as Spring Boot application.


Register employee

http://localhost:8080/api/auth/signup



Employee Sign in to an account

http://localhost:8080/api/auth/signin



Using accessToken access ROLE_EMPLOYEE resource

http://localhost:8080/api/test/employee



Register Admin

http://localhost:8080/api/auth/signup



Admin Sign in to an account

http://localhost:8080/api/auth/signin



Using accessToken access ROLE_ADMIN resource

http://localhost:8080/api/test/admin



More related topics,

Popular posts from this blog

Learn Java 8 streams with an example - print odd/even numbers from Array and List

Example 1: Java 8 program to print odd numbers from a List   import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; /*Java 8 Program to find Odd Numbers from a List*/ public class DriverClass { public static void main( String [] args) { List < Integer > numbers = Arrays. asList( 1 , 4 , 8 , 40 , 11 , 22 , 33 , 99 ); List < Integer > oddNumbers = numbers.stream(). filter(o -> o % 2 != 0 ). collect(Collectors.toList()); System.out.println(oddNumbers); } } 1. Initialize List using Arrays.asList() method. Java's built-in Arrays.asList() method converts an array into a list. This method takes an array as an argument and returns a List object. 2.  Java List interface provides stream() method which returns a sequential Stream with list of Integer as its source. 3. The Java stream filter() method allow
Read more

Java Stream API - How to convert List of objects to another List of objects using Java streams?

Image
In this section, we will show you how to convert a List of objects to another List of objects in Java using the Java streams map(). The ‘map’ method maps each element to its corresponding result. Java Stream API   The Java Stream API provides a functional programming approach over the object oriented capabilities of Java. It is used for processing collections of objects. The Stream in Java can be defined as a sequence of elements from a source List, Set or Array. Most of the stream operations return a Stream. This avails engender a chain of stream operations(stream pipe-lining). The streams withal support the aggregate or terminal operations on the elements. for example, finding the sum or maximum element or finding the average etc...Stream operations can either be executed sequentially or parallel. when performed parallelly, it is called a parallel stream.   Stream map() Method   The Java 8 Stream map() is an intermediate operation. It converts Stream<obj1> to Stream<obj2>
Read more

Registration and Login with Spring Boot + Spring Security + Thymeleaf

Image
In this section, we will learn how to create user registration and login using Spring boot, Spring security, Thymeleaf, JPA, and H2DB. The GitHub repository link is provided at the end of this tutorial. You can download the source code. Technologies used: Spring Boot 2.5.5  Spring Data JPA  Spring Security  Thymeleaf  Maven 3+  Java 17  H2 Database   User Interface User Registration Authentication Failed Authentication success Sign out Final Project Structure: Complete pom.xml: <? xml version ="1.0" encoding ="UTF-8" ?> < project xmlns ="http://maven.apache.org/POM/4.0.0" xmlns: xsi ="http://www.w3.org/2001/XMLSchema-instance" xsi :schemaLocation ="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" > < modelVersion >4.0.0</ modelVersion > < parent > < groupId >org.springframework.boot</ groupId > < artifactId >spring-boot-starter-pare
Read more

Java, Spring Boot Mini Project - Library Management System - Download

Image
Hello everyone, Hope you are doing well. Here, we provide a Library Management System mini-project for beginners, it's free for download. Maybe you can build more on top of this project and create your own product, that's all about you. The source code download link is provided at the end of this post. 1. Benefit of this project You could cover the following technologies and features by learning and debugging this mini project. Java 17 Java Stream Java Lamda Expressions Java Records Functional programming Object-oriented programming var Keyword in Java Generics in Java Java Switch Spring boot 2.6.4 Spring Security Thymeleaf template engine OpenCSV Spring Data JPA Server Side Pagination H2 Database  Bootstrap HTML CSS and more... 2. Objective Of Spring Boot On Library Management System The main objective of this project is to manage the details of the books, author, category, and publisher. Only Admin/Librarian will manage all these activities. Also, they can export the data in
Read more

ReactJS, Spring Boot JWT Authentication Example

Image
In this tutorial, we’ll create a user registration & login example using ReactJS, Spring Boot, Spring Security, and JWT authentication. You could download the source code from our Github repository, the download link is provided at the end of this tutorial. Technologies used Backend Technologies: Java 17 Spring Boot 2.7.0 Spring Security Spring Data JPA JWT H2 Database Frontend Technologies: React 17.0.1 Axios 0.27.2 Redux 4.0.5 Bootstrap 4.5.2 ReactJS - SpringBoot - JWT - Flow Backend Project Directory: Frontend Project Directory: Following is the screenshot of our application - User Registration: User Signin: Profile View: Access Resource: We will build two projects:  1. Backend:   spring-boot-security-jwt 2. Frontend: react-redux-jwt Project 1: spring-boot-security-jwt Pom.xml <?xml version = "1.0" encoding = "UTF-8" ?> <project xmlns = "http://maven.apache.org/POM/4.0.0" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
Read more

Spring Boot + Mockito simple application with 100% code coverage

Image
In this article, we will show you a simple  Spring Boot example to demonstrate test methods for Controllers, Service, and Repository, And code coverage analysis using the EclEmma plugin. Technologies used: Spring Boot 2.6.4 Mockito 3.11.2 Maven 3+ EclEmma plugin Junit 5 Java 17 A quick overview of  Spring Boot, Mockito, and EclEmma plugin Spring boot: Spring boot to develop REST web services and microservices. Spring Boot has taken the Spring framework to the next level. It has drastically reduced the configuration and setup time required for spring projects. We can set up a project with almost zero configuration and start building the things that actually matter to your application. Mockito: Mockito is a mocking framework, a JAVA-predicated library that is utilized for efficacious unit testing of JAVA applications. Mockito is utilized to mock interfaces so that a dummy functionality can be integrated into a mock interface that can be utilized in unit testing. EclEmma : E
Read more

Top 5 Java ORM tools - 2024

Image
  The term ORM refers to object-relational mapping, which uses objects to adapt programming languages to database systems while allowing them to function with SQL and object-oriented programming ideas. Any kind of database management system that can accomplish object mapping to the table in the virtual system is suitable for the implementation of ORM. Java has a wide variety of ORM tools, some of which are mentioned below: 1. Hibernate Hibernate is a lightweight, open-source, non-invasive Java ORM (Object-Relational Mapping) framework that allows developers to create objects that function independently of database software and create persistence logic in any Java or JavaEE application. It offers an abstraction layer, so developers don't have to bother about implementations; Hibernate handles these tasks internally, such as connecting to databases and creating queries to carry out CRUD operations, among other things. Persistence logic development is done with it. Persistence logic r
Read more

Java - Blowfish Encryption and decryption Example

Image
Blowfish is an encryption method developed by Bruce Schneier in 1993 as an alternative to the DES encryption method. It is significantly faster than DES and provides good encryption speed, although no effective cryptanalysis technique has been found to date. It is one of the first secure block ciphers that is not protected by any patents and is therefore freely available for anyone to use. This is a symmetric block cipher algorithm. Block size: 64 bits Key size: variable size from 32 to 448 bits number of subsections: 18 [P-array] number of rounds: 16 number of substitution blocks: 4 [each with 512 records of 32 bits each] develop  Example 1: Encryption and decryption using Blowfish import java.io.UnsupportedEncodingException; import java.nio.charset.Charset; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.util.Base64; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeExc
Read more

Spring boot video streaming example-HTML5

Image
Hello everyone, Today we will learn how to stream MP4 video using Spring Boot and Spring Web Flux.  The Source code download link is provided at the end of this post. New, Quarkus Practice User Interface   Project Structure: G radle(build.gradle) plugins { id 'org.springframework.boot' version '2.5.4' id 'io.spring.dependency-management' version '1.0.11.RELEASE' id 'java' } group = 'com.knf.demo' version = '0.0.1-SNAPSHOT' sourceCompatibility = '11' repositories { mavenCentral() } dependencies { implementation 'org.springframework.boot:spring-boot-starter-webflux' testImplementation 'org.springframework.boot:spring-boot-starter-test' testImplementation 'io.projectreactor:reactor-test' } test { useJUnitPlatform() } Service (VideoStreamingService.java) package  com.knf.demo.service ; import org.springframework.beans.factory.annotation. Autowired ; import org.springframew
Read more

Google Cloud Storage + Spring Boot - File Upload, Download, and Delete

Image
In this section, we will learn  how to  create a simple spring boot application to perform different file operations such as upload, download, list, and delete files from the Google Cloud Storage. 1.  A little bit of Background Google Cloud Storage Cloud Storage is a managed service for storing unstructured data. Store any amount of data and retrieve it as often as you like. More Info - click here! Spring Boot Spring Boot makes it easy to create stand-alone, production-grade Spring-based Applications that you can "just run".  More Info - click here! 2. Create a GCP Project First, Sign into the Google console at  https://console.cloud.google.com . You can create a new project by first selecting the project dropdown in the top left and selecting " New Project ". Next, specify your GCP  Project name  and  Project ID . Then  Click on the " CREATE " button. Copy " Project ID " and keep it for future purposes. 3. Create a Google Cloud Storage bucket Fr
Read more