Spring Framework Tutorial

• Introduction to Spring Framework
• Spring Framework Architecture
• Spring Initializr
• Difference Between Spring DAO vs Spring ORM vs Spring JDBC
• Spring vs. Struts in Java

Software Setup and Configuration (STS/Eclipse/IntelliJ)

• How to Download and Install Spring Tool Suite (Spring Tools 4 for Eclipse) IDE?
• How to Create and Setup Spring Boot Project in Spring Tool Suite?
• How to Create a Spring Boot Project with IntelliJ IDEA?
• How to Create and Setup Spring Boot Project in Eclipse IDE?
• How to Create a Dynamic Web Project in Eclipse/Spring Tool Suite?
• How to Run Your First Spring Boot Application in IntelliJ IDEA?
• How to Run Your First Spring Boot Application in Spring Tool Suite?
• How to Turn on Code Suggestion in Eclipse or Spring Tool Suite?

Core Spring

• Understanding Inversion of Control with Example
• Spring - BeanFactory
• Spring - ApplicationContext
• Spring - Difference Between BeanFactory and ApplicationContext
• Spring Dependency Injection with Example
• Spring - Difference Between Inversion of Control and Dependency Injection
• Spring - Injecting Objects By Constructor Injection
• Spring - Setter Injection with Map
• Spring - Dependency Injection with Factory Method
• Spring - Dependency Injection by Setter Method
• Spring - Setter Injection with Non-String Map
• Spring - Constructor Injection with Non-String Map
• Spring - Constructor Injection with Map
• Spring - Setter Injection with Dependent Object
• Spring - Constructor Injection with Dependent Object
• Spring - Setter Injection with Collection
• Spring - Setter Injection with Non-String Collection
• Spring - Constructor Injection with Collection
• Spring - Injecting Objects by Setter Injection
• Spring - Injecting Literal Values By Setter Injection
• Spring - Injecting Literal Values By Constructor Injection
• Bean life cycle in Java Spring
• Custom Bean Scope in Spring
• How to Create a Spring Bean in 3 Different Ways?
• Spring - IoC Container
• Spring - Autowiring
• Singleton and Prototype Bean Scopes in Java Spring
• How to Configure Dispatcher Servlet in web.xml File?
• Spring - Configure Dispatcher Servlet in Three Different Ways
• How to Configure Dispatcher Servlet in Just Two Lines of Code in Spring?
• Spring - When to Use Factory Design Pattern Instead of Dependency Injection
• How to Create a Simple Spring Application?
• Spring - init() and destroy() Methods with Example
• Spring WebApplicationInitializer with Example
• Spring - Project Modules
• Spring - Remoting by HTTP Invoker
• Spring - Expression Language(SpEL)
• Spring - Variable in SpEL
• What is Ambiguous Mapping in Spring?
• Spring - Add New Query Parameters in GET Call Through Configurations
• Spring - Integrate HornetQ
• Remoting in Spring Framework
• Spring - Application Events
• Spring c-namespace with Example
• Parse Nested User-Defined Functions using Spring Expression Language (SpEL)
• Spring - AbstractRoutingDataSource
• Circular Dependencies in Spring
• Spring - ResourceLoaderAware with Example
• Spring Framework Standalone Collections
• How to Create a Project using Spring and Struts 2?
• Spring - Perform Update Operation in CRUD
• How to Transfer Data in Spring using DTO?
• Spring - Resource Bundle Message Source (i18n)
• Spring Application Without Any .xml Configuration
• Spring - BeanPostProcessor
• Spring and JAXB Integration
• Spring - Difference Between Dependency Injection and Factory Pattern
• Spring - REST Pagination
• Spring - Remoting By Burlap
• Spring - Remoting By Hessian
• Spring with Castor Example
• Spring - REST XML Response
• Spring - Inheriting Bean
• Spring - Change DispatcherServlet Context Configuration File Name
• Spring - JMS Integration
• Spring - Difference Between RowMapper and ResultSetExtractor
• Spring with Xstream
• Spring - RowMapper Interface with Example
• Spring - util:constant
• Spring - Static Factory Method
• Spring - FactoryBean
• Difference between EJB and Spring

Spring Annotations

• Spring Framework Annotations
• Spring Core Annotations
• Spring Stereotype Annotations
• Spring @Bean Annotation with Example
• Spring @Controller Annotation with Example
• Spring @Value Annotation with Example
• Spring @Configuration Annotation with Example
• Spring @ComponentScan Annotation with Example
• Spring @Qualifier Annotation with Example
• Spring @Service Annotation with Example
• Spring @Repository Annotation with Example
• Spring @Required Annotation
• Spring @Component Annotation with Example
• Spring @Autowired Annotation
• Spring @PostConstruct and @PreDestroy Annotation with Example
• Spring @PropertySource Annotation and Resource Interface
• Spring @Scope Annotation to Set a POJO’s Scope
• Spring @Required Annotation with Example

Spring Data

• What is Spring Data JPA?
• JPA vs Hibernate
• Spring Data JPA - Find Records From MySQL
• Spring Data JPA - Delete Records From MySQL
• Spring Data JPA - @Table Annotation
• Spring Data JPA - Insert Data in MySQL Table
• Spring Data JPA - Attributes of @Column Annotation with Example
• Spring Data JPA - @Column Annotation
• Spring Data JPA - @Id Annotation
• Introduction to the Spring Data Framework
• How to access database using Spring Data JPA
• How to Make a Project Using Spring Boot, MySQL, Spring Data JPA, and Maven?
• Spring Boot - Integrating Hibernate and JPA
• Spring Boot JpaRepository with Example
• Spring Boot - Spring Data JPA

Spring JDBC

• Spring JDBC Template
• Spring JDBC Example
• Spring - SimpleJDBCTemplate with Example
• Spring - Prepared Statement JDBC Template
• Spring - NamedParameterJdbcTemplate
• Spring - Using SQL Scripts with Spring JDBC + JPA + HSQLDB
• Spring - ResultSetExtractor

Spring Security

• Introduction to Spring Security and its Features
• OAuth2 Authentication with Spring and Github
• Spring Security at Method Level
• Spring Security JSP Tag Library
• Spring Security Form-Based Authentication
• Spring Security - Remember Me
• Spring Security XML
• Spring Security Project Example using Java Configuration
• How to Change Default User and Password in Spring Security?
• Spring - Add Roles in Spring Security
• Spring - Add User Name and Password in Spring Security

Spring - Add User Name and Password in Spring Security

To add a username and password for authentication in Spring Security, you can use in-memory authentication, JDBC authentication, or other authentication methods. Here, I'll show you how to add a simple username and password using in-memory authentication and then provide a brief overview of JDBC authentication:

1. In-memory Authentication:

Using in-memory authentication, you can define a user directly in your security configuration:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .inMemoryAuthentication()
                .withUser("username")             // specify the username
                .password(passwordEncoder().encode("password")) // specify the password
                .roles("USER");                   // specify the role
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .anyRequest().authenticated()
            .and()
            .formLogin()
                .loginPage("/login")
                .permitAll()
            .and()
            .logout()
                .permitAll();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

In this example, I'm using the BCryptPasswordEncoder to encode the password, which is recommended for security reasons.

2. JDBC Authentication:

For JDBC authentication, Spring Security provides a way to read user credentials directly from the database.

First, add the JDBC driver to your pom.xml:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-data-jdbc</artifactId>
</dependency>

Assuming you have tables users and authorities in your database with schema as Spring Security expects, you can configure JDBC authentication as follows:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    DataSource dataSource;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .jdbcAuthentication()
            .dataSource(dataSource)
            .usersByUsernameQuery("select username, password, enabled from users where username = ?")
            .authoritiesByUsernameQuery("select username, authority from authorities where username = ?");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .anyRequest().authenticated()
            .and()
            .formLogin()
                .loginPage("/login")
                .permitAll()
            .and()
            .logout()
                .permitAll();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

Note: The usersByUsernameQuery and authoritiesByUsernameQuery methods allow you to define custom queries if your schema is different from what Spring Security expects.

Remember:

1. Always encode your passwords. Never store plain-text passwords in the database or even in your configuration.
2. For more advanced setups, consider using UserDetailsService where you can provide custom logic for fetching user details.
3. Ensure to configure other security aspects like CSRF protection, CORS configuration, and session management, according to your application's needs.

1. Spring Security add user with username and password:

   • To add a user with a username and password, you typically configure a UserDetailsService and provide authentication details.

   @Service
   public class CustomUserDetailsService implements UserDetailsService {
       @Override
       public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
           // Fetch user details from your data source
           User user = // ... retrieve user details
   
           // Return a UserDetails object with username, password, and authorities
           return new org.springframework.security.core.userdetails.User(
               user.getUsername(),
               user.getPassword(),
               getAuthorities(user)
           );
       }
   
       private List<GrantedAuthority> getAuthorities(User user) {
           // Retrieve user roles and map them to GrantedAuthorities
           // ...
           return authorities;
       }
   }
   

2. Configuring user credentials in Spring Security:

   • Configure user credentials by providing a UserDetailsService bean.

   @Configuration
   @EnableWebSecurity
   public class SecurityConfig extends WebSecurityConfigurerAdapter {
       @Autowired
       private CustomUserDetailsService userDetailsService;
   
       @Override
       protected void configure(AuthenticationManagerBuilder auth) throws Exception {
           auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
       }
   
       @Bean
       public PasswordEncoder passwordEncoder() {
           return new BCryptPasswordEncoder();
       }
   
       // Other configurations...
   }
   

3. How to set up username and password authentication in Spring Security:

   • Set up username and password authentication by configuring the AuthenticationManagerBuilder.

   @Override
   protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.inMemoryAuthentication()
           .withUser("user").password("{noop}password").roles("USER")
           .and()
           .withUser("admin").password("{noop}admin").roles("USER", "ADMIN");
   }
   

4. Adding users to Spring Security with authentication details:

   • Add users to Spring Security by implementing a UserDetailsService and returning authentication details.

   public class CustomUserDetailsService implements UserDetailsService {
       @Override
       public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
           // Fetch user details from your data source
           User user = // ... retrieve user details
   
           // Return UserDetails with authentication details
           return new org.springframework.security.core.userdetails.User(
               user.getUsername(),
               user.getPassword(),
               user.getAuthorities()
           );
       }
   }
   

5. Customizing user authentication in Spring Security:

   • Customize user authentication by providing a custom UserDetailsService and configuring authentication mechanisms.

   @Configuration
   @EnableWebSecurity
   public class SecurityConfig extends WebSecurityConfigurerAdapter {
       @Autowired
       private CustomUserDetailsService userDetailsService;
   
       @Override
       protected void configure(AuthenticationManagerBuilder auth) throws Exception {
           auth.userDetailsService(userDetailsService)
               .passwordEncoder(passwordEncoder())
               .and()
               .authenticationProvider(customAuthenticationProvider());
       }
   
       @Bean
       public DaoAuthenticationProvider customAuthenticationProvider() {
           DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
           authProvider.setUserDetailsService(userDetailsService);
           authProvider.setPasswordEncoder(passwordEncoder());
           return authProvider;
       }
   
       // Other configurations...
   }
   

6. Securing Spring application with username and password in Spring Security:

   • Secure your application by configuring authentication based on usernames and passwords.

   @Override
   protected void configure(HttpSecurity http) throws Exception {
       http.authorizeRequests()
           .antMatchers("/public/**").permitAll()
           .antMatchers("/user/**").hasRole("USER")
           .antMatchers("/admin/**").hasRole("ADMIN")
           .anyRequest().authenticated()
           .and()
           .formLogin()
           .and()
           .httpBasic();
   }
   

7. Defining user credentials in Spring Security:

   • Define user credentials in a custom UserDetailsService implementation.

   public class CustomUserDetailsService implements UserDetailsService {
       @Override
       public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
           // Fetch user details from your data source
           User user = // ... retrieve user details
   
           // Define user credentials (username, password, authorities)
           return new org.springframework.security.core.userdetails.User(
               user.getUsername(),
               user.getPassword(),
               user.getAuthorities()
           );
       }
   }
   

8. Managing user authentication in Spring Security:

   • Manage user authentication through the UserDetailsService and related configurations.

   @Autowired
   private CustomUserDetailsService userDetailsService;
   
   @Override
   protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
   }
   

9. Spring Security username and password authentication example:

   • Example of configuring username and password authentication in Spring Security.

   @Override
   protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.inMemoryAuthentication()
           .withUser("user").password("{noop}password").roles("USER")
           .and()
           .withUser("admin").password("{noop}admin").roles("USER", "ADMIN");
   }