JEE application based on spring to manage students.
Create a web application based on Spring MVC, Spring Data JPA and Spring Security which allows to manage students. Each student is defined by:
- His id
- his last name
- his first name
- his email
- his birthday
- Its gender: MASCULINE or FEMININE
- An attribute that indicates whether it is in good standing or not The application must offer the following functionalities:
- Search for students by name
- Do the pagination
- Delete students using method (DELETE instead of GET)
- Enter and Add students with form validation
- Edit and update students
- Create a template page
- Secure access to the application with an authentication system based on Spring security using the UseDetails Service policy
- Add other additional features
Etudiant
Entity.
- The
Gender
entity of type enum.
- Home page:
- List of students + pagination + keyword search:
- This user has the right to consult the list of students but cannot perform operations such as deletion, modification or addition.
- Les entités AppUser & AppRole:
- SecurityConfig: Access to the application is secured with an authentication system based on Spring security using the User Details Service policy:
package ma.enset.student_managementapp.security.service;
import ma.enset.student_managementapp.security.entities.AppUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.Collection;
import java.util.stream.Collectors;
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private SecurityService securityService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
AppUser appUser = securityService.loadUserByUsername(username);
Collection<GrantedAuthority> authorities1 = appUser
.getAppRoles()
.stream()
.map(role-> new SimpleGrantedAuthority(role.getRoleName()))
.collect(Collectors.toList());
User user = new User(appUser.getUsername(),appUser.getPassword(),authorities1);
return user;
}
}
package ma.enset.student_managementapp.security;
import lombok.AllArgsConstructor;
import ma.enset.student_managementapp.security.service.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.PasswordEncoder;
import javax.sql.DataSource;
@Configuration
@EnableWebSecurity @AllArgsConstructor
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private DataSource dataSource;
private PasswordEncoder passwordEncoder;
private UserDetailsServiceImpl userDetailsService;
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin();
http.authorizeRequests().antMatchers("/").permitAll();
http.authorizeRequests().antMatchers("/images/**").permitAll();
http.authorizeRequests().antMatchers("/admin/**").hasAnyAuthority("ADMIN");
http.authorizeRequests().antMatchers("/user/**").hasAnyAuthority("USER");
http.authorizeRequests().antMatchers("/webjars/**").permitAll();
http.authorizeRequests().anyRequest().authenticated();
http.exceptionHandling().accessDeniedPage("/403");
}
}