Spring_boot_CRUD_project_SpringMVC_SpringDataJPA_Hibernate_MySQL_Using_Html 5_css 3_Bootstrap 4_Thymeleaf
This is Spring_boot_CRUD_project Spring MVC, Spring Data JPA, ThymeLeaf, Hibernate, MySQL using html,css and bootstrap 4 and javascript all including spring security Role based authentication
You can't inspect this website even does not possible to get any source code and copy any text and others things !!! 🌟 this is the Magic on this project.🌟🌟🌟🌟 But one announcement is actually it can't possible to disable totally inspect on a website but possible to control some inspect way 🌟🌟
For Products:
1.save
2.update
3.delete
3.1: manipulate data By Using @Query annotation for my own database logic.🌟🌟
4.From validation.
5.Control inspect issues.
6.spring security
7.Role based spring security with Role based access.
8.Add searching features in this project using my MySql query basen on @Query JPQL query
9.generate high level spring security with login and logout all security features including here
10.ignoring authentication for some controller method url access 🌟🌟 way tutorial link below
@https://github.com/MdGolam-Kibria/Spring_boot_CRUD_projectSpringMVC_SpringDataJPAThHibernateMySQLUsingHtmlForm/blob/master/src/main/java/com/example/controlProducts/productManager/springSecurity/config/WebSecurityConfig.java
11.more comming soon
- if you want to make your database manually use the below code :-
CREATE TABLE `product` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(45) NOT NULL, `brand` varchar(45) NOT NULL, `madein` varchar(45) NOT NULL, `price` float NOT NULL, PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=utf8;-
`<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-jdbc</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-devtools</artifactId> <scope>runtime</scope> <optional>true</optional> </dependency>`
server.port=8085 spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.jpa.hibernate.ddl-auto = none spring.jpa.show-sql = true spring.datasource.url =jdbc:mysql://localhost:3306/salesdb spring.datasource.username = root spring.datasource.password=413152413152 logging.level.root=WARN
- step 1 : in main method : =
@SpringBootApplication(exclude = {DataSourceAutoConfiguration.class})- step 2 : make a class and paste the below code:
@Configuration
public class DataSourceConfig {
@Bean
public DataSource dataSource(){
return DataSourceBuilder.create()
.driverClassName("com.mysql.cj.jdbc.Driver")
.url("jdbc:mysql://localhost:3306/salesdb")
.username("root")
.password("413152413152")
.build();
}
}
after add some dependency with some criteria like Role based auth and access criteria with Spring security below the change..
###Create database table for user/admin/others access like below
#After;
#First :-
-
add thymeleaf-extras-springsecurity :
<dependency> <groupId>org.thymeleaf.extras</groupId> <artifactId>thymeleaf-extras-springsecurity5</artifactId> </dependency>
#Second :-
- add thymeleaf-extras-springsecurity url in html tag :
http://www.thymeleaf.org/extras/spring-security#Third :-
- add some thymeleaf attribute like below :-
div sec:authorize="${hasRole(hasRole('ADMIN'))}" This will only be displayed if authenticated user has a role computed by the controller. div
details in index.html file on action access Look at that
###last :-
Access denied control in code Look at that
#Access denied page.
#For user:-
-authorizeRequests(): It allows restricted access. HTTP requests are authorized before being served.
- antMatchers(): It matches the URL with given pattern.
- access(): It checks if the USER has provided role.
- formLogin(): Enables form based authentication.
- loginPage(): It specifies the custom login page URL.
- loginProcessingUrl(): It specifies the URL using which username and password is validated.
- usernameParameter(): It specifies the field name to enter user name which is used by spring security to validate. If not specified then default is username.
- passwordParameter(): It specifies the field name to enter password which is used by spring security to validate. If not specified then default is password.
- defaultSuccessUrl(): It specifies the default URL which is used by spring security after successful authentication.
- logout(): It support the logout functionality in spring security application.
- logoutUrl(): If defines the URL for logout. If CSRF protection is enabled, logout request must be POST.
- logoutSuccessUrl(): It specifies the URL which is used by spring security after successful logout.
- configureGlobal(): It configures AuthenticationManager.