diff --git a/spring-security-modules/spring-security-mvc-boot-2/README.md b/spring-security-modules/spring-security-mvc-boot-2/README.md
new file mode 100644
index 0000000000..3c95086d21
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/README.md
@@ -0,0 +1,13 @@
+## Spring Boot Security MVC
+
+This module contains articles about Spring Security with Spring MVC in Boot applications
+
+### The Course
+The "REST With Spring" Classes: http://github.learnspringsecurity.com
+
+### Relevant Articles:
+- [Multiple Entry Points in Spring Security](https://www.baeldung.com/spring-security-multiple-entry-points)
+- [Multiple Authentication Providers in Spring Security](https://www.baeldung.com/spring-security-multiple-auth-providers)
+- [Two Login Pages with Spring Security](https://www.baeldung.com/spring-security-two-login-pages)
+- [HTTPS using Self-Signed Certificate in Spring Boot](https://www.baeldung.com/spring-boot-https-self-signed-certificate)
+- [Spring Security: Exploring JDBC Authentication](https://www.baeldung.com/spring-security-jdbc-authentication)
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/WebContent/META-INF/MANIFEST.MF b/spring-security-modules/spring-security-mvc-boot-2/WebContent/META-INF/MANIFEST.MF
new file mode 100644
index 0000000000..254272e1c0
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/WebContent/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Class-Path:
+
diff --git a/spring-security-modules/spring-security-mvc-boot-2/pom.xml b/spring-security-modules/spring-security-mvc-boot-2/pom.xml
new file mode 100644
index 0000000000..fca38b9714
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/pom.xml
@@ -0,0 +1,246 @@
+
+
+ 4.0.0
+ spring-security-mvc-boot-2
+ 0.0.1-SNAPSHOT
+ spring-security-mvc-boot-2
+ war
+ Spring Security MVC Boot - 2
+
+
+ com.baeldung
+ parent-boot-2
+ 0.0.1-SNAPSHOT
+ ../../parent-boot-2
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+ org.springframework.boot
+ spring-boot-starter-tomcat
+
+
+ org.springframework.boot
+ spring-boot-starter-thymeleaf
+
+
+ org.thymeleaf.extras
+ thymeleaf-extras-springsecurity5
+
+
+ org.springframework.boot
+ spring-boot-starter-data-jpa
+
+
+ org.springframework.security
+ spring-security-data
+
+
+ mysql
+ mysql-connector-java
+ runtime
+
+
+ com.h2database
+ h2
+
+
+ org.postgresql
+ postgresql
+ runtime
+
+
+ org.hamcrest
+ hamcrest-core
+ test
+
+
+ org.hamcrest
+ hamcrest-library
+ test
+
+
+ org.springframework
+ spring-test
+ test
+
+
+ org.springframework.security
+ spring-security-test
+ test
+
+
+ taglibs
+ standard
+ ${taglibs-standard.version}
+
+
+ org.springframework.security
+ spring-security-taglibs
+
+
+ org.springframework.security
+ spring-security-core
+
+
+ javax.servlet.jsp.jstl
+ jstl-api
+ ${jstl.version}
+
+
+ org.springframework.security
+ spring-security-config
+
+
+ org.springframework
+ spring-context-support
+
+
+ net.sf.ehcache
+ ehcache-core
+ ${ehcache-core.version}
+ jar
+
+
+
+
+
+
+ org.codehaus.cargo
+ cargo-maven2-plugin
+ ${cargo-maven2-plugin.version}
+
+ true
+
+ tomcat8x
+ embedded
+
+
+
+
+
+
+ 8082
+
+
+
+
+
+
+
+
+
+ live
+
+
+
+ org.codehaus.cargo
+ cargo-maven2-plugin
+
+
+ start-server
+ pre-integration-test
+
+ start
+
+
+
+ stop-server
+ post-integration-test
+
+ stop
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+
+
+ integration-test
+
+ test
+
+
+
+ none
+
+
+ **/*LiveTest.java
+
+
+ cargo
+
+
+
+
+
+
+
+
+
+
+ entryPoints
+
+
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+
+
+ integration-test
+
+ test
+
+
+
+ **/*LiveTest.java
+ **/*IntegrationTest.java
+ **/*IntTest.java
+
+
+ **/*EntryPointsTest.java
+
+
+
+
+
+
+ json
+
+
+
+
+
+
+
+
+
+ org.baeldung.custom.Application
+
+
+
+
+
+
+
+ 1.1.2
+ 1.6.1
+ 2.6.11
+
+
+
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/H2JdbcAuthenticationApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/H2JdbcAuthenticationApplication.java
new file mode 100644
index 0000000000..6936cdc560
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/H2JdbcAuthenticationApplication.java
@@ -0,0 +1,17 @@
+package org.baeldung.jdbcauthentication.h2;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+@SpringBootApplication
+@EnableWebSecurity
+@PropertySource("classpath:application-defaults.properties")
+public class H2JdbcAuthenticationApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(H2JdbcAuthenticationApplication.class, args);
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/config/SecurityConfiguration.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/config/SecurityConfiguration.java
new file mode 100644
index 0000000000..8b8696f0b2
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/config/SecurityConfiguration.java
@@ -0,0 +1,51 @@
+package org.baeldung.jdbcauthentication.h2.config;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+ @Override
+ protected void configure(HttpSecurity httpSecurity) throws Exception {
+ httpSecurity.authorizeRequests()
+ .antMatchers("/h2-console/**")
+ .permitAll()
+ .anyRequest()
+ .authenticated()
+ .and()
+ .formLogin()
+ .permitAll();
+ httpSecurity.csrf()
+ .ignoringAntMatchers("/h2-console/**");
+ httpSecurity.headers()
+ .frameOptions()
+ .sameOrigin();
+ }
+
+ @Autowired
+ private DataSource dataSource;
+
+ @Autowired
+ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+ auth.jdbcAuthentication()
+ .dataSource(dataSource)
+ .withDefaultSchema()
+ .withUser(User.withUsername("user")
+ .password(passwordEncoder().encode("pass"))
+ .roles("USER"));
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/web/UserController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/web/UserController.java
new file mode 100644
index 0000000000..0955061614
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/h2/web/UserController.java
@@ -0,0 +1,17 @@
+package org.baeldung.jdbcauthentication.h2.web;
+
+import java.security.Principal;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/principal")
+public class UserController {
+
+ @GetMapping
+ public Principal retrievePrincipal(Principal principal) {
+ return principal;
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/MySqlJdbcAuthenticationApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/MySqlJdbcAuthenticationApplication.java
new file mode 100644
index 0000000000..52934e0096
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/MySqlJdbcAuthenticationApplication.java
@@ -0,0 +1,15 @@
+package org.baeldung.jdbcauthentication.mysql;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:application-mysql.properties")
+public class MySqlJdbcAuthenticationApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(MySqlJdbcAuthenticationApplication.class, args);
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/config/SecurityConfiguration.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/config/SecurityConfiguration.java
new file mode 100644
index 0000000000..157c0be748
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/config/SecurityConfiguration.java
@@ -0,0 +1,35 @@
+package org.baeldung.jdbcauthentication.mysql.config;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfiguration {
+
+ @Autowired
+ private DataSource dataSource;
+
+ @Autowired
+ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+ auth.jdbcAuthentication()
+ .dataSource(dataSource)
+ .usersByUsernameQuery("select email,password,enabled "
+ + "from bael_users "
+ + "where email = ?")
+ .authoritiesByUsernameQuery("select email,authority "
+ + "from authorities "
+ + "where email = ?");
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/web/UserController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/web/UserController.java
new file mode 100644
index 0000000000..f1060b5f78
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/mysql/web/UserController.java
@@ -0,0 +1,17 @@
+package org.baeldung.jdbcauthentication.mysql.web;
+
+import java.security.Principal;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/principal")
+public class UserController {
+
+ @GetMapping
+ public Principal retrievePrincipal(Principal principal) {
+ return principal;
+ }
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/PostgreJdbcAuthenticationApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/PostgreJdbcAuthenticationApplication.java
new file mode 100644
index 0000000000..2c4d1a5255
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/PostgreJdbcAuthenticationApplication.java
@@ -0,0 +1,15 @@
+package org.baeldung.jdbcauthentication.postgre;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:application-postgre.properties")
+public class PostgreJdbcAuthenticationApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(PostgreJdbcAuthenticationApplication.class, args);
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/config/SecurityConfiguration.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/config/SecurityConfiguration.java
new file mode 100644
index 0000000000..ba79635852
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/config/SecurityConfiguration.java
@@ -0,0 +1,29 @@
+package org.baeldung.jdbcauthentication.postgre.config;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfiguration {
+
+ @Autowired
+ private DataSource dataSource;
+
+ @Autowired
+ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+ auth.jdbcAuthentication()
+ .dataSource(dataSource);
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/web/UserController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/web/UserController.java
new file mode 100644
index 0000000000..c8fd3812b1
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/jdbcauthentication/postgre/web/UserController.java
@@ -0,0 +1,17 @@
+package org.baeldung.jdbcauthentication.postgre.web;
+
+import java.security.Principal;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/principal")
+public class UserController {
+
+ @GetMapping
+ public Principal retrievePrincipal(Principal principal) {
+ return principal;
+ }
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/CustomAuthenticationProvider.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/CustomAuthenticationProvider.java
new file mode 100644
index 0000000000..1a89c362cd
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/CustomAuthenticationProvider.java
@@ -0,0 +1,31 @@
+package org.baeldung.multipleauthproviders;
+
+import java.util.Collections;
+
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.stereotype.Component;
+
+@Component
+public class CustomAuthenticationProvider implements AuthenticationProvider {
+ @Override
+ public Authentication authenticate(Authentication auth) throws AuthenticationException {
+ final String username = auth.getName();
+ final String password = auth.getCredentials()
+ .toString();
+
+ if ("externaluser".equals(username) && "pass".equals(password)) {
+ return new UsernamePasswordAuthenticationToken(username, password, Collections.emptyList());
+ } else {
+ throw new BadCredentialsException("External system authentication failed");
+ }
+ }
+
+ @Override
+ public boolean supports(Class auth) {
+ return auth.equals(UsernamePasswordAuthenticationToken.class);
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthController.java
new file mode 100644
index 0000000000..b63169bb00
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthController.java
@@ -0,0 +1,13 @@
+package org.baeldung.multipleauthproviders;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class MultipleAuthController {
+
+ @GetMapping("/api/ping")
+ public String getPing() {
+ return "OK";
+ }
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersApplication.java
new file mode 100644
index 0000000000..1f641298c3
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersApplication.java
@@ -0,0 +1,14 @@
+package org.baeldung.multipleauthproviders;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:application-defaults.properties")
+// @ImportResource({ "classpath*:spring-security-multiple-auth-providers.xml" })
+public class MultipleAuthProvidersApplication {
+ public static void main(String[] args) {
+ SpringApplication.run(MultipleAuthProvidersApplication.class, args);
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersSecurityConfig.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersSecurityConfig.java
new file mode 100644
index 0000000000..3819e981a2
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleauthproviders/MultipleAuthProvidersSecurityConfig.java
@@ -0,0 +1,42 @@
+package org.baeldung.multipleauthproviders;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@EnableWebSecurity
+public class MultipleAuthProvidersSecurityConfig extends WebSecurityConfigurerAdapter {
+
+ @Autowired
+ CustomAuthenticationProvider customAuthProvider;
+
+ @Override
+ public void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+ auth.authenticationProvider(customAuthProvider);
+
+ auth.inMemoryAuthentication()
+ .withUser("memuser")
+ .password(passwordEncoder().encode("pass"))
+ .roles("USER");
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.httpBasic()
+ .and()
+ .authorizeRequests()
+ .antMatchers("/api/**")
+ .authenticated();
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/MultipleEntryPointsApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/MultipleEntryPointsApplication.java
new file mode 100644
index 0000000000..847dab073e
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/MultipleEntryPointsApplication.java
@@ -0,0 +1,14 @@
+package org.baeldung.multipleentrypoints;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:application-defaults.properties")
+// @ImportResource({"classpath*:spring-security-multiple-entry.xml"})
+public class MultipleEntryPointsApplication {
+ public static void main(String[] args) {
+ SpringApplication.run(MultipleEntryPointsApplication.class, args);
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/MultipleEntryPointsSecurityConfig.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/MultipleEntryPointsSecurityConfig.java
new file mode 100644
index 0000000000..dc89c83cde
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/MultipleEntryPointsSecurityConfig.java
@@ -0,0 +1,99 @@
+package org.baeldung.multipleentrypoints;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
+import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+
+@Configuration
+@EnableWebSecurity
+public class MultipleEntryPointsSecurityConfig {
+
+ @Bean
+ public UserDetailsService userDetailsService() throws Exception {
+ InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+ manager.createUser(User.withUsername("user").password(encoder().encode("userPass")).roles("USER").build());
+ manager.createUser(User.withUsername("admin").password(encoder().encode("adminPass")).roles("ADMIN").build());
+ return manager;
+ }
+
+ @Bean
+ public PasswordEncoder encoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+ @Configuration
+ @Order(1)
+ public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ //@formatter:off
+ http.antMatcher("/admin/**")
+ .authorizeRequests().anyRequest().hasRole("ADMIN")
+ .and().httpBasic().authenticationEntryPoint(authenticationEntryPoint())
+ .and().exceptionHandling().accessDeniedPage("/403");
+ //@formatter:on
+ }
+
+ @Bean
+ public AuthenticationEntryPoint authenticationEntryPoint(){
+ BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint();
+ entryPoint.setRealmName("admin realm");
+ return entryPoint;
+ }
+ }
+
+ @Configuration
+ @Order(2)
+ public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+ protected void configure(HttpSecurity http) throws Exception {
+
+ //@formatter:off
+ http.antMatcher("/user/**")
+ .authorizeRequests().anyRequest().hasRole("USER")
+ .and().formLogin().loginProcessingUrl("/user/login")
+ .failureUrl("/userLogin?error=loginError").defaultSuccessUrl("/user/myUserPage")
+ .and().logout().logoutUrl("/user/logout").logoutSuccessUrl("/multipleHttpLinks")
+ .deleteCookies("JSESSIONID")
+ .and().exceptionHandling()
+ .defaultAuthenticationEntryPointFor(loginUrlauthenticationEntryPointWithWarning(), new AntPathRequestMatcher("/user/private/**"))
+ .defaultAuthenticationEntryPointFor(loginUrlauthenticationEntryPoint(), new AntPathRequestMatcher("/user/general/**"))
+ .accessDeniedPage("/403")
+ .and().csrf().disable();
+ //@formatter:on
+ }
+
+ @Bean
+ public AuthenticationEntryPoint loginUrlauthenticationEntryPoint(){
+ return new LoginUrlAuthenticationEntryPoint("/userLogin");
+ }
+
+ @Bean
+ public AuthenticationEntryPoint loginUrlauthenticationEntryPointWithWarning(){
+ return new LoginUrlAuthenticationEntryPoint("/userLoginWithWarning");
+ }
+ }
+
+ @Configuration
+ @Order(3)
+ public static class App3ConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+ protected void configure(HttpSecurity http) throws Exception {
+ http.antMatcher("/guest/**").authorizeRequests().anyRequest().permitAll();
+ }
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/PagesController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/PagesController.java
new file mode 100644
index 0000000000..b3462d4061
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multipleentrypoints/PagesController.java
@@ -0,0 +1,48 @@
+package org.baeldung.multipleentrypoints;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+@Controller
+public class PagesController {
+
+ @RequestMapping("/multipleHttpLinks")
+ public String getMultipleHttpLinksPage() {
+ return "multipleHttpElems/multipleHttpLinks";
+ }
+
+ @RequestMapping("/admin/myAdminPage")
+ public String getAdminPage() {
+ return "multipleHttpElems/myAdminPage";
+ }
+
+ @RequestMapping("/user/general/myUserPage")
+ public String getUserPage() {
+ return "multipleHttpElems/myUserPage";
+ }
+
+ @RequestMapping("/user/private/myPrivateUserPage")
+ public String getPrivateUserPage() {
+ return "multipleHttpElems/myPrivateUserPage";
+ }
+
+ @RequestMapping("/guest/myGuestPage")
+ public String getGuestPage() {
+ return "multipleHttpElems/myGuestPage";
+ }
+
+ @RequestMapping("/userLogin")
+ public String getUserLoginPage() {
+ return "multipleHttpElems/login";
+ }
+
+ @RequestMapping("/userLoginWithWarning")
+ public String getUserLoginPageWithWarning() {
+ return "multipleHttpElems/loginWithWarning";
+ }
+
+ @RequestMapping("/403")
+ public String getAccessDeniedPage() {
+ return "403";
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java
new file mode 100644
index 0000000000..90bb5e4260
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginApplication.java
@@ -0,0 +1,15 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:application-defaults.properties")
+@ComponentScan("org.baeldung.multiplelogin")
+public class MultipleLoginApplication {
+ public static void main(String[] args) {
+ SpringApplication.run(MultipleLoginApplication.class, args);
+ }
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java
new file mode 100644
index 0000000000..204b186411
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginMvcConfig.java
@@ -0,0 +1,44 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.ViewResolver;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+import org.springframework.web.servlet.view.InternalResourceViewResolver;
+import org.springframework.web.servlet.view.JstlView;
+import org.springframework.context.annotation.ComponentScan;
+
+@EnableWebMvc
+@Configuration
+@ComponentScan("org.baeldung.controller")
+public class MultipleLoginMvcConfig implements WebMvcConfigurer {
+
+ public MultipleLoginMvcConfig() {
+ super();
+ }
+
+ // API
+
+ @Override
+ public void addViewControllers(final ViewControllerRegistry registry) {
+ registry.addViewController("/anonymous.html");
+
+ registry.addViewController("/login.html");
+ registry.addViewController("/homepage.html");
+ registry.addViewController("/console.html");
+ }
+
+ @Bean
+ public ViewResolver viewResolver() {
+ final InternalResourceViewResolver bean = new InternalResourceViewResolver();
+
+ bean.setViewClass(JstlView.class);
+ bean.setPrefix("/WEB-INF/view/");
+ bean.setSuffix(".jsp");
+
+ return bean;
+ }
+}
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java
new file mode 100644
index 0000000000..9962bf41a9
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/MultipleLoginSecurityConfig.java
@@ -0,0 +1,78 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+@Configuration
+@EnableWebSecurity
+public class MultipleLoginSecurityConfig {
+
+ @Bean
+ public UserDetailsService userDetailsService() throws Exception {
+ InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+ manager.createUser(User.withUsername("user").password(encoder().encode("userPass")).roles("USER").build());
+ manager.createUser(User.withUsername("admin").password(encoder().encode("adminPass")).roles("ADMIN").build());
+ return manager;
+ }
+
+ @Bean
+ public static PasswordEncoder encoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+ @Configuration
+ @Order(1)
+ public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+ public App1ConfigurationAdapter() {
+ super();
+ }
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication().withUser("admin").password(encoder().encode("admin")).roles("ADMIN");
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.antMatcher("/admin*").authorizeRequests().anyRequest().hasRole("ADMIN")
+ // log in
+ .and().formLogin().loginPage("/loginAdmin").loginProcessingUrl("/admin_login").failureUrl("/loginAdmin?error=loginError").defaultSuccessUrl("/adminPage")
+ // logout
+ .and().logout().logoutUrl("/admin_logout").logoutSuccessUrl("/protectedLinks").deleteCookies("JSESSIONID").and().exceptionHandling().accessDeniedPage("/403").and().csrf().disable();
+ }
+ }
+
+ @Configuration
+ @Order(2)
+ public static class App2ConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+ public App2ConfigurationAdapter() {
+ super();
+ }
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication().withUser("user").password(encoder().encode("user")).roles("USER");
+ }
+
+ protected void configure(HttpSecurity http) throws Exception {
+ http.antMatcher("/user*").authorizeRequests().anyRequest().hasRole("USER")
+ // log in
+ .and().formLogin().loginPage("/loginUser").loginProcessingUrl("/user_login").failureUrl("/loginUser?error=loginError").defaultSuccessUrl("/userPage")
+ // logout
+ .and().logout().logoutUrl("/user_logout").logoutSuccessUrl("/protectedLinks").deleteCookies("JSESSIONID").and().exceptionHandling().accessDeniedPage("/403").and().csrf().disable();
+ }
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/UsersController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/UsersController.java
new file mode 100644
index 0000000000..61d7da127c
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/multiplelogin/UsersController.java
@@ -0,0 +1,38 @@
+package org.baeldung.multiplelogin;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class UsersController {
+
+ @GetMapping("/protectedLinks")
+ public String getAnonymousPage() {
+ return "protectedLinks";
+ }
+
+ @GetMapping("/userPage")
+ public String getUserPage() {
+ return "userPage";
+ }
+
+ @GetMapping("/adminPage")
+ public String getAdminPage() {
+ return "adminPage";
+ }
+
+ @GetMapping("/loginAdmin")
+ public String getAdminLoginPage() {
+ return "loginAdmin";
+ }
+
+ @GetMapping("/loginUser")
+ public String getUserLoginPage() {
+ return "loginUser";
+ }
+
+ @GetMapping("/403")
+ public String getAccessDeniedPage() {
+ return "403";
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/HttpsEnabledApplication.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/HttpsEnabledApplication.java
new file mode 100644
index 0000000000..17c249067c
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/HttpsEnabledApplication.java
@@ -0,0 +1,16 @@
+package org.baeldung.ssl;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:application-defaults.properties")
+public class HttpsEnabledApplication {
+
+ public static void main(String... args) {
+ SpringApplication application = new SpringApplication(HttpsEnabledApplication.class);
+ application.setAdditionalProfiles("ssl");
+ application.run(args);
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/SecurityConfig.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/SecurityConfig.java
new file mode 100644
index 0000000000..92f92d8fc7
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/SecurityConfig.java
@@ -0,0 +1,16 @@
+package org.baeldung.ssl;
+
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.authorizeRequests()
+ .antMatchers("/**")
+ .permitAll();
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/WelcomeController.java b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/WelcomeController.java
new file mode 100644
index 0000000000..72ad8abb85
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/java/org/baeldung/ssl/WelcomeController.java
@@ -0,0 +1,15 @@
+package org.baeldung.ssl;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Controller
+public class WelcomeController {
+
+ @GetMapping("/welcome")
+ public String welcome() {
+ return "ssl/welcome";
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-defaults.properties b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-defaults.properties
new file mode 100644
index 0000000000..e2032c4a6b
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-defaults.properties
@@ -0,0 +1,13 @@
+spring.datasource.driver-class-name=org.h2.Driver
+spring.datasource.url=jdbc:h2:mem:security_permission;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
+spring.datasource.username=sa
+spring.datasource.password=
+spring.jpa.hibernate.ddl-auto=create-drop
+spring.jpa.database=H2
+spring.jpa.show-sql=false
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.H2Dialect
+
+#logging.level.org.springframework.security.web.FilterChainProxy=DEBUG
+
+spring.h2.console.enabled=true
+spring.h2.console.path=/h2-console
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-mysql.properties b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-mysql.properties
new file mode 100644
index 0000000000..568d0c5ca3
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-mysql.properties
@@ -0,0 +1,9 @@
+spring.datasource.platform=mysql
+spring.datasource.url=jdbc:mysql://localhost:3306/jdbc_authentication
+spring.datasource.username=root
+spring.datasource.password=pass
+
+spring.datasource.initialization-mode=always
+spring.jpa.hibernate.ddl-auto=none
+
+spring.profiles.active=mysql
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-postgre.properties b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-postgre.properties
new file mode 100644
index 0000000000..69faece45e
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-postgre.properties
@@ -0,0 +1,7 @@
+spring.datasource.platform=postgre
+spring.datasource.url=jdbc:postgresql://localhost:5432/jdbc_authentication
+spring.datasource.username=postgres
+spring.datasource.password=pass
+
+spring.datasource.initialization-mode=always
+spring.jpa.hibernate.ddl-auto=none
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-ssl.properties b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-ssl.properties
new file mode 100644
index 0000000000..090b775d03
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application-ssl.properties
@@ -0,0 +1,20 @@
+
+http.port=8080
+
+server.port=8443
+
+security.require-ssl=true
+
+# The format used for the keystore
+server.ssl.key-store-type=PKCS12
+# The path to the keystore containing the certificate
+server.ssl.key-store=classpath:keystore/baeldung.p12
+# The password used to generate the certificate
+server.ssl.key-store-password=password
+# The alias mapped to the certificate
+server.ssl.key-alias=baeldung
+
+#trust store location
+trust.store=classpath:keystore/baeldung.p12
+#trust store password
+trust.store.password=password
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application.properties b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application.properties
new file mode 100644
index 0000000000..3cf12afeb9
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/application.properties
@@ -0,0 +1 @@
+server.port=8082
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/data-mysql.sql b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/data-mysql.sql
new file mode 100644
index 0000000000..8214fd8204
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/data-mysql.sql
@@ -0,0 +1,4 @@
+-- User user@email.com/pass
+INSERT INTO bael_users (name, email, password, enabled) values ('user', 'user@email.com', '$2a$10$8.UnVuG9HHgffUDAlk8qfOuVGkqRzgVymGe07xd00DMxs.AQubh4a', 1);
+
+INSERT INTO authorities (email, authority) values ('user@email.com', 'ROLE_USER');
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/data-postgre.sql b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/data-postgre.sql
new file mode 100644
index 0000000000..fcc6b54949
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/data-postgre.sql
@@ -0,0 +1,4 @@
+-- User user/pass
+INSERT INTO users (username, password, enabled) values ('user', '$2a$10$8.UnVuG9HHgffUDAlk8qfOuVGkqRzgVymGe07xd00DMxs.AQubh4a', true);
+
+INSERT INTO authorities (username, authority) values ('user', 'ROLE_USER');
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/keystore/baeldung.p12 b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/keystore/baeldung.p12
new file mode 100644
index 0000000000..cd8eb28429
Binary files /dev/null and b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/keystore/baeldung.p12 differ
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/logback.xml b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/logback.xml
new file mode 100644
index 0000000000..7d900d8ea8
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/logback.xml
@@ -0,0 +1,13 @@
+
+
+
+
+ %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/persistence-h2.properties b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/persistence-h2.properties
new file mode 100644
index 0000000000..a4b2af6361
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/persistence-h2.properties
@@ -0,0 +1,8 @@
+driverClassName=org.h2.Driver
+url=jdbc:h2:mem:myDb;DB_CLOSE_DELAY=-1
+username=sa
+password=
+
+hibernate.dialect=org.hibernate.dialect.H2Dialect
+hibernate.show_sql=false
+hibernate.hbm2ddl.auto=create-drop
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/schema-mysql.sql b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/schema-mysql.sql
new file mode 100644
index 0000000000..bb38c74366
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/schema-mysql.sql
@@ -0,0 +1,18 @@
+DROP TABLE IF EXISTS authorities;
+DROP TABLE IF EXISTS bael_users;
+
+CREATE TABLE bael_users (
+ name VARCHAR(50) NOT NULL,
+ email VARCHAR(50) NOT NULL,
+ password VARCHAR(100) NOT NULL,
+ enabled TINYINT NOT NULL DEFAULT 1,
+ PRIMARY KEY (email)
+);
+
+CREATE TABLE authorities (
+ email VARCHAR(50) NOT NULL,
+ authority VARCHAR(50) NOT NULL,
+ FOREIGN KEY (email) REFERENCES bael_users(email)
+);
+
+CREATE UNIQUE INDEX ix_auth_email on authorities (email,authority);
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/schema-postgre.sql b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/schema-postgre.sql
new file mode 100644
index 0000000000..d78edfb528
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/schema-postgre.sql
@@ -0,0 +1,16 @@
+DROP TABLE IF EXISTS authorities;
+DROP TABLE IF EXISTS users;
+
+CREATE TABLE users (
+ username varchar(50) NOT NULL PRIMARY KEY,
+ password varchar(100) NOT NULL,
+ enabled boolean not null DEFAULT true
+);
+
+CREATE TABLE authorities (
+ username varchar(50) NOT NULL,
+ authority varchar(50) NOT NULL,
+ CONSTRAINT foreign_authorities_users_1 foreign key(username) references users(username)
+);
+
+CREATE UNIQUE INDEX ix_auth_username on authorities (username,authority);
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/spring-security-multiple-auth-providers.xml b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/spring-security-multiple-auth-providers.xml
new file mode 100644
index 0000000000..4cfa6bbf26
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/spring-security-multiple-auth-providers.xml
@@ -0,0 +1,24 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/spring-security-multiple-entry.xml b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/spring-security-multiple-entry.xml
new file mode 100644
index 0000000000..c026700810
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/spring-security-multiple-entry.xml
@@ -0,0 +1,65 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/403.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/403.html
new file mode 100644
index 0000000000..20550768cf
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/403.html
@@ -0,0 +1,10 @@
+
+
+
+
+
+
+
+You do not have permission to view this page.
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/adminPage.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/adminPage.html
new file mode 100644
index 0000000000..13aff9b15a
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/adminPage.html
@@ -0,0 +1,13 @@
+
+
+
+
+Insert title here
+
+
+Welcome admin! Logout
+
+
+Back to links
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/index.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/index.html
new file mode 100644
index 0000000000..8e7394ad6a
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/index.html
@@ -0,0 +1,21 @@
+
+
+
+
+Spring Security Thymeleaf
+
+
+
+
+
+
+ Welcome
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/login.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/login.html
new file mode 100644
index 0000000000..dd6bd04767
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/login.html
@@ -0,0 +1,27 @@
+
+
+
+
+
Login
+
+
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/loginAdmin.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/loginAdmin.html
new file mode 100644
index 0000000000..43d0e73233
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/loginAdmin.html
@@ -0,0 +1,31 @@
+
+
+
+
+Insert title here
+
+
+
+
Admin login page
+
+
+
Login failed!
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/loginUser.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/loginUser.html
new file mode 100644
index 0000000000..bf4ddd48bc
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/loginUser.html
@@ -0,0 +1,30 @@
+
+
+
+
+Login
+
+
+
+
User login page
+
+
+
Login failed!
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/login.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/login.html
new file mode 100644
index 0000000000..2119baec66
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/login.html
@@ -0,0 +1,27 @@
+
+
+
+
+
Login
+
+
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/loginWithWarning.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/loginWithWarning.html
new file mode 100644
index 0000000000..a5b2eaf3dc
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/loginWithWarning.html
@@ -0,0 +1,28 @@
+
+
+
+
+
Login
+
Warning! You are about to access sensible data!
+
+
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/multipleHttpLinks.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/multipleHttpLinks.html
new file mode 100644
index 0000000000..676badb16f
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/multipleHttpLinks.html
@@ -0,0 +1,18 @@
+
+
+
+
+Multiple Http Elements Links
+
+
+
+Admin page
+
+User page
+
+Private user page
+
+Guest page
+
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myAdminPage.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myAdminPage.html
new file mode 100644
index 0000000000..3003833562
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myAdminPage.html
@@ -0,0 +1,13 @@
+
+
+
+
+Admin Page
+
+
+Welcome admin!
+
+
+Back to links
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myGuestPage.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myGuestPage.html
new file mode 100644
index 0000000000..47a4c9c44a
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myGuestPage.html
@@ -0,0 +1,13 @@
+
+
+
+
+Guest Page
+
+
+Welcome guest!
+
+
+Back to links
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myPrivateUserPage.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myPrivateUserPage.html
new file mode 100644
index 0000000000..52045ec320
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myPrivateUserPage.html
@@ -0,0 +1,13 @@
+
+
+
+
+Insert title here
+
+
+Welcome user to your private page! Logout
+
+
+Back to links
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myUserPage.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myUserPage.html
new file mode 100644
index 0000000000..f6c2def0b8
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/multipleHttpElems/myUserPage.html
@@ -0,0 +1,13 @@
+
+
+
+
+User Page
+
+
+Welcome user! Logout
+
+
+Back to links
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/private.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/private.html
new file mode 100644
index 0000000000..035d84bbbd
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/private.html
@@ -0,0 +1,10 @@
+
+
+
+ Private
+
+
+
Congrats!
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/protectedLinks.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/protectedLinks.html
new file mode 100644
index 0000000000..1877464fe5
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/protectedLinks.html
@@ -0,0 +1,13 @@
+
+
+
+
+Insert title here
+
+
+
+User page
+
+Admin page
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/ssl/welcome.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/ssl/welcome.html
new file mode 100644
index 0000000000..93b3577f5c
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/ssl/welcome.html
@@ -0,0 +1 @@
+
Welcome to Secured Site
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/userPage.html b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/userPage.html
new file mode 100644
index 0000000000..894a225871
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/main/resources/templates/userPage.html
@@ -0,0 +1,12 @@
+
+
+
+
+Insert title here
+
+
+Welcome user! Logout
+
+Back to links
+
+
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/h2/SpringContextTest.java b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/h2/SpringContextTest.java
new file mode 100644
index 0000000000..659dad9155
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/h2/SpringContextTest.java
@@ -0,0 +1,16 @@
+package org.baeldung.jdbcauthentication.h2;
+
+import org.baeldung.jdbcauthentication.h2.H2JdbcAuthenticationApplication;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(classes = H2JdbcAuthenticationApplication.class)
+public class SpringContextTest {
+
+ @Test
+ public void whenSpringContextIsBootstrapped_thenNoExceptions() {
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/h2/web/UserControllerLiveTest.java b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/h2/web/UserControllerLiveTest.java
new file mode 100644
index 0000000000..638e9d7919
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/h2/web/UserControllerLiveTest.java
@@ -0,0 +1,35 @@
+package org.baeldung.jdbcauthentication.h2.web;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.is;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpStatus;
+
+import io.restassured.authentication.FormAuthConfig;
+import io.restassured.filter.session.SessionFilter;
+
+/**
+ * This Live Test requires the H2JdbcAuthenticationApplication application to be up and running
+ */
+public class UserControllerLiveTest {
+
+ private static final String PRINCIPAL_SVC_URL = "http://localhost:8082/principal";
+
+ @Test
+ public void givenExisting_whenRequestPrincipal_thenRetrieveData() throws Exception {
+ SessionFilter filter = new SessionFilter();
+ given().auth()
+ .form("user", "pass", new FormAuthConfig("/login", "username", "password").withCsrfFieldName("_csrf"))
+ .and()
+ .filter(filter)
+ .when()
+ .get(PRINCIPAL_SVC_URL)
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .and()
+ .body("authorities[0].authority", is("ROLE_USER"))
+ .body("principal.username", is("user"))
+ .body("name", is("user"));
+ }
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/mysql/web/UserControllerLiveTest.java b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/mysql/web/UserControllerLiveTest.java
new file mode 100644
index 0000000000..261063cbb6
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/mysql/web/UserControllerLiveTest.java
@@ -0,0 +1,35 @@
+package org.baeldung.jdbcauthentication.mysql.web;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.is;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpStatus;
+
+/**
+ * This Live Test requires:
+ * * a MySql instance running, that allows a 'root' user with password 'pass', and with a database named jdbc_authentication
+ * (e.g. with the following command `docker run -p 3306:3306 --name bael-mysql -e MYSQL_ROOT_PASSWORD=pass -e MYSQL_DATABASE=jdbc_authentication mysql:latest`)
+ * * the service up and running
+ *
+ */
+public class UserControllerLiveTest {
+
+ private static final String PRINCIPAL_SVC_URL = "http://localhost:8082/principal";
+
+ @Test
+ public void givenExisting_whenRequestPrincipal_thenRetrieveData() throws Exception {
+ given().auth()
+ .preemptive()
+ .basic("user@email.com", "pass")
+ .when()
+ .get(PRINCIPAL_SVC_URL)
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .and()
+ .body("authorities[0].authority", is("ROLE_USER"))
+ .body("principal.username", is("user@email.com"))
+ .body("name", is("user@email.com"));
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/postgre/web/UserControllerLiveTest.java b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/postgre/web/UserControllerLiveTest.java
new file mode 100644
index 0000000000..82bf6df8db
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/jdbcauthentication/postgre/web/UserControllerLiveTest.java
@@ -0,0 +1,35 @@
+package org.baeldung.jdbcauthentication.postgre.web;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.is;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpStatus;
+
+/**
+ * This Live Test requires:
+ * * a PostgreSQL instance running, that allows a 'root' user with password 'pass', and with a database named jdbc_authentication
+ * (e.g. with the following command `docker run -p 5432:5432 --name bael-postgre -e POSTGRES_PASSWORD=pass -e POSTGRES_DB=jdbc_authentication postgres:latest`)
+ * * the service up and running
+ *
+ */
+public class UserControllerLiveTest {
+
+ private static final String PRINCIPAL_SVC_URL = "http://localhost:8082/principal";
+
+ @Test
+ public void givenExisting_whenRequestPrincipal_thenRetrieveData() throws Exception {
+ given().auth()
+ .preemptive()
+ .basic("user", "pass")
+ .when()
+ .get(PRINCIPAL_SVC_URL)
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .and()
+ .body("authorities[0].authority", is("ROLE_USER"))
+ .body("principal.username", is("user"))
+ .body("name", is("user"));
+ }
+
+}
diff --git a/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/web/HttpsApplicationIntegrationTest.java b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/web/HttpsApplicationIntegrationTest.java
new file mode 100644
index 0000000000..fe7883ec94
--- /dev/null
+++ b/spring-security-modules/spring-security-mvc-boot-2/src/test/java/org/baeldung/web/HttpsApplicationIntegrationTest.java
@@ -0,0 +1,56 @@
+package org.baeldung.web;
+
+import org.apache.http.client.HttpClient;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.ssl.SSLContextBuilder;
+import org.baeldung.ssl.HttpsEnabledApplication;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.core.io.Resource;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.web.client.RestTemplate;
+
+import javax.net.ssl.SSLContext;
+import java.util.Collections;
+
+import static org.junit.Assert.assertEquals;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(classes = HttpsEnabledApplication.class, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
+@ActiveProfiles("ssl")
+public class HttpsApplicationIntegrationTest {
+
+ private static final String WELCOME_URL = "https://localhost:8443/welcome";
+
+ @Value("${trust.store}")
+ private Resource trustStore;
+
+ @Value("${trust.store.password}")
+ private String trustStorePassword;
+
+ @Test
+ public void whenGETanHTTPSResource_thenCorrectResponse() throws Exception {
+ ResponseEntity response = restTemplate().getForEntity(WELCOME_URL, String.class, Collections.emptyMap());
+
+ assertEquals("