How SpringBoot AutoConfiguration magic works?

In my previous post Why SpringBoot? we have looked at how to create a SpringBoot application. But you may or may not understand what is going on behind the scenes. You may want to understand the magic behind the SpringBoot’s AutoConfiguration. But before that you should know about Spring’s @Conditional feature based on which all the SpringBoot’s AutoConfiguration magic depends. Exploring the power of @Conditional While developing Spring based applications we may come across of a need to register beans conditionally.

Continue reading »

Why SpringBoot?

Spring is a very popular Java based framework for building web and enterprise applications. Unlike many other frameworks which focuses on only one area, Spring framework provides a wide verity of features addressing the modern business needs via its portfolio projects. Spring framework provides flexibility to configure the beans in multiple ways such as XML, Annotations and JavaConfig. With the number of features increased the complexity also gets increased and configuring Spring applications becomes tedious and error-prone.

Continue reading »

JCart: Configuring HTTPS SSL/TLS

So far our JCart application is running on Tomcat default port 8080 using HTTP protocol. In this article we will configure to use HTTPS by using Self Signed Certificate. For real projects you would have to buy certificate from a Trusted Authority. I would like to run ShoppingCart site on https://host:8443 and if anyone tries to access it from http://host:8080 it should redirect to https://host:8443. Similarly I would like to run Administration site on https://host:9443 and if anyone tries to access it from http://host:9090 it should redirect to https://host:9443.

Continue reading »

JCart: Admin Reset Password

Once the Admin User clicked on Password Reset Link that we sent via Email, we will validate the Token and if is valid then we will show a form to enter New Password, otherwise shows an error. @Controller public class UserAuthController extends JCartAdminBaseController { ... @RequestMapping(value="/resetPwd", method=RequestMethod.GET) public String resetPwd(HttpServletRequest request, Model model, RedirectAttributes redirectAttributes) { String email = request.getParameter("email"); String token = request.getParameter("token"); boolean valid = securityService.verifyPasswordResetToken(email, token); if(valid){ model.

Continue reading »

JCart: Admin Forgot Password

We will provide a link to Forgot Password in Login page and create jcart-admin/src/main/resources/templates/public/forgotPwd.html template as follows: <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org" layout:decorator="layout/guestLayout"> <head> <title>Forgot Password</title> </head> <body > <div layout:fragment="content"> <form action="forgotPwd" th:action="@{/forgotPwd}" method="post"> <input type="email" class="form-control" name="email" placeholder="Email"/> <button type="submit" class="btn btn-primary btn-block btn-flat" th:text="#{label.submit}">Submit</button> </form> </div> </body> </html> When Admin user enters the email address and submit we will generate a token, store it in our DB and generates a Reset Password Link and send it to their email.

Continue reading »

JCart: Email Service SetUp

We are going to implement Admin User Forgot Password functionality where we need to send the Password Reset link to User email address. So let us look at how to configure Email server and send emails. Spring provides support for sending Emails using JavaMailSender. SpringBoot makes it even easier by providing a starter for emailing support. As we need Emailing feature in both Admin and ShoppingCart modules, we will implement the emailing functionality in jcart-core module.

Continue reading »

JCart: Configuring Spring Security

Our JCart Administration site should only be accessible to authorized users only. So, we are going to use SpringSecurity to define the security constraints. Let us add the following spring-security dependencies to jcart-admin/pom.xml. <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.thymeleaf.extras</groupId> <artifactId>thymeleaf-extras-springsecurity4</artifactId> </dependency> If we have predefined set of Roles then we can specify the URL patterns and its required Roles something like this: http .authorizeRequests() .antMatchers("/login","/login/form**","/register","/logout").permitAll() .antMatchers("/admin","/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() But we need provision to dynamically create new roles as well, hence we can’t statically define constraints using role names.

Continue reading »

JCart: Admin UI Layout SetUp

As I am not really a good UI designer I searched for a free good looking UI website Admin templates and I found this fantastic template https://almsaeedstudio.com/preview. We will be using this template for our Administration web application. We are going to use Thymeleaf templates for our View layer. Thymeleaf offers facelets style templating mechanism. Basically we need 2 layout templates, one for unauthorized views like Login/ForgotPassword etc and another for authorized users.

Continue reading »

JCart: Create JPA Entities

We are going to create the JPA Entities for the database tables we designed. @Entity @Table(name="users") public class User { @Id @GeneratedValue(strategy=GenerationType.AUTO) private Integer id; @Column(nullable=false) @NotEmpty() private String name; @Column(nullable=false, unique=true) @NotEmpty @Email(message="{errors.invalid_email}") private String email; @Column(nullable=false) @NotEmpty @Size(min=4) private String password; private String passwordResetToken; @ManyToMany(cascade=CascadeType.MERGE) @JoinTable( name="user_role", joinColumns={@JoinColumn(name="USER_ID", referencedColumnName="ID")}, inverseJoinColumns={@JoinColumn(name="ROLE_ID", referencedColumnName="ID")}) private List<Role> roles; //setters & getters } @Entity @Table(name="roles") public class Role { @Id @GeneratedValue(strategy=GenerationType.AUTO) private Integer id; @Column(nullable=false, unique=true) @NotEmpty private String name; @Column(length=1024) private String description; @ManyToMany(mappedBy="roles") private List<User> users; @ManyToMany @JoinTable( name="role_permission", joinColumns={@JoinColumn(name="ROLE_ID", referencedColumnName="ID")}, inverseJoinColumns={@JoinColumn(name="PERM_ID", referencedColumnName="ID")}) private List<Permission> permissions; //setters & getters } @Entity @Table(name="permissions") public class Permission { @Id @GeneratedValue(strategy=GenerationType.

Continue reading »

JCart: Domain Modelling and Database Designing

While developing database driven applications using some ORM framework, some people prefer Object first approach and others follow DB first approach. I prefer DB first approach. So, let us start listing down all the domain entities in our JCart application domain. Product Category Customer Order OrderItem Cart Address User Role Permission Let us create the database tables as follows: Though we identified Cart as a domain entity, we are not creating the table for holding the Cart details.

Continue reading »