1
00:00:00,240 --> 00:00:07,920
By now, we have spent enough time understanding spring security, user management interfaces, class

2
00:00:07,920 --> 00:00:14,870
and default implementations provided by spring security like in memory user details, manager Judy PC

3
00:00:14,880 --> 00:00:16,260
user details manager.

4
00:00:16,590 --> 00:00:22,980
And we all just so like what is the importance of user details where it maintains the contact and schema

5
00:00:22,980 --> 00:00:23,730
of the user?

6
00:00:24,060 --> 00:00:28,190
And what is user detailed service and what is user manager?

7
00:00:28,440 --> 00:00:35,490
So as of now, we aligned ourselves with the spring framework and we fugitivity user details, manager

8
00:00:35,490 --> 00:00:38,930
and in memory detail to user manager to perform authentication.

9
00:00:39,120 --> 00:00:49,230
But in this video, let's try to create our own custom table hasbara requirement and change spring security

10
00:00:49,230 --> 00:00:56,050
behavior by implementing user detail service where I can tell spring framework.

11
00:00:56,070 --> 00:01:02,700
These are my table and these are my column names which are not similar to what you are maintaining in

12
00:01:02,700 --> 00:01:03,840
such a framework.

13
00:01:04,019 --> 00:01:11,430
But still, I want to leverage them to perform authentication so far that let's quickly go ahead and

14
00:01:11,430 --> 00:01:14,010
create a new table in the database.

15
00:01:14,130 --> 00:01:19,980
I'm just running use is bank and now I'm creating a new table here.

16
00:01:19,980 --> 00:01:27,240
The table name is customer and I have an email and password which I intentionally put the column name

17
00:01:27,240 --> 00:01:28,140
SPW.

18
00:01:28,920 --> 00:01:36,630
And instead of authorities, I just put as a rule, suppose that I will insert a rule also for our testing

19
00:01:36,630 --> 00:01:37,200
purpose.

20
00:01:37,560 --> 00:01:43,830
I'm inserting one email, which is John, a direct example dot com followed by password.

21
00:01:43,840 --> 00:01:46,950
Also, this time I change to request five, four, three, two, one.

22
00:01:47,100 --> 00:01:48,300
And the rule is admin.

23
00:01:48,600 --> 00:01:53,210
So now we have a new table and we also insert the card inside.

24
00:01:53,850 --> 00:02:00,690
So one thing that you have to observe here is we are not following spring security conventions like

25
00:02:00,690 --> 00:02:04,050
my table name is not user, it is customer.

26
00:02:04,380 --> 00:02:11,910
And at the same time I don't have a username and password columns, but instead I have my own columns

27
00:02:11,910 --> 00:02:15,690
like email and PWP, which indicates password I use.

28
00:02:15,990 --> 00:02:24,030
So now let's go to the code and try to do some changes to the new table that we have created.

29
00:02:24,180 --> 00:02:33,150
For that, we are going to use a repository framework to perform Crota operations onto the database.

30
00:02:33,420 --> 00:02:36,390
If we are aware of J-P, it's more than enough.

31
00:02:36,630 --> 00:02:40,440
But if you are new to the JP, there is no worry here.

32
00:02:40,620 --> 00:02:45,470
I will make sure that your understanding whatever is needed for storing security perspective.

33
00:02:45,720 --> 00:02:53,640
So the very first thing that I have to do is in JP, I have to create the Bojo class, which indicate

34
00:02:53,640 --> 00:02:56,530
our presence in database table.

35
00:02:56,790 --> 00:02:59,870
So in this scenario, my table name is customer.

36
00:02:59,880 --> 00:03:04,760
So I met my class to customer and whenever you mark direct entity.

37
00:03:05,040 --> 00:03:12,470
So this represents Springboard and [REMOVED] that this class is a representation of a database table with

38
00:03:12,540 --> 00:03:13,800
the name customer.

39
00:03:14,490 --> 00:03:20,650
And at the same time we have declared in the database ideas auto generated and Primerica.

40
00:03:20,880 --> 00:03:29,010
That's where I have used these two annotations which tell a framework that this is a primary key and

41
00:03:29,010 --> 00:03:35,700
you have to generate sequence number one, that we are trying to insert a new record into the database

42
00:03:35,700 --> 00:03:37,530
for this customer table.

43
00:03:37,870 --> 00:03:47,430
Bozkurt, we should also create Java variables similar to column names where I am just maintaining the

44
00:03:47,550 --> 00:03:55,830
same names like email, BWB, and if there is a change in the name, then Kippie cannot detect to which

45
00:03:55,830 --> 00:03:57,360
column you are trying to refer.

46
00:03:57,510 --> 00:04:03,510
But if there is a scenario where you want to maintain different Java variable name and different database

47
00:04:03,510 --> 00:04:12,990
column, there is always a direct column annotation which you can leverage to mention which column you

48
00:04:12,990 --> 00:04:14,400
are speaking about.

49
00:04:14,670 --> 00:04:20,970
But in this scenario, since we are good to go with whatever we have created in the database, I'm just

50
00:04:20,970 --> 00:04:24,290
keeping the team and Bozak that we should have it.

51
00:04:24,720 --> 00:04:26,910
That doesn't satisfy the customer.

52
00:04:27,570 --> 00:04:32,750
Now we have created a representation of my customer Taperoo.

53
00:04:33,030 --> 00:04:36,490
Now I should have a repository also.

54
00:04:36,660 --> 00:04:45,540
So in J-P we have a great repository repository, which are the classes and interfaces which will help

55
00:04:45,540 --> 00:04:49,080
me to perform Crota operations on to my table.

56
00:04:49,290 --> 00:04:57,630
So in this scenario, I'm creating an interface called Customer Repository, which extends current repository

57
00:04:57,630 --> 00:04:59,760
provided by spring to be a framework.

58
00:05:00,120 --> 00:05:07,120
Here I have to give an indication that this repository is specific to customer people.

59
00:05:07,320 --> 00:05:14,330
That's why go and use the customer for class that are in the class that I have created previously.

60
00:05:14,790 --> 00:05:19,710
And the primary key is of type along the beauty of Japanese.

61
00:05:19,960 --> 00:05:28,320
You don't have to write my if cual statements to fetch records or to update or insert records.

62
00:05:28,330 --> 00:05:37,050
For example, here I just wanted to fetch the records from my customer table based upon e-mail of the

63
00:05:37,050 --> 00:05:37,480
user.

64
00:05:37,830 --> 00:05:46,340
So here my customer repository already knows this is the table name and when I say fine by yeaman to

65
00:05:46,350 --> 00:05:55,350
G.P.A. internally regenerator implementation of this abstract method and it will be the Escuela Statman

66
00:05:55,660 --> 00:06:01,510
whatever condition having email is equal to so-and-so or whatever input we are providing.

67
00:06:01,830 --> 00:06:03,240
So that's the beauty of.

68
00:06:04,110 --> 00:06:05,970
So here I'm saying fine by him.

69
00:06:06,300 --> 00:06:13,800
If I say fine by email and password then since there is a unconditioned in my method name.

70
00:06:13,950 --> 00:06:20,010
So G.P.A. is Martynov to detect that their condition should have both email and password.

71
00:06:20,250 --> 00:06:27,000
And the return type of this method is a list of customers who may get one customer on more than one

72
00:06:27,000 --> 00:06:29,160
customer based upon the email.

73
00:06:29,460 --> 00:06:35,910
So now we have implemented the repository and at the same time we have an entity class, so we have

74
00:06:36,090 --> 00:06:41,150
enough G.P.A. details to fetch records from customer table.

75
00:06:41,580 --> 00:06:49,230
Next, as we are discussing in the previous reviews, Spring Framework understand users details that

76
00:06:49,230 --> 00:06:50,670
we provide like here.

77
00:06:50,670 --> 00:06:53,700
I'm just having the user details in terms of customer.

78
00:06:53,850 --> 00:06:59,880
But spring security can't understand that in order to make us bring security to understand, we should

79
00:06:59,880 --> 00:07:04,770
always create a class which implements user details interface.

80
00:07:05,040 --> 00:07:13,320
For that, I have created the same customer with a different name security customer, which implements

81
00:07:13,320 --> 00:07:14,250
user details.

82
00:07:14,460 --> 00:07:21,930
So obviously whenever we are implementing user details, we have to override all these methods and implement

83
00:07:22,110 --> 00:07:23,600
like what is a good password.

84
00:07:23,620 --> 00:07:29,850
Get username is a concern expressed so by default for all of them I have put through because in our

85
00:07:29,850 --> 00:07:35,820
application we don't have a requirement to perform some logic to indicate whether the account is logged

86
00:07:35,820 --> 00:07:37,950
or expired or enabled.

87
00:07:38,220 --> 00:07:43,780
So that way, for now, this matters always indicate a return true value.

88
00:07:43,810 --> 00:07:47,570
That means there is no negative action will be performed on the user.

89
00:07:48,090 --> 00:07:55,650
Now, on top of that, we have three important methods, which is get user name, get password and get

90
00:07:55,650 --> 00:07:56,370
authorities.

91
00:07:56,490 --> 00:08:02,850
So these are the methods will be called by spring security while performing authentication operation.

92
00:08:03,000 --> 00:08:13,110
So far that what I have done is I have wrapped my customer object or class inside this and would want

93
00:08:13,110 --> 00:08:17,850
to create a user which can be understand by spring security.

94
00:08:18,210 --> 00:08:26,310
They have to call the security customer by using it constructor along with the customer Poggio object

95
00:08:26,310 --> 00:08:28,050
that we have created previously.

96
00:08:28,200 --> 00:08:36,600
So once we have done that, I'm saying password you can get by going into the get BWB column and at

97
00:08:36,600 --> 00:08:38,640
the same time user name also.

98
00:08:38,820 --> 00:08:41,840
I'm saying you can get by going to get email.

99
00:08:42,000 --> 00:08:43,240
That means to.

100
00:08:43,260 --> 00:08:47,180
We are following two different naming conventions like spring security.

101
00:08:47,190 --> 00:08:53,880
Always expect you to maintain your user credentials as username and password spelling.

102
00:08:54,180 --> 00:08:58,290
But here we are maintaining it as email and PWP.

103
00:08:58,410 --> 00:09:04,980
So this is how you spell framework to maintaining different naming conventions.

104
00:09:05,340 --> 00:09:10,790
You can go ahead and use the these details present, insert a custom.

105
00:09:10,920 --> 00:09:19,200
Similarly for authorities, we are taking roles inside customer and converting them into granted authority

106
00:09:19,230 --> 00:09:21,390
and returning to the spring frame.

107
00:09:21,870 --> 00:09:29,400
So now we have user representation of our customer table also, which is security customer.

108
00:09:29,700 --> 00:09:38,040
Now, what I will do is I will go ahead and implement user detail service aspart requirement.

109
00:09:38,250 --> 00:09:45,210
So in this scenario, I'm not implementing user details manager because I don't have a requirement of

110
00:09:45,210 --> 00:09:49,050
creating, deleting, updating or changing passwords.

111
00:09:49,050 --> 00:09:50,820
Such requirements in my application.

112
00:09:51,060 --> 00:09:55,410
I always have a requirement to validate the user is not.

113
00:09:55,650 --> 00:09:55,860
So.

114
00:09:55,860 --> 00:09:56,430
That's right.

115
00:09:56,910 --> 00:09:59,400
I just going with the user details service.

116
00:09:59,770 --> 00:10:07,450
But you are free to do some Hanton on user details manager, and you can implement all other methods

117
00:10:07,450 --> 00:10:14,830
provided by you, but here I can show you how we can implement one method, the similar ways you can

118
00:10:14,830 --> 00:10:18,540
easily adopt for other methods inside user details manager.

119
00:10:18,550 --> 00:10:25,010
If we have such requirement and we can always refer sample implementations of user details, manager

120
00:10:25,320 --> 00:10:32,020
and in-memory as a reference whenever you have such requirements to implement user details.

121
00:10:32,950 --> 00:10:41,260
So here I have only one method inside it, which is law user by user, and this method will always return

122
00:10:41,290 --> 00:10:43,660
user details type object.

123
00:10:43,930 --> 00:10:52,360
So here my framework knows that I haven't sample user detailed service implementation and that's where

124
00:10:52,600 --> 00:10:59,840
it will always use this as a current user details and it will never go to the default implementations.

125
00:11:00,220 --> 00:11:07,120
So since there are a couple of things, that framework will take it in this scenario, since I am implementing

126
00:11:07,120 --> 00:11:13,780
User Detail Service, this is a bank user details service will be the current implementation and it

127
00:11:13,780 --> 00:11:17,740
will call for user by user name and runtime.

128
00:11:18,010 --> 00:11:24,280
And at the same time, since security customer, which implements user details, it will consider this

129
00:11:24,280 --> 00:11:27,290
is the user representation for this application.

130
00:11:27,460 --> 00:11:35,560
So once we have that call is happening, we take that user name and we call our fine by email, which

131
00:11:35,560 --> 00:11:37,780
is inside our repository interface.

132
00:11:38,020 --> 00:11:45,700
And that will go ahead and look into the database with the email and we give me a customer list objects

133
00:11:46,150 --> 00:11:50,850
since in this scenario we always have only one object.

134
00:11:51,130 --> 00:11:59,830
I'm just calling security customer constructor, bypassing the first customer that I'm getting from

135
00:11:59,830 --> 00:12:02,290
the list and it will return the same.

136
00:12:02,620 --> 00:12:10,130
And framework will not complain because my security customer is implemented by user details only.

137
00:12:10,150 --> 00:12:12,340
That's why there is no complaint.

138
00:12:12,580 --> 00:12:18,310
And at the same time, if I don't have any results, I should always throw this exception, which is

139
00:12:18,310 --> 00:12:26,620
user name, not for decryption, which indicates to framework that these user is not a valid user and

140
00:12:26,620 --> 00:12:33,760
we should not accept his credentials and stop his access to the application by throwing bad error,

141
00:12:34,000 --> 00:12:36,270
which is a four zero authentication ever.

142
00:12:36,680 --> 00:12:39,970
Now we have done enough configurations.

143
00:12:40,180 --> 00:12:46,150
Let's try to go to specific security config and come into this, because right now we don't need this.

144
00:12:46,160 --> 00:12:49,480
We have implemented our own custom user database.

145
00:12:49,750 --> 00:12:57,160
And in the easy backend application, which is the main application I have added, these two, which

146
00:12:57,160 --> 00:13:06,200
are specific to JPA to enable J-P repositories, will scan for all repositories present inside our application.

147
00:13:06,220 --> 00:13:11,830
So in this scenario, we have a customer repository and entity scan.

148
00:13:11,830 --> 00:13:19,310
Annotation will help you to scan all our entities associated with the database tables and we have customer

149
00:13:19,450 --> 00:13:19,780
such.

150
00:13:19,780 --> 00:13:28,990
And that's why we have to use these two configurations since they are in the separate package compared

151
00:13:28,990 --> 00:13:30,020
to what this means.

152
00:13:30,020 --> 00:13:30,790
Class present.

153
00:13:30,880 --> 00:13:32,200
No, we are good to go.

154
00:13:32,380 --> 00:13:39,990
I mean, go ahead and start the server in, debug more clicking on Debuggers Java application.

155
00:13:40,330 --> 00:13:48,970
So before that, I'll also keep a breakpoint in this method to confirm that framework is calling this

156
00:13:48,970 --> 00:13:51,610
method only for doing authentication.

157
00:13:51,820 --> 00:13:54,930
So now are server also started?

158
00:13:55,120 --> 00:14:01,690
Let's go to Groser and try to offer me logging on to the application.

159
00:14:02,200 --> 00:14:08,770
So I called my account service, which will direct me to login page here.

160
00:14:08,980 --> 00:14:15,310
First, let me call with some random credentialled, which is admin one, two, three, four, five

161
00:14:15,730 --> 00:14:19,480
and what is happening to my method.

162
00:14:19,840 --> 00:14:24,610
So in this scenario, there is no user with the username.

163
00:14:24,610 --> 00:14:30,250
I mean, if you see in database we maintain humility, but here we are getting a different value.

164
00:14:30,580 --> 00:14:37,180
So this should return zero customers which will satisfy this condition.

165
00:14:37,480 --> 00:14:45,160
So and it will turn user name not from exception, which will result in a valid credentials.

166
00:14:45,160 --> 00:14:50,410
Error on the you know, let me ask you that.

167
00:14:50,890 --> 00:14:59,230
We do have maintained in the database, which is gone to the right example, dot com followed by.

168
00:14:59,850 --> 00:15:02,430
Password is five, four, three, two.

169
00:15:02,480 --> 00:15:05,440
What game breakpoint will stop here?

170
00:15:05,810 --> 00:15:10,880
So this time, let's see, we should get a response with a valid customer.

171
00:15:11,240 --> 00:15:11,880
There you go.

172
00:15:12,050 --> 00:15:16,820
We have one customer details and his e-mail and password, everything.

173
00:15:17,150 --> 00:15:25,370
What we do is we just typecasts our customer into a security customer and return to a framework and

174
00:15:25,370 --> 00:15:27,250
framework will validate.

175
00:15:27,710 --> 00:15:37,460
And that's one of my concern with this is how we how to implement in a scenario where you want to customize

176
00:15:37,460 --> 00:15:41,240
your spring security framework as part of a requirement.

177
00:15:41,480 --> 00:15:46,790
So in this scenario, I just showed you how to override and implement user details.

178
00:15:46,790 --> 00:15:48,560
That is applicable.

179
00:15:48,770 --> 00:15:51,010
Same for user details manager.

180
00:15:51,020 --> 00:15:58,370
Also, in the case of user details manager, you will take responsibility of creating any user updating,

181
00:15:58,370 --> 00:15:59,960
deleting everything.

182
00:16:00,410 --> 00:16:06,010
So that truly depends upon application to application what you want to override.

183
00:16:06,350 --> 00:16:14,090
If we have any questions, please post in the Q&A, but I sincerely advise you to follow me and do coding

184
00:16:14,390 --> 00:16:18,920
along with me and not typing the code the course.

185
00:16:19,100 --> 00:16:27,320
The reason is that will delay or extend the time of this entire course and few people may feel bored

186
00:16:27,740 --> 00:16:34,490
if I take each and every letter inside, because that's why I'm making sure of explaining each and every

187
00:16:34,490 --> 00:16:36,490
code line that I am writing.

188
00:16:36,980 --> 00:16:45,530
But I would always recommend you to possibly do and do the same coding inside your own laptop so that

189
00:16:45,710 --> 00:16:48,860
you understand how the things are working.

190
00:16:49,220 --> 00:16:56,630
And at the same time, I'm also attaching the order that we have developed to the course of sections

191
00:16:57,170 --> 00:16:59,540
every time we are done with this specific section.

192
00:16:59,800 --> 00:17:05,990
So please download that, take them as a reference and see if we are getting any different to address

193
00:17:05,990 --> 00:17:06,890
our issues.

194
00:17:07,319 --> 00:17:14,550
But I would always advise you to do practice on your own while watching these calls.

195
00:17:14,930 --> 00:17:15,550
Thank you.

196
00:17:15,560 --> 00:17:17,480
And see you in the next section by.