Theme NexT works best with JavaScript enabled
0%


IMPORTANT:
Some of the content here is a personal summary/abbreviation of contents on the Offical Spring Security Documentation. Feel free to refer to the official site if you think some of the sections written here are not clear.


Spring Security Intro

Spring security is very useful for dealing with authorization, authentication, and protection against common attacks. It provides support for OAuth2, SAML2, and etc. Yet, as the title of this manual suggests, the following sections will focus on using OAuth2 for authentication/authorization.

Technically, you do not necessarily need to use Spring Boot for using Spring Security. However, the sections below do assume that you are having a Spring Boot project to provide the backend services.

If you want more information on using tools other than OAuth2, or that you are not using Spring Boot as the backend API implementations, please visit the Official Reference.

Getting Spring Security

If you are using Spring Security with Spring Boot, getting Spring Security playing in your application is simple.

In summary, all you need to do is

  1. Import the spring-boot-starter-security in your pom.xml
    • You can either manually import the dependency, or select the Spring Security dependency in the Spring Initialzr
    • At this point, we are not yet using the OAuth2 Resource Server and OAuth2 Client yet. If you want, feel free to include those in your pom.xml as well.

The necessary dependency looks like:

1
2
3
4
5
6
7
<dependencies>
<!-- ... other dependency elements ... -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
</dependencies>

Again, its version has been already specified in the parent:

1
2
3
4
5
6
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.3.1.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>

If you want to use a specific version, you can specify it as well:

1
2
3
4
<properties>
<!-- ... -->
<spring-security.version>WHATEVER-VERSION-YOU-WANT-HERE</spring-security.version>
</properties>

Note:

  • If you use a SNAPSHOT version, you need to ensure that you have the Spring Snapshot repository defined, as the following example shows:

    1
    2
    3
    4
    5
    6
    7
    8
    <repositories>
    <!-- ... possibly other repository elements ... -->
    <repository>
    <id>spring-snapshot</id>
    <name>Spring Snapshot Repository</name>
    <url>https://repo.spring.io/snapshot</url>
    </repository>
    </repositories>

Spring Security Features

Spring Security provides comprehensive support for authentication, authorization, and protection against common exploits. It also provides integration with other libraries to simplify its usage.

Read more »


IMPORTANT:
Some of the content here is a personal summary/abbreviation of contents on the official documentation and the tutorial on Scrimba. Feel free to refer to the official site if you think some of the sections written here are not clear.


Installing Angular

To install angular, it is recommended that you first install nvm and node: https://github.com/nvm-sh/nvm

Once you have those two installed, you can install theAngular Cli: https://angular.io/guide/setup-local

  • With Angular Cli, it allows you to generate much content with some simple commands. For example, the ng generate/ng g command.
  • For more information on Angular Cli, please visit https://cli.angular.io/

Introduction to Angular

Angular is a platform and framework for building single-page client applications using HTML and TypeScript. Angular is written in TypeScript. It

implements core and optional functionality as a set of TypeScript libraries that you import into your apps.

Creating an Angular Project

To create a new angular project, you can use ng new <projectName>, which will generate a new folder with name <projectName> under your current directory, in which your project source code would go.

Once you have created your first project with ng new <projectName>, you will see that it generated many files as shown below:

project-structure.png

A high level overview of the usages of those file would be:

File Usage
tslint.js Used to control/standardize certain code/project properties across the team
tsconfig.json Controls the compilation settings for ts (type-script) files
package.json Controls the dependencies that our project has
package-lock.json Controls the dependencies that should be immutable
karma.conf.js Used for unit testing your code
.gitignore Controls which files would be ignored for your git version control
.editorconfig Used for customizing coding format in your editors (some editors don’t use it)
.angular-cli.json Controls packaging/deployment properties of your entire project
src Directory where your source code should live

Basic Building Blocks of an Angular App

On a very high level, your application would use the following building blocks:

angular-building-block.png from https://scrimba.com/course/gyourfirstangularapp/enrolled

  • Components
    • UI code, how your web application looks
  • Services
    • Frontend/Backend service, which does the computing
  • Modules
    • A container assembling the above two

An example would be:

angular-project-example.png https://scrimba.com/course/gyourfirstangularapp/enrolled

Read more »


IMPORTANT:
Some of the content here is a personal summary/abbreviation of contents on the Offical Spring Boot Documentation. Feel free to refer to the official site if you think some of the sections written here are not clear.


Spring Boot Installation

For instructions on installing and a quick overview of using Spring Boot, please refer to this page

Structuring Your Code

Technically, Spring Boot does not require any specific code layout to work. However, there are some best practices that help:

  • Your main application class:

    • It is generally recommend that you locate your main application class in a root package above other
      classes.
      The @SpringBootApplication annotation is often placed on your main class, and it implicitly
      defines a base “search package” for certain items

    • For example, the follwoing structure:

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      com
      +- example
      +- myapplication
      +- Application.java
      |
      +- customer
      | +- Customer.java
      | +- CustomerController.java
      | +- CustomerService.java
      | +- CustomerRepository.java
      |
      +- order
      +- Order.java
      +- OrderController.java
      +- OrderService.java
      +- OrderRepository.java
  • Your primary configuration class

    • Although it is possible to use SpringApplication with XML sources, we generally recommend that your primary source be a single @Configuration class. Usually the class that defines the main method is a good candidate as the primary @Configuration.
    • You can also import configuration classes:
      • The @Import annotation can be used to import additional configuration classes. Alternatively, you can use @ComponentScan to automatically pick up all Spring components, including @Configuration classes.
    • Import XML Configuration
      • If you need to use an XML based configuration, we recommend that you still start with a @Configuration class. You can then use an @ImportResource annotation to load XML configuration files.
        Read more »