Can I use spring security without username or password? - spring

I need to make sso for applications and combile user table.
I want to use spring security with email authentication, without username or password.
How can I do this?
My limittations:
Single user can authenticate with multiple emails (Like github)
User can manage all authentication state and expire specific authentication. (In profile page)
No password. No string username or id. (Because no service supports basic login)
--- EDIT ---
OAuth 2.0 / 1.0a Authentication
Generated scheme:
(Is this proper for this case?)
create table hib_authentication (
id BIGINT UNSIGNED not null auto_increment,
firstAuthenticatedTime TIMESTAMP DEFAULT CURRENT_TIMESTAMP not null,
ip VARBINARY(16) not null,
browser VARBINARY(24) not null,
lastAuthenticatedTime TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP not null,
user_id INT UNSIGNED not null,
primary key (id)
) ENGINE=InnoDB;
create table hib_user (
id INT UNSIGNED not null auto_increment,
country SMALLINT UNSIGNED not null,
created TIMESTAMP DEFAULT CURRENT_TIMESTAMP not null,
locale varchar(255) not null,
timeZone varchar(255) not null,
primary key (id)
) ENGINE=InnoDB;
create table hib_user_email (
id BIGINT UNSIGNED not null auto_increment,
email varchar(255) not null,
user_id INT UNSIGNED not null,
primary key (id)
) ENGINE=InnoDB;
create index index_to_get_authentication_by_user on hib_authentication (user_id);
alter table hib_user_email
add constraint UK_isuygi7fmcwnlht8f4plckt6n unique (email);
create index index_to_search_email_by_user on hib_user_email (user_id);
alter table hib_authentication
add constraint authentication_belongs_to_user
foreign key (user_id)
references hib_user (id);
alter table hib_user_email
add constraint email_belongs_to_user
foreign key (user_id)
references hib_user (id);

Related

Unable to extract JDBC value for position `3`

I am switching from MYSQL to ORACLE.
I have JPA Authentication setup like this:
#Override
#Transactional(readOnly = true)
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
AppUser user = userRepository.findByUseremailIgnoreCase(email);
With MySQL all works fine. But for Oracle, during login using JPA authentication I am getting this exception.
org.springframework.security.authentication.InternalAuthenticationServiceException: Unable to extract JDBC value for position `3`
Followed by these exceptions:
Caused by: org.springframework.orm.jpa.JpaSystemException: Unable to extract JDBC value for position `3`
Caused by: java.sql.SQLException: Invalid conversion requested
Caused by: java.lang.IllegalArgumentException: Timestamp format must be yyyy-mm-dd hh:mm:ss[.fffffffff]
Any clue what I am missing and where to debug?
My table structure is as per below:
create table CONTENTPLUSPLUS.app_user (
id NUMBER GENERATED ALWAYS as IDENTITY(START with 1 INCREMENT by 1) NOT NULL,
useremail VARCHAR(150) NOT NULL,
userpassword VARCHAR(150) NOT NULL,
useruuid VARCHAR(50) NOT NULL,
userfirstname VARCHAR(150) NOT NULL,
userlastname VARCHAR(150) NOT NULL,
userenabled NUMBER(1) DEFAULT 0 NOT NULL,
created_by VARCHAR(150) NOT NULL,
created_date VARCHAR(150) NOT NULL,
modified_by VARCHAR(150) NOT NULL,
modified_date VARCHAR(150) NOT NULL,
CONSTRAINT appuser_pk PRIMARY KEY (id), UNIQUE (useremail, useruuid));
create table CONTENTPLUSPLUS.app_role(
id NUMBER GENERATED ALWAYS as IDENTITY(START with 1 INCREMENT by 1) NOT NULL,
name VARCHAR(150) NOT NULL,
CONSTRAINT approle_pk PRIMARY KEY (id),UNIQUE (name));
CREATE TABLE CONTENTPLUSPLUS.app_department (
id NUMBER GENERATED ALWAYS as IDENTITY(START with 1 INCREMENT by 1) NOT NULL,
departmentuuid VARCHAR(150),
departmentheadname varchar(255) NOT NULL,
departmentheademail varchar(255) NOT NULL,
departmentname varchar(255) NOT NULL,
userid NUMBER NOT NULL,
created_by VARCHAR(150) NOT NULL,
created_date VARCHAR(150) NOT NULL,
modified_by VARCHAR(150) NOT NULL,
modified_date VARCHAR(150) NOT NULL,
CONSTRAINT appdepartment_pk PRIMARY KEY (id),UNIQUE (departmentname, departmentuuid));
CREATE TABLE CONTENTPLUSPLUS.app_user_department (
userid NUMBER NOT NULL,
departmentid NUMBER NOT NULL
);
ALTER TABLE CONTENTPLUSPLUS.app_user_department ADD CONSTRAINT FK_AUSERDEPTUSERID FOREIGN KEY (userid) REFERENCES app_user (id);
ALTER TABLE CONTENTPLUSPLUS.app_user_department ADD CONSTRAINT FK_AUSERDEPTDEPTID FOREIGN KEY (departmentid) REFERENCES app_department (id);
ALTER TABLE CONTENTPLUSPLUS.app_department ADD CONSTRAINT FK_AUSERUSERID FOREIGN KEY (userid) REFERENCES app_user (id);
CREATE TABLE CONTENTPLUSPLUS.app_user_role (
id NUMBER GENERATED ALWAYS as IDENTITY(START with 1 INCREMENT by 1) NOT NULL,
userid NUMBER NOT NULL,
roleid NUMBER NOT NULL,
CONSTRAINT appuserrole_pk PRIMARY KEY (id));
ALTER TABLE CONTENTPLUSPLUS.app_user_role ADD CONSTRAINT FK_AURUSERID FOREIGN KEY (userid) REFERENCES app_user (id);
ALTER TABLE CONTENTPLUSPLUS.app_user_role ADD CONSTRAINT FK_AURROLEID FOREIGN KEY (roleid) REFERENCES app_role (id);
Below is the query which gets fired during the login operation (shows up only for MySQL):
Hibernate:
select
a1_0.id,
a1_0.created_by,
a1_0.created_date,
a1_0.modified_by,
a1_0.modified_date,
a1_0.useremail,
a1_0.userenabled,
a1_0.userfirstname,
a1_0.userlastname,
a1_0.userpassword,
a1_0.useruuid
from
app_user a1_0
where
upper(a1_0.useremail)=upper(?)
Hibernate:
select
r1_0.userid,
r1_1.id,
r1_1.name
from
app_user_role r1_0
join
app_role r1_1
on r1_1.id=r1_0.roleid
where
r1_0.userid=?
You map Date in Java with VARCHAR2 in SQL: bad idea. You probably get lucky with the default conversion format of TS and the locale in MySQL: back to my first comment... look at the SQL Office Hours session code...

Laravel how to get list of related fields through pivot table

I have 4 tables : peoples, companies, countries and the pivot table company_people (as peoples & companies both belongs to many) which has both people_id and company_id.
In the People model, I have the following functions:
class People extends Model
{
// main company (only one)
public function company()
{
return $this->belongsTo(Company::class);
}
// all other companies
public function companies()
{
return $this->belongsToMany(Company::class);
}
public function country()
{
return $this->belongsTo(Country::class);
}
}
Then in the People controller, I have the following in order to prepare to display a list of all the peoples with the related main company name (only one), country name (only one) and other companies as a list of names. I can do the first 2 but not the last one. How can I do that?
$peoples = People::orderBy($sortField,$sortOrder)
->with(['companies','company','country'])
->get();
foreach ($peoples as $people) {
$people->company = '['.$people->company->company.']'; // main company name
$people->country = '['.$people->country->country.']'; // country name
$people->otherCompanies = ? // list of other company names through pivot table
}
And here all the structure of the 4 tables:
CREATE TABLE `company_people` (
`id` bigint NOT NULL,
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`company_id` bigint UNSIGNED NOT NULL,
`people_id` bigint UNSIGNED NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE `countries` (
`id` varchar(4) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT 'AA',
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`is_active` int NOT NULL DEFAULT '1',
`country` varchar(60) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE `peoples` (
`id` bigint UNSIGNED NOT NULL,
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`is_active` int NOT NULL DEFAULT '1',
`firstname` varchar(120) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`lastname` varchar(120) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci DEFAULT '',
`country_id` varchar(4) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT 'ZA',
`company_id` bigint UNSIGNED DEFAULT '0'
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci PACK_KEYS=0;
ALTER TABLE `company_people`
ADD PRIMARY KEY (`id`),
ADD KEY `article_id` (`company_id`),
ADD KEY `tag_id` (`people_id`);
ALTER TABLE `countries`
ADD PRIMARY KEY (`id`);
ALTER TABLE `peoples`
ADD PRIMARY KEY (`id`),
ADD KEY `country_id` (`country_id`),
ADD KEY `company_id` (`company_id`);
ALTER TABLE `company_people`
MODIFY `id` bigint NOT NULL AUTO_INCREMENT;
ALTER TABLE `peoples`
MODIFY `id` bigint UNSIGNED NOT NULL AUTO_INCREMENT;
ALTER TABLE `peoples`
ADD CONSTRAINT `peoples-company` FOREIGN KEY (`company_id`) REFERENCES `companies` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
ADD CONSTRAINT `peoples-country` FOREIGN KEY (`country_id`) REFERENCES `countries` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT;
ALTER TABLE `companies`
ADD CONSTRAINT `peoples-country` FOREIGN KEY (`country_id`) REFERENCES `countries` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT;
ALTER TABLE `company_people`
ADD CONSTRAINT `companies-peoples` FOREIGN KEY (`company_id`) REFERENCES `companies` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
ADD CONSTRAINT `peoples-companies` FOREIGN KEY (`people_id`) REFERENCES `peoples` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
you can use pluck() to get all the company name then toArray() to convert in array like this
$peoples = People::orderBy($sortField,$sortOrder)
->with(['companies','company','country'])
->get();
foreach ($peoples as $people) {
$people->company = '['.$people->company->company.']'; // main company name
$people->country = '['.$people->country->country.']'; // country name
$people->otherCompanies = $people->companies->pluck('name')->toArray(); // list of other company names through pivot table
}
And if you want otherCompanies name as comma seprate then use $people->companies->pluck('name')->join(',');

spring security authentication different profiles and permissions with hibernate and jsf

i want to authenticate the users using spring security. i'm using hiebrnate and jsf.
the problem is in the different tutorials that i saw online there is just one role. but in my case i have a different database with permissions and profiles
Table User
user id
profile id
login
password
Table profile
profile_id
profile
Table action or permission
action_id
action
profile_id
I am wondering if anyone knows how to implement this or knows some good tutorials.
if you want to manage your user role, groups and permissions, you could see the Spring Security documentation about schema.
Here some snippets and details on the above link :
create table users(
username varchar_ignorecase(50) not null primary key,
password varchar_ignorecase(50) not null,
enabled boolean not null);
create table authorities (
username varchar_ignorecase(50) not null,
authority varchar_ignorecase(50) not null,
constraint fk_authorities_users foreign key(username) references users(username));
create unique index ix_auth_username on authorities (username,authority);
create table groups (
id bigint generated by default as identity(start with 0) primary key,
group_name varchar_ignorecase(50) not null);
create table group_authorities (
group_id bigint not null,
authority varchar(50) not null,
constraint fk_group_authorities_group foreign key(group_id) references groups(id));
create table group_members (
id bigint generated by default as identity(start with 0) primary key,
username varchar(50) not null,
group_id bigint not null,
constraint fk_group_members_group foreign key(group_id) references groups(id));

yii2 : can't get data from two table with active record

I want get data from two table comments,users.
comments have hasOne relation with users
public function getUser()
{
return $this->hasOne(Users::className(), ['user_id' => 'user_id']);
}
i want get comments.comment_id,comments.comment_content,comments.user_id from comments table and uses.user_name , users.user_display_name from users table to use in gridview widget.
i use
$res = Comments::find()
->select([
'comments.comment_id',
'comments.comment_content',
'comments.user_id',
'users.user_id',
'users.user_display_name',
'users.user_name',
])
->innerJoinWith('user')
->all();
this code get comments field but i can't get users.user_name,users.user_display_name from database.
How should I do it?
note: user table in database is users but when i create model with Gii,relation method declare as getUser(), i don't know why.
update 1:
comments table:
DROP TABLE IF EXISTS `comments`;
CREATE TABLE `comments` (
`comment_id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`comment_content` text NOT NULL,
`comment_approved` enum('no','yes') NOT NULL DEFAULT 'no',
`comment_date` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`comment_parent` bigint(20) unsigned NOT NULL DEFAULT '0',
`sms_id` bigint(20) unsigned NOT NULL DEFAULT '0',
`user_id` bigint(20) unsigned NOT NULL DEFAULT '0',
PRIMARY KEY (`comment_id`),
KEY `fk_comment_sms_id` (`sms_id`),
KEY `fk_commetn_user_id` (`user_id`),
CONSTRAINT `fk_comment_sms_id` FOREIGN KEY (`sms_id`) REFERENCES `sms` (`sms_id`),
CONSTRAINT `fk_commetn_user_id` FOREIGN KEY (`user_id`) REFERENCES `users` (`user_id`)
) ENGINE=InnoDB AUTO_INCREMENT=18 DEFAULT CHARSET=utf8;
users table:
CREATE TABLE `users` (
`user_id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`user_name` varchar(60) NOT NULL DEFAULT '',
`user_pass` varchar(64) NOT NULL DEFAULT '',
`user_level` int(11) NOT NULL DEFAULT '1',
`user_email` varchar(100) NOT NULL DEFAULT '',
`user_display_name` varchar(250) NOT NULL DEFAULT '',
`user_phone_number` varchar(11) NOT NULL,
`user_registered` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`user_activation_key` varchar(60) NOT NULL,
`user_status` enum('active','deactive','delete') NOT NULL DEFAULT 'deactive',
PRIMARY KEY (`user_id`),
UNIQUE KEY `u_user_sign` (`user_name`) USING BTREE,
UNIQUE KEY `u_user_email` (`user_email`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=24 DEFAULT CHARSET=utf8;
Not sure how you're displaying or testing if the query returned any data but you should read up on relations in Yii.
Working with Relational Data
Lazy and Eager Loading
With lazy loading the data doesn't exist until you try to access it so may not appear in things like print_r or var_dump
I recommend renaming your tables to comment and user. Read here: Table Naming Dilemma: Singular vs. Plural Names why you should use singular names.
The reason Gii generates getUser and not getUsers is because of the hasOne relationship. It's getting one -user- and not multiple -users-
Are you sure the relationship definition is correct? Is user_id the PK in the users table and the FK in the comments table? And are you sure there is correct data in the DB?

Error in creating MySQL table with multiple foreign keys

I am trying to create a table with multiple foreign keys , but getting error msg...
Here is the query
create table REVIEW (
REVIEWER_ID varchar(255) not null,
DOCTOR_ID integer not null,
REVIEW varchar(255),
DATE datetime,
primary key (REVIEWER_ID, DOCTOR_ID)
) ENGINE=InnoDB
alter table REVIEW
add constraint FK_n1a9feqfl96wayocqr6n04p2y
foreign key (DOCTOR_ID)
references DOCTORS_INFORMATION (DOCTOR_ID)
It has executed the upper statement. But when i do the following it is showing error.
alter table REVIEW
add constraint FK_fpmwq7vslmp90var2qmw2lhf4
foreign key (REVIEWER_ID)
references REVIEWER_INFORMATION (REVIEWER_ID)
Reviewer_information table was created using the following command
create table REVIEWER_INFORMATION (
REVIEWER_ID integer not null auto_increment,
EMAIL varchar(255),
FIRSTNAME varchar(255),
LASTNAME varchar(255),
PHONE_NUMBER integer,
primary key (REVIEWER_ID)
) ENGINE=InnoDB

Resources