Secure resources using role-based approach.
Introduce authentication using standard form-based authentication and secure app using admin and user roles. Users and their roles are stored in H2 SQL database.
App ships with pre-configured DataSource
jdbc/authority. You may use it to configure security realm and lookup
user profile that should be displayed on mood page.
App consists of 5 pages:
If user is authenticated it automatically redirects to
nickname is authenticated user's nickname.
Otherwise it displays link to login page.
Shows user mood. Anyone can access this page, but only profile owner should see buttons to change mood. There should be button to choose happy mood and a button to choose sad mood.
Users that have not authenticated yet should see link to login page while authenticated users should see link to logout. After clicking logout user should be redirected to home page.
Shows login form with user name input (
name=j_username), password input (
and submit button (
Displayed when user provides invalid credentials.
Authentication error header and
Username, password or role incorrect, try again message.
When user clicks
try again link they should be redirected to
Should be displayed when authenticated user tries to access resources he does not have access to.
Should be displayed when user tries to access profile that does not exist.
Shows list of users. Only user with admin role is allowed to see this page.
You are allowed to modify only existing files inside src/main!
To run the app:
App will be now available at http://localhost:9090/app/
Default credentials :
To run tests with chrome:
mvn test -Dbrowser=chrome
To run tests with phantomjs:
To run tests and static analysis: