Skip to content

mvysny/vaadin-simple-security-example

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

85 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Vaadin Simple Security Example App

A demo project for the Vaadin Simple Security library. Requires Java 17+.

Preparing Environment

Please see the Vaadin Boot documentation on how you run, develop and package this Vaadin-Boot-based app.

See a live demo at v-herd.eu/vaadin-simple-security-example

About the application

The application uses the username+password authorization, with users stored in an in-memory H2 SQL database (the User class; uses jdbi-orm to map Java classes to SQL tables). There are no views that could be accessed publicly - the user must log in first, in order to see any part of the app.

There are two users pre-created by the Bootstrap class:

  • The 'user' user with the password of 'user' and the role of ROLE_USER
  • The 'admin' user with the password of 'admin' and two roles: ROLE_ADMIN and ROLE_USER

The AppServiceInitListener configures Vaadin to check authorization and redirects to the Login route if there's no user logged in. The username and password are compared against the database. The User class takes advantage of the HasPassword mixin which makes sure to store the passwords in a hashed form.

If the login succeeds, the user is then stored into the session (or, rather, the LoginService class is stored in the session along with the currently logged-in user. This way, we can group all login/logout functionality into single class). Then, the page is refreshed. This forces Vaadin to create a new instance of the MainLayout. Since a non-null user is now in the session, the MainLayout will not perform the re-route to the login view; instead it will show the application layout.

There are four views:

  • The WelcomeRoute which is accessible by all logged-in users;
  • The UserRoute which is accessible by all users with roles ROLE_USER and ROLE_ADMIN
  • The AdminRoute which is accessible by users with the ROLE_ADMIN role only

About

Example app for the Vaadin Simple Security library

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published