Database as IdentityStore
Explore how to configure a database as an IdentityStore for authentication in Java Enterprise applications. Learn to hash passwords securely using key derivation functions, define JPA entities for user and group tables, and set up test data and servlets for authentication testing. Understand the importance of database configuration and CDI beans in this process.
Overview
In this lesson, we will use the database to store user credentials and the key derivation function to hash the password. Hashing is required with the Security API so that stored passwords are protected.
Create the project
We start from the project template we defined earlier and add the required dependencies and classes.
If you want to work within the Educative platform, simply use the project we’ve created at the end of this lesson. If you choose to work locally, you will need to create a Maven project db as described in "Introduction to Window Shopping."
In our case, no additional dependencies are needed.
Configure the security
We need to configure the authentication mechanism and the IdentityStore. Although we could use any method we’ve covered in the course so far, we’ll use Basic authentication once again.
Let’s go ahead and create ApplicationConfiguration.java in the Maven db directory src/main/java/be/rubus/workshop/security/workshop/db:
Explanation
...