Professional Documents
Culture Documents
Contents:
Create a simple blog web application.
Use JPA-based authentication (login and registration) for this blog website
(based on the method learned in Lecture 9).
Implement basic blog features:
o Register, login
o CRUD posts
o Home page showing some latest posts
o Author profile page showing author info and his posts
o Author details page with comments
3. Configure Spring Security to allow everyone’s access to all URLs except URLs in
/member/ which are allowed for authenticated users only.
SE2 – TUTORIAL 9
Create a service named JpaUserDetailsService which implements
UserDetailsService and implement the loadUserByUsername method in it.
Configure the SecurityFilterChain to use this JpaUserDetailsService.
Create a PasswordEncoder bean (actual type: BCryptPasswordEncoder) for
hashing user password where necessary.
Create a UserTemplate class to be used for the registration form, use Validation
annotations to validate user details in this class.
Create an AuthController class which has:
o A method named register which shows an empty registration form in
response to a GET request to the URL /register. This form should show
an empty UserTemplate object.
o A method named registerHandle which receives the POST request
submitted by the registration form and: (1) creates and saves a User to
database if the received UserTemplate object is valid; (2) shows the
registration form with user-entered details along with error messages.
5. Create a MemberController class which has these controller methods:
SE2 – TUTORIAL 9
Part 2 - Advanced requirements:
1. Create a Comment entity which has relationship with both User and Post. There can
be many comments per user, as well as many comments per post.
2. Display all comments below the post content in the post detail page.
3. When an unauthenticated user visits the post detail page, below the post content,
above the list of comments, show a text which says “Please login to comment”.
4. If an authenticated user visits the post detail page, shows a form to submit a comment
instead. Handles this form at: /write-comment/{id} where {id} is the post’s id.
SE2 – TUTORIAL 9