The Master Class of "Learn Spring Security" is out:

>> CHECK OUT THE COURSE

1. Overview

In this article, we’ll implement a basic registration process with Spring Security. This is building on top of concepts explored in the previous article, where we looked at login.

The goal here is to add a full registration process that allows a user to sign up, validates and persists user data.

2. The Registration Page

First – let’s implement a simple registration page displaying the following fields:

  • name (first and last name)
  • email
  • password (and password confirmation field)

The following example shows a simple registration.html page:

Example 2.1.

<html>
<body>
<h1 th:text="#{label.form.title}">form</h1>
<form action="/" th:object="${user}" method="POST" enctype="utf8">
    <div>
        <label th:text="#{label.user.firstName}">first</label>
        <input th:field="*{firstName}"/>
        <p th:each="error: ${#fields.errors('firstName')}" 
          th:text="${error}">Validation error</p>
    </div>
    <div>
        <label th:text="#{label.user.lastName}">last</label>
        <input th:field="*{lastName}"/>
        <p th:each="error : ${#fields.errors('lastName')}" 
          th:text="${error}">Validation error</p>
    </div>
    <div>
        <label th:text="#{label.user.email}">email</label>
        <input type="email" th:field="*{email}"/>
        <p th:each="error : ${#fields.errors('email')}" 
          th:text="${error}">Validation error</p>
    </div>
    <div>
        <label th:text="#{label.user.password}">password</label>
        <input type="password" th:field="*{password}"/>
        <p th:each="error : ${#fields.errors('password')}" 
          th:text="${error}">Validation error</p>
    </div>
    <div>
        <label th:text="#{label.user.confirmPass}">confirm</label>
        <input type="password" th:field="*{matchingPassword}"/>
    </div>
    <button type="submit" th:text="#{label.form.submit}">submit</button>
</form>

<a th:href="@{/login.html}" th:text="#{label.form.loginLink}">login</a>
</body>
</html>

3. The User DTO Object

We need a Data Transfer Object to send all of the registration information to our Spring backend. The DTO object should have all the information we’ll require later on when we create and populate our User object:

public class UserDto {
    @NotNull
    @NotEmpty
    private String firstName;
    
    @NotNull
    @NotEmpty
    private String lastName;
    
    @NotNull
    @NotEmpty
    private String password;
    private String matchingPassword;
    
    @NotNull
    @NotEmpty
    private String email;
    
    // standard getters and setters
}

Notice we used standard javax.validation annotations on the fields of the DTO object. Later on, we’re going to also implement our own custom validation annotations to validate the format of the email address as well as for the password confirmation. (see Section 5)

4. The Registration Controller

A Sign-Up link on the login page will take the user to the registration page. This back end for that page lives in the registration controller and is mapped to “/user/registration”:

Example 4.1. – The showRegistration Method

@RequestMapping(value = "/user/registration", method = RequestMethod.GET)
public String showRegistrationForm(WebRequest request, Model model) {
    UserDto userDto = new UserDto();
    model.addAttribute("user", userDto);
    return "registration";
}

When the controller receives the request “/user/registration”, it creates the new UserDto object that will back the registration form, binds it and returns – pretty straightforward.

5. Validating Registration Data

Next – let’s look at the validations that the controller will perform when registering a new account:

  1. All required fields are filled (No empty or null fields)
  2. The email address is valid (well-formed)
  3. The password confirmation field matches the password field
  4. The account doesn’t already exist

5.1. The Built-In Validation

For the simple checks, we’ll use the out of the box bean validation annotations on the DTO object – annotations like @NotNull, @NotEmpty, etc.

To trigger the validation process, we’ll simply annotate the object in the controller layer with the @Valid annotation:

public ModelAndView registerUserAccount(
  @ModelAttribute("user") @Valid UserDto accountDto, 
  BindingResult result, WebRequest request, Errors errors) {
    ...
}

5.2. Custom Validation to Check Email Validity

Next – let’s validate the email address and make sure it’s well-formed. We’re going to be building a custom validator for that, as well as a custom validation annotation – let’s call that @ValidEmail.

A quick sidenote here – we’re rolling our own custom annotation instead of Hibernate’s @Email because Hibernate considers the old intranet addresses format: [email protected] as valid (see Stackoverflow article), which is no good.

Here’s the email validation annotation and the custom validator:

Example 5.2.1. – The Custom Annotation for Email Validation

@Target({TYPE, FIELD, ANNOTATION_TYPE}) 
@Retention(RUNTIME)
@Constraint(validatedBy = EmailValidator.class)
@Documented
public @interface ValidEmail {   
    String message() default "Invalid email";
    Class<?>[] groups() default {}; 
    Class<? extends Payload>[] payload() default {};
}

Note that we have defined the annotation at the FIELD level – since that’s where it applies conceptually.

Example 5.2.2. – The Custom EmailValidator:

public class EmailValidator 
  implements ConstraintValidator<ValidEmail, String> {
    
    private Pattern pattern;
    private Matcher matcher;
    private static final String EMAIL_PATTERN = "^[_A-Za-z0-9-+]+
        (.[_A-Za-z0-9-]+)*@" + "[A-Za-z0-9-]+(.[A-Za-z0-9]+)*
        (.[A-Za-z]{2,})$"; 
    @Override
    public void initialize(ValidEmail constraintAnnotation) {       
    }
    @Override
    public boolean isValid(String email, ConstraintValidatorContext context){   
        return (validateEmail(email));
    } 
    private boolean validateEmail(String email) {
        pattern = Pattern.compile(EMAIL_PATTERN);
        matcher = pattern.matcher(email);
        return matcher.matches();
    }
}

Let’s now use the new annotation on our UserDto implementation:

@ValidEmail
@NotNull
@NotEmpty
private String email;

5.3. Using Custom Validation for Password Confirmation

We also need a custom annotation and validator to make sure that the password and matchingPassword fields match up:

Example 5.3.1. – The Custom Annotation for Validating Password Confirmation

@Target({TYPE,ANNOTATION_TYPE}) 
@Retention(RUNTIME)
@Constraint(validatedBy = PasswordMatchesValidator.class)
@Documented
public @interface PasswordMatches { 
    String message() default "Passwords don't match";
    Class<?>[] groups() default {}; 
    Class<? extends Payload>[] payload() default {};
}

Notice that the @Target annotation indicates that this is a TYPE level annotation. This is because we need the entire UserDto object to perform the validation.

The custom validator that will be called by this annotation is shown below:

Example 5.3.2. The PasswordMatchesValidator Custom Validator

public class PasswordMatchesValidator 
  implements ConstraintValidator<PasswordMatches, Object> { 
    
    @Override
    public void initialize(PasswordMatches constraintAnnotation) {       
    }
    @Override
    public boolean isValid(Object obj, ConstraintValidatorContext context){   
        UserDto user = (UserDto) obj;
        return user.getPassword().equals(user.getMatchingPassword());    
    }     
}

Now, the @PasswordMatches annotation should be applied to our UserDto object:

@PasswordMatches
public class UserDto {
   ...
}

All custom validations are of course evaluated along with all standard annotations when the entire validation process runs.

5.4. Check That The Account Doesn’t Already Exist

The fourth check we’ll implement is verifying that the email account doesn’t already exist in the database.

This is performed after the form has been validated and it’s done with the help of the UserService implementation.

Example 5.4.1. – The Controller’s createUserAccount Method Calls the UserService Object

@RequestMapping(value = "/user/registration", method = RequestMethod.POST)
public ModelAndView registerUserAccount
      (@ModelAttribute("user") @Valid UserDto accountDto, 
      BindingResult result, WebRequest request, Errors errors) {    
    User registered = new User();
    if (!result.hasErrors()) {
        registered = createUserAccount(accountDto, result);
    }
    if (registered == null) {
        result.rejectValue("email", "message.regError");
    }
    // rest of the implementation
}
private User createUserAccount(UserDto accountDto, BindingResult result) {
    User registered = null;
    try {
        registered = service.registerNewUserAccount(accountDto);
    } catch (EmailExistsException e) {
        return null;
    }    
    return registered;
}

Example 5.4.2. – UserService Checks for Duplicate Emails

@Service
public class UserService implements IUserService {
    @Autowired
    private UserRepository repository; 
    
    @Transactional
    @Override
    public User registerNewUserAccount(UserDto accountDto) 
      throws EmailExistsException {
        
        if (emailExist(accountDto.getEmail())) {  
            throw new EmailExistsException(
              "There is an account with that email adress: "
              +  accountDto.getEmail());
        }
        ...
        // the rest of the registration operation
    }
    private boolean emailExist(String email) {
        User user = repository.findByEmail(email);
        if (user != null) {
            return true;
        }
        return false;
    }
}

The UserService relies on the UserRepository class to check if a user with a given email address already exists in the database.

Now – the actual implementation of the UserRepository in the persistence layer isn’t relevant for the current article. One quick way is, of course, to use Spring Data to generate the repository layer.

6. Persisting Data and Finishing-Up Form Processing

Finally – let’s implement the registration logic in our controller layer:

Example 6.1.1. – The RegisterAccount Method in the Controller

@RequestMapping(value = "/user/registration", method = RequestMethod.POST)
public ModelAndView registerUserAccount(
  @ModelAttribute("user") @Valid UserDto accountDto, 
  BindingResult result, 
  WebRequest request, 
  Errors errors) {
    
    User registered = new User();
    if (!result.hasErrors()) {
        registered = createUserAccount(accountDto, result);
    }
    if (registered == null) {
        result.rejectValue("email", "message.regError");
    }
    if (result.hasErrors()) {
        return new ModelAndView("registration", "user", accountDto);
    } 
    else {
        return new ModelAndView("successRegister", "user", accountDto);
    }
}
private User createUserAccount(UserDto accountDto, BindingResult result) {
    User registered = null;
    try {
        registered = service.registerNewUserAccount(accountDto);
    } catch (EmailExistsException e) {
        return null;
    }
    return registered;
}

Things to notice in the code above:

  1. The controller is returning a ModelAndView object which is the convenient class for sending model data (user) tied to the view.
  2. The controller will redirect to the registration form if there are any errors set at validation time.
  3. The createUserAccount method calls the UserService for data persistence. We will discuss the UserService implementation in the following section

7. The UserService – Register Operation

Let’s finish the implementation of the registration operation int the UserService:

Example 7.1. The IUserService Interface

public interface IUserService {
    User registerNewUserAccount(UserDto accountDto)     
      throws EmailExistsException;
}

Example 7.2. – The UserService Class

@Service
public class UserService implements IUserService {
    @Autowired
    private UserRepository repository;
    
    @Transactional
    @Override
    public User registerNewUserAccount(UserDto accountDto) 
      throws EmailExistsException {
        
        if (emailExist(accountDto.getEmail())) {   
            throw new EmailExistsException(
              "There is an account with that email address:  + accountDto.getEmail());
        }
        User user = new User();    
        user.setFirstName(accountDto.getFirstName());
        user.setLastName(accountDto.getLastName());
        user.setPassword(accountDto.getPassword());
        user.setEmail(accountDto.getEmail());
        user.setRoles(Arrays.asList("ROLE_USER"));
        return repository.save(user);       
    }
    private boolean emailExist(String email) {
        User user = repository.findByEmail(email);
        if (user != null) {
            return true;
        }
        return false;
    }
}

8. Loading User Details for Security Login

In our previous article, login was using hard coded credentials. Let’s change that and use the newly registered user information and credentials. We’ll implement a custom UserDetailsService to check the credentials for login from the persistence layer.

8.1. The Custom UserDetailsService

Let’s start with the custom user details service implementation:

@Service
@Transactional
public class MyUserDetailsService implements UserDetailsService {
 
    @Autowired
    private UserRepository userRepository;
    // 
    public UserDetails loadUserByUsername(String email)
      throws UsernameNotFoundException {
 
        User user = userRepository.findByEmail(email);
        if (user == null) {
            throw new UsernameNotFoundException(
              "No user found with username: "+ email);
        }
        boolean enabled = true;
        boolean accountNonExpired = true;
        boolean credentialsNonExpired = true;
        boolean accountNonLocked = true;
        return  new org.springframework.security.core.userdetails.User
          (user.getEmail(), 
          user.getPassword().toLowerCase(), enabled, accountNonExpired, 
          credentialsNonExpired, accountNonLocked, 
          getAuthorities(user.getRoles()));
    }
    
    private static List<GrantedAuthority> getAuthorities (List<String> roles) {
        List<GrantedAuthority> authorities = new ArrayList<>();
        for (String role : roles) {
            authorities.add(new SimpleGrantedAuthority(role));
        }
        return authorities;
    }
}

8.2. Enable the New Authentication Provider

To enable the new user service in the Spring Security configuration – we simply need to add a reference to the UserDetailsService inside the authentication-manager element and add the UserDetailsService bean:

Example 8.2.- The Authentication Manager and the UserDetailsService

<authentication-manager>
    <authentication-provider user-service-ref="userDetailsService" /> 
</authentication-manager>
 
<beans:bean id="userDetailsService" 
  class="org.baeldung.security.MyUserDetailsService"/>

Or, via Java configuration:

@Autowired
private MyUserDetailsService userDetailsService;

@Override
protected void configure(AuthenticationManagerBuilder auth) 
  throws Exception {
    auth.userDetailsService(userDetailsService);
}

9. Conclusion

And we’re done – a complete and almost production ready registration process implemented with Spring Security and Spring MVC. Next, we’re going to discuss the process of activating the newly registered account by verifying the email of the new user.

The implementation of this Spring Security REST Tutorial can be found in the GitHub project – this is an Eclipse based project, so it should be easy to import and run as it is.

The Master Class "Learn Spring Security" is out:

>> CHECK OUT THE COURSE

  • Matt Krevs

    Nice one. I didnt realise you could roll your own annotations for validation rules. I _think_ there is one typo. You specified @ValidUEmail as the annotation for the email field. Shouldnt it be @ValidEmail?

    • Elena Eidson

      Yes Matt, It’s a typo. @ValidEmail is right.

  • Ashwani kumar

    Great article…. Can u share the demo project for this article…? like github project…

    • Hey Kumar, I forgot to add the link – I’ll add it into the article today. Cheers,
      Eugen.

  • Guest

    Nice Article… Can u share the demo project for this article…? like github project…

  • Simon

    I notice that the password is currently stored plaintext in the User entity, and corresponding database table. I hope there will be a follow-up to this tutorial, showing how to this properly – i.e how to store a hash instead of the actual password, and how to integrate this with Spring-Security?

    • Hey Simon – yes, the followup is planned but it’s definitely out of scope for this particular article. It is in the pipeline though. Thanks.
      Eugen.

      • Simon

        Good to hear. It’s seriously important, that stuff… for all that tutorials need to start simple and build up the complexity, I wonder if it would be better with this subject to *never* show people how to do the plaintext version. There are almost no cases where it’s desirable behaviour, and it’s such a dangerous thing to teach…

        • My thinking is that readers understand that this is a tutorial and some aspects that are out of the scope of the article are simplified or not shown. If someone simply picks up this code and puts it into a production system without a second thought – then I would say that system has bigger problems than passwords stored in plaintext 🙂 Hope that makes sense. Cheers,
          Eugen.

  • john muteti

    This ia a great job, i have been searching for user registration for long. Thankyou

  • alonso_50

    Congratulations. That was exactly what I was looking for.

  • rishi

    i cloned the registration project and then i tried to run by changing the value of persistence.properties as well as email.properties but i am always getting error related with java mail configuration error. i need help.

    • Hey Rishi – so, if you renamed the `email.properties.sample` file into `email.properties` – that’s the first step. However, if you look into the file, you’ll see the `smtp.password=` value is missing. That’s simply because you need to plugin you your own SMTP credentials there. I am usually using my gmail account, or Amazon SES – both should be fine for the project. You can of course also use a local hosted email server if you want to. Hope that clarifies things. Cheers,
      Eugen.

  • Hasan

    Thanks for this great tutorial 🙂 I wonder, Why did you use UserDto class in this tutorial. Is there any special purpose? I want to use only User class but I am not sure, I want to take your advice before when I apply in my project.

    • Hasan

      The reason is only for checking email address ??
      emailExist(String email)

  • Nguyen Thanh Hung

    how to get password which passed from login page(UI)?
    thanks!

    • Hey Nguyen – the password is accessible within the Spring Framework components – but the exact bean you can access it from depends entirely on your configuration. Hope that helps. Cheers,
      Eugen.

      • Nguyen Thanh Hung

        thanks.
        I found the way to get pasword. by using authentiacate object 🙂

  • Java Developer

    Great tutorial ! I was wondering where is the schema importing dump file from the Git repository. Is there any other mechanism to create the database tables?

    • Yeah, Hibernate just generates it out of the existing entities – for this POC. Cheers,
      Eugen.

  • Joe Yuen

    I downloaded this demo from github and am trying to run it. However I am getting this error:

    org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named ‘springSecurityFilterChain’ is defined

    Has anyone else encountered this?

    I have tried everything that is described here:

    http://www.baeldung.com/no-bean-named-springsecurityfilterchain-is-defined

    But nothing has worked.

  • misterfluffles

    Excellent article and GitHub project reference. All the scenarios ran perfectly following your README instructions first time round with DB (I used MariaDB) and Gmail after switching the mail and persistence settings per README instructions. This article and project are a real gem as I was looking exactly for this type of setup sequence and detailed walkthrough as it followed on nicely from the Spring Security Reference guides and documentation I had been using this morning when initially researching the topics. This made my day, so thank you.

  • niallg79

    Eugen. Just a small query here as code all runs fine. I noticed in the xml configuration in the article here the authentication-manager references the custom “org.baeldung.security.MyUserDetailsService” class per the user-service-ref attribute which I’d expect if using custom userDetailsService implementation. In the GitHub version I do not see that entry in the XML config.

    Can you confirm how Spring Security framework knows to use the custom class definition on the GitHub version of the code per comments in section 8.2 in this article? I can see on GitHub class at https://github.com/eugenp/tutorials/blob/master/spring-security-login-and-registration/src/main/java/org/baeldung/spring/SecSecurityConfig.java the authProvider.setUserDetailsService method passes the Autowired UserDetailsService but I don’t see where it’s then mapping to the custom myUserDetailsService class (in the way you did here in XML configuration) unless it picks up the @Service annotation name in myUserDetailsService class? Probably missing something obvious. Great series of articles.

    • That’s an interesting point. Here’s why that’s the case.
      The article shows you a simple way to do it – where you don’t need to involve a custom auth provider. Now, you can do that – and it works perfectly well, but you can also use a custom auth provider. In the actual code I did that to allow for a password encoder. But since the article isn’t focused on the password encoder, that part isn’t needed.
      So – the simple way to look at it is that both are valid and both work fine.
      A final note is that the code on github only has the XML config for reference, but doesn’t use it – it uses a Java config instead.
      Hope that answers your question.
      Cheers and keep in touch,
      Eugen.

  • darkdark

    First of all, great set of articles on Spring Security.

    I’m wondering why your implementation of UserDetailsService listed here throws a UsernameNotFoundException when the user is not in the repository, while the code on Github returns a “fake” user with empty email and password?

    • Hey Dark – that should have been fixed – it was a bug. Should be sorted out now over on github – thanks for pointing it out. Cheers and keep in touch,
      Eugen.

  • Ondrej Tokár

    Thank you for the article, really great. Do you know if there is anything like that for Spring Boot? All I found so far was OAuth with FB and GitHub.

    • Hey Ondrej – first, I’m glad you like article.
      I’m not quite sure I follow – is there anything like what in Spring Boot? You can definitely make good use of Boot to built out a full registration process, if that’s what you’re asking – but there’s no out-of-the-box solution, you’ll have to build it yourself (much like I did here).
      Hope that answers your question, but definitely let me know if not. Cheers,
      Eugen.

      • Ondrej Tokár

        Thank you for your answer Eugen. I can see your solution uses normal Spring framework, I was hoping I could use Spring Boot. I thought it has kind of out-of-box solution for that. I only found this API, not from Spring though, https://stormpath.com/blog/build-spring-boot-spring-security-app/.

        • That makes sense, and I might convert the project to use Boot at some point, but keep in mind that, besides some config cleanup, there wouldn’t really be a huge impact. Most of the implementation would stay exactly the same with or without Boot.
          Cheers,
          Eugen.

  • monarki

    Thank you for a great article!

    Just a question, when I import the security registration and login from github and run it I get the following error: org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named ‘springSecurityFilterChain’ is defined

    I guess this is because it can’t find the webSecurityConfig.xml file. I tried to add @ImportResource({“classpath:webSecurityConfig.xml”}) to the SecSecurityConfig class but I still get the same error. Thankful for your reply!

    • Hey Monarki,
      First – there are a few potential reasons why you might see that exception. But, just to double check – are you sure you’re using the current version of the code? I’m able to deploy the project just fine locally. Cheers,
      Eugen.

  • So, you do have to set up the email.properties file (as the Readme suggests), but once you do that, you should be good to go. If you’re still seeing the exception, please go ahead and open a Github issue with the full details and I’ll have a second look. Cheers,
    Eugen.

  • Brix Rep

    Hi,
    First thank you for a great full blown example of the
    registration project! I managed to get it going in eclipse, but the
    problem I have is that when I try to load the page into a web browser, I
    get asked for credentials immediately through the browser popup: “A
    username and password are being requested by http://localhost:8080. The
    site says: “Spring””. I can see that in SecSecurityConfig.java some of
    the pages are set to be “open” but I cannot reach any of those. In every
    case I get the same error. I also tried to create a simple test project
    and was able to run it just fine. Not able to fix this for couple of
    days already. Any idea? Thanks again!

  • Roshan

    I have downloaded this code and tried to run using this URl as : http://localhost:8080/spring-security-login-and-registration/login.
    But , every time, its showing the error as The requested resource (/spring-security-login-and-registration/login) is not available.
    Could you please me to figure out this?

    • Hey Roshan – the reason that’s slightly different now is that I moved the project. I assume you’re using the project linked from at the end of the article – have a look at that and notice it’s named differently. So, the URL should now be reflecting the new name. Everything else is of course the same.
      Hope that clears things up. Cheers,
      Eugen.

      • Roshan

        Although I changed the project name as “spring-security-login-and-registration” in eclipse, still it is showing the same error as before.

  • Varun

    Thank you for this wonderful project. I have a question, when I register as a new user, it sends me a url for account activation. But when I do click the url it redirects me to blank page and nothing happens. Otherwise the code works and updating the table gives me access to admin pages but the url for account activation seems broken or I might be wrong. Do I need to tweak anything to get it working. Thanks in advance.

    • Varun

      Hi, its just the naming had been wrong. Few places it was regitrationConfirm and registrationConfirm at the other. Fixing it worked. Thanks

  • Amritpreet Singh

    Hi there,

    I cannot find WEB-INF under webapp from GIT project. What am I doing wrong?

    • That’s because it’s a Spring Boot app and it doesn’t need one. You’re not doing anything wrong, you can find the class named Application and simply run the project using it.
      Hope that helps. Cheers,
      Eugen.

  • Adam Konarski

    I am trying to add to this tutorial OAuth2 authentication to expose some API. It works almost as I want except one thing. When I try to obtain token implicit way through http://…/oauth/authorize?client… endpoint there is a redirect to login page and after successful login another redirect to homepage because of this configuration element: “successHandler(myAuthenticationSuccessHandler)”. This is not expected behavior because I would like to get redirect to “redurect_url” with token as a part of this URL. To achieve this I have to comment part with successHandler(myAuthenticationSuccessHandler). However, then normal user that tries to login after success sees once again login page. How and where should I distinguish between normal user that tries to login and see homepage and service that would like to act on behalf of user and obtain token and not be redirected to homepage?

    • Hey Adam, that’s certainly an interesting question, but it’s also one that’s difficult to debug just from the comment here.
      My suggestion is – if you’re doing an OAuth2 implementation – start from a working implementation (I have a couple that are available on Github) and then work the registration logic in. That way you always keep the focus on the core – which is a bit more complex – and add registration logic cleanly, on top of it.
      Hope that helps. Cheers,
      Eugen.

      • Adam Konarski

        Your registration tutorial is so complete that I have decided to make it the starting point for my project. Adding OAuth2 is in fact related just to adding some configuration because of spring security oauth. I’ve learned most of this configuration from your tutorials. However, there is still this one thing to merge them. It is quite confusing because this part of configuration seems to be different in each tutorial.

        • Yeah, I’m glad that’s the case – that was the whole point in crafting an entire series around registration.
          The reason I was suggesting starting with OAuth was that – registration is quite a bit of code, yes, but it’s easy to add.
          OAuth on the other hand is less code, but higher complexity (especially if you don’t have a very solid grasp over the lower level security details and the implementation).
          So, even though it’s a bit more work, it may simply be easier to start with an OAuth2 implementation that’s fully working and that you’re happy with, understand that well – and then start adding registration.

  • Jim Clayson

    Have been trying to get the back-end authentication integrated(part 8 of this article). It seems there are discrepencies between the article’s and the git repo code.

    Specifically, ‘user.getRole()’ is a method which doesn’t exist in the User object(git repo copy). Yet it is invoked within the article example code. i.e. ‘user.getRole().getRole()’.

    Even if the first ‘user.getRole()’ is a typo, it still doesn’t bear out the following call of getRole(). Not as far as I can see, anyway.

    Any help is appreciated.

    • Hey Jim – looking into it, thanks for letting me know.
      Cheers,
      Eugen.

    • Hey Jim – quick update here – the article should now be updated to better reflect the improvements in the codebase. Thanks again for pointing it out. Cheers,

      Eugen.

  • Akhil B S

    Can you please tell me how to build this and deploy.

    • Hey Akhil – the project is using Maven, so the build process is the standard one. It’s also a Spring Boot project, so you can deploy it via the Application class. Have a look at the readme of the project as well (I just added the deployment info).
      Cheers,
      Eugen.