A database table is used as data source for the access data.
- Name of the database table - The table name can be chosen freely, usually USER.
Required fields - The following data fields are obligatory:
Required fields Data type Explanation USERNAME String Saves the username as a string. PASSWORD byte[] Saves the password as a byte array, usually encrypted. Data structure generated by RapidClipse
Entities
Attribute Data type Explanation username String Saves the username as a string. password byte[] Saves the password as a byte array, usually encrypted. Data Access
UserDAO
RoleDAO
ResourceDAO
- Additional data fields - If required, the USER table can also include other data fields, since they are not relevant for authentication. Frequently used information about a user include e-mail, status (enabled or disabled), image, time zone, last session, IP address, URL for a log file, etc.
- Dealing with an existing USER table - If you already have a table for managing users in your database, make sure that there is an appropriate entity with corresponding DAO in your Project Management in Entities or Data Access. If not, you can generate the missing entity and DAO with the Create JPA entities from table import function. Different table and field names are no problem because the mapping is performed later.
- User Entity already exists - Select your existing User entity.
No User Entity available yet - Click /wiki/spaces/DOC/pages/31850645New Entity... to create a new User entity, including the UserDAO DAO. - Select the attribute for the username under Mapping > Username.
- Select the attribute for the password under Mapping > Password.
- Select the encryption algorithm for the password under Settings > Password hashing strategy, e.g. PBKDF2WithHmacSHA1.
- Click Finish.
Go to authorize
Create database table USER - A corresponding table has to be created for the new User entity in the USER database. For this, RapidClipse offers an export feature.
...
Save encrypted password
Code Block language java theme Confluence String password = this.passwordField.getValue(); byte[] encryptedPassword = new HashStrategy.SHA2().hashPassword(pw.getBytes()); User user = new User(); user.setPassword(encryptedPassword); try { new UserDAO().save(user); } catch (Exception e) { // TODO: handle exception }
Note:
- Save password and edit - Forms are commonly used for both storing and editing data. However, for storing and editing passwords, you need to create different forms. When saving, the password is entered into the database table encrypted so that you will always receive an encrypted password during reading access. Re-saving would encrypt the already encrypted password again and thus it would be invalid.
- Enter passwords in the database manually