Book Image

Full Stack Development with JHipster - Second Edition

By : Deepu K Sasidharan, Sendil Kumar Nellaiyapen
Book Image

Full Stack Development with JHipster - Second Edition

By: Deepu K Sasidharan, Sendil Kumar Nellaiyapen

Overview of this book

JHipster is an open source development platform that allows you to easily create web apps and microservices from scratch without spending time on wiring and integrating different technologies. Updated to include JHipster 6, Java 11, Spring Boot 2.1, Vue.js, and Istio, this second edition of Full Stack Development with JHipster will help you build full stack applications and microservices seamlessly. You'll start by understanding JHipster and its associated tools, along with the essentials of full stack development, before building a monolithic web app. You'll then learn the JHipster Domain Language (JDL) with entity modeling using JDL-Studio. With this book, you'll create production-ready web apps using Spring Boot, Spring Framework, Angular, and Bootstrap, and run tests and set up continuous integration pipelines with Jenkins. As you advance, you'll learn how to convert your monoliths to microservices and how to package your application for production with various deployment options, including Heroku and Google Cloud. You'll also learn about Docker and Kubernetes, along with an introduction to the Istio service mesh. Finally, you'll build your client-side with React and Vue.js and discover JHipster's best practices. By the end of the book, you'll be able to leverage the best tools available to build modern web apps.
Table of Contents (23 chapters)
1
Section 1: Getting Started with the JHipster Platform
4
Section 2: Building and Customizing Web Applications with JHipster
8
Section 3: Continuous Integration and Testing
11
Section 4: Converting Monoliths to Microservice Architecture
15
Section 5: Deployment of Microservices
18
Section 6: React and Vue.js for the Client Side

Authorization with Spring Security

As you may have noticed, when it comes to generated code, JHipster doesn't provide much in terms of role-based security, authorization management, and so on. This is intentional, as these heavily depend on the use case and are most often associated with the business logic of the application. So, it would be better if these features were hand-coded by the developers as part of the business code.

Normal users have ROLE_USER and admin users have ROLE_ADMIN assigned in their user management. For our use case, there are a few security holes that we need to take care of:

  • Normal users should only have access to view the product listing, product orders, order items, invoices, and shipments.
  • Normal users should not have access to create/edit/delete entities via the CRUD API.
  • Normal users should not be able to access the product orders, order items...