Simple (Authenticator & Authorizor)

The simple in-memory implementation, allows both authentication and authorization to be evaluated against a user provided SimpleRealm object.

Maven pom.xml

Dependency Management

If your application inherits from the Apache Causeway starter app (org.apache.causeway.app:causeway-app-starter-parent) then that will define the version automatically:

pom.xml
<parent>
    <groupId>org.apache.causeway.app</groupId>
    <artifactId>causeway-app-starter-parent</artifactId>
    <version>2.1.0</version>
    <relativePath/>
</parent>

Alternatively, import the core BOM. This is usually done in the top-level parent pom of your application:

pom.xml
<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.apache.causeway.core</groupId>
            <artifactId>causeway-core</artifactId>
            <version>2.1.0</version>
            <scope>import</scope>
            <type>pom</type>
        </dependency>
    </dependencies>
</dependencyManagement>

Dependency

In the webapp module of your application, add the following dependency:

pom.xml
<dependencies>
    <dependency>
        <groupId>org.apache.causeway.mavendeps</groupId>
        <artifactId>causeway-mavendeps-webapp</artifactId>
        <type>pom</type>
    </dependency>
</dependencies>

Note that this transitively includes the Wicket viewer module (org.apache.causeway.viewer:causeway-viewer-wicket-viewer in your app).

Update AppManifest

In your application’s AppManifest (top-level Spring @Configuration used to bootstrap the app), import the

AppManifest.java
@Configuration
@Import({
        ...
        CausewayModuleSecuritySimple.class,
        ...
})
public class AppManifest {

  @Bean
  public SimpleRealm simpleRealm() {
    return new SimpleRealm()
    //roles
    .addRole("admin_role", id->Grant.CHANGE)
    .addRole("order_role", id->
        id.getFullIdentityString().contains("Order")
            ? Grant.CHANGE
            : Grant.NONE)
    .addRole("customer_role", id->
        id.getFullIdentityString().contains("Customer")
            ? Grant.CHANGE
            : Grant.NONE)
    .addRole("reader_role", id->
        id.getFullIdentityString().contains("TopSecret")
            ? Grant.NONE
            : Grant.READ)
    //users
    .addUser("sven", pwdhash, List.of("admin_role"))
    .addUser("dick", pwdhash, List.of("reader_role", "order_role"))
    .addUser("bob", pwdhash, List.of("reader_role", "customer_role"))
    .addUser("joe", pwdhash, List.of("reader_role"));
  }
}

Make sure that no other CausewayModuleSecurityXxx module is imported.

In Use

With security-simple installed, you should be able to login with credentials that are validated against the SimpleRealm as configured.

Password hashes should match the org.springframework.security.crypto.password.PasswordEncoder that needs to be registered with Spring’s context.