From 9b4ee4aae3281999addc3426455288707962c3dc Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Fri, 19 Jun 2020 23:06:12 +0530
Subject: [PATCH 1/8] BAEL-4019: Exploring Java Security frameworks

---
 java-security/.gitignore                      |  4 +
 java-security/README.md                       |  8 ++
 java-security/apache-shiro/.gitignore         |  4 +
 java-security/apache-shiro/pom.xml            | 40 ++++++++
 .../java/com/baeldung/shiro/CustomRealm.java  | 92 ++++++++++++++++++
 .../com/baeldung/shiro/ShiroApplication.java  | 32 +++++++
 .../shiro/controllers/ShiroController.java    | 95 +++++++++++++++++++
 .../shiro/models/UserCredentials.java         | 28 ++++++
 .../src/main/resources/application.yml        | 16 ++++
 .../src/main/resources/templates/home.ftl     | 19 ++++
 .../src/main/resources/templates/index.ftl    | 10 ++
 .../src/main/resources/templates/login.ftl    | 25 +++++
 .../com/baeldung/shiro/SpringContextTest.java | 18 ++++
 java-security/pom.xml                         | 22 +++++
 java-security/spring-security/.gitignore      |  4 +
 java-security/spring-security/pom.xml         | 31 ++++++
 .../baeldung/springsecurity/Application.java  | 12 +++
 .../springsecurity/config/SecurityConfig.java | 45 +++++++++
 .../springsecurity/web/SpringController.java  | 79 +++++++++++++++
 .../src/main/resources/application.yml        | 12 +++
 .../src/main/resources/templates/home.ftl     | 20 ++++
 .../src/main/resources/templates/index.ftl    | 10 ++
 .../src/main/resources/templates/login.ftl    | 26 +++++
 .../springsecurity/SpringContextTest.java     | 17 ++++
 24 files changed, 669 insertions(+)
 create mode 100644 java-security/.gitignore
 create mode 100644 java-security/README.md
 create mode 100644 java-security/apache-shiro/.gitignore
 create mode 100644 java-security/apache-shiro/pom.xml
 create mode 100644 java-security/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
 create mode 100644 java-security/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
 create mode 100644 java-security/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
 create mode 100644 java-security/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
 create mode 100644 java-security/apache-shiro/src/main/resources/application.yml
 create mode 100644 java-security/apache-shiro/src/main/resources/templates/home.ftl
 create mode 100644 java-security/apache-shiro/src/main/resources/templates/index.ftl
 create mode 100644 java-security/apache-shiro/src/main/resources/templates/login.ftl
 create mode 100644 java-security/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
 create mode 100644 java-security/pom.xml
 create mode 100644 java-security/spring-security/.gitignore
 create mode 100644 java-security/spring-security/pom.xml
 create mode 100644 java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java
 create mode 100644 java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
 create mode 100644 java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java
 create mode 100644 java-security/spring-security/src/main/resources/application.yml
 create mode 100644 java-security/spring-security/src/main/resources/templates/home.ftl
 create mode 100644 java-security/spring-security/src/main/resources/templates/index.ftl
 create mode 100644 java-security/spring-security/src/main/resources/templates/login.ftl
 create mode 100644 java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java

diff --git a/java-security/.gitignore b/java-security/.gitignore
new file mode 100644
index 0000000000..020cda4898
--- /dev/null
+++ b/java-security/.gitignore
@@ -0,0 +1,4 @@
+
+/.idea/
+/target/
+/apache-shiro.iml
\ No newline at end of file
diff --git a/java-security/README.md b/java-security/README.md
new file mode 100644
index 0000000000..bdf020ac4c
--- /dev/null
+++ b/java-security/README.md
@@ -0,0 +1,8 @@
+## Java Security
+
+This module contains articles about Java security frameworks
+
+### Relevant articles:
+
+
+
diff --git a/java-security/apache-shiro/.gitignore b/java-security/apache-shiro/.gitignore
new file mode 100644
index 0000000000..020cda4898
--- /dev/null
+++ b/java-security/apache-shiro/.gitignore
@@ -0,0 +1,4 @@
+
+/.idea/
+/target/
+/apache-shiro.iml
\ No newline at end of file
diff --git a/java-security/apache-shiro/pom.xml b/java-security/apache-shiro/pom.xml
new file mode 100644
index 0000000000..ad8bf67afc
--- /dev/null
+++ b/java-security/apache-shiro/pom.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>apache-shiro</artifactId>
+    <name>apache-shiro</name>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>java-security</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-freemarker</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-spring-boot-web-starter</artifactId>
+            <version>${apache-shiro-core-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-core</artifactId>
+            <version>${apache-shiro-core-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jcl-over-slf4j</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+    </dependencies>
+
+    <properties>
+        <apache-shiro-core-version>1.5.3</apache-shiro-core-version>
+    </properties>
+
+</project>
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
new file mode 100644
index 0000000000..d911f37c20
--- /dev/null
+++ b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
@@ -0,0 +1,92 @@
+package com.baeldung.shiro;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authc.UnknownAccountException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.jdbc.JdbcRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+
+public class CustomRealm extends JdbcRealm {
+
+    private Map<String, String> credentials = new HashMap<>();
+    private Map<String, Set<String>> roles = new HashMap<>();
+    private Map<String, Set<String>> permissions = new HashMap<>();
+
+    {
+        credentials.put("Tom", "password");
+        credentials.put("Jerry", "password");
+
+        roles.put("Jerry", new HashSet<>(Arrays.asList("ADMIN")));
+        roles.put("Tom", new HashSet<>(Arrays.asList("USER")));
+
+        permissions.put("ADMIN", new HashSet<>(Arrays.asList("READ", "WRITE")));
+        permissions.put("USER", new HashSet<>(Arrays.asList("READ")));
+    }
+
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+
+        UsernamePasswordToken userToken = (UsernamePasswordToken) token;
+
+        if (userToken.getUsername() == null || userToken.getUsername()
+            .isEmpty() || !credentials.containsKey(userToken.getUsername())) {
+            throw new UnknownAccountException("User doesn't exist");
+        }
+
+        return new SimpleAuthenticationInfo(userToken.getUsername(), credentials.get(userToken.getUsername()), getName());
+    }
+
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        Set<String> roles = new HashSet<>();
+        Set<String> permissions = new HashSet<>();
+
+        for (Object user : principals) {
+            try {
+                roles.addAll(getRoleNamesForUser(null, (String) user));
+                permissions.addAll(getPermissions(null, null, roles));
+            } catch (SQLException e) {
+                e.printStackTrace();
+            }
+        }
+        SimpleAuthorizationInfo authInfo = new SimpleAuthorizationInfo(roles);
+        authInfo.setStringPermissions(permissions);
+        return authInfo;
+    }
+
+    @Override
+    protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException {
+        if (!roles.containsKey(username)) {
+            throw new SQLException("User doesn't exist");
+        }
+        return roles.get(username);
+    }
+
+    @Override
+    protected Set<String> getPermissions(Connection conn, String username, Collection<String> roles) throws SQLException {
+        Set<String> userPermissions = new HashSet<>();
+
+        for (String role : roles) {
+            if (!permissions.containsKey(role)) {
+                throw new SQLException("Role doesn't exist");
+            }
+            userPermissions.addAll(permissions.get(role));
+        }
+        return userPermissions;
+    }
+
+}
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
new file mode 100644
index 0000000000..16c50ff1c5
--- /dev/null
+++ b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
@@ -0,0 +1,32 @@
+package com.baeldung.shiro;
+
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
+import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
+
+@SpringBootApplication
+public class ShiroApplication {
+
+    public static void main(String... args) {
+        SpringApplication.run(ShiroApplication.class, args);
+    }
+
+    @Bean
+    public Realm realm() {
+        return new CustomRealm();
+    }
+
+    @Bean
+    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
+        DefaultShiroFilterChainDefinition filter = new DefaultShiroFilterChainDefinition();
+
+        filter.addPathDefinition("/home", "authc");
+        filter.addPathDefinition("/**", "anon");
+
+        return filter;
+    }
+
+}
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
new file mode 100644
index 0000000000..8e9403d3d3
--- /dev/null
+++ b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
@@ -0,0 +1,95 @@
+package com.baeldung.shiro.controllers;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.subject.Subject;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+import com.baeldung.shiro.models.UserCredentials;
+
+@Controller
+public class ShiroController {
+
+    @GetMapping("/")
+    public String index() {
+        return "index";
+    }
+
+    @GetMapping("/login")
+    public String showLoginPage() {
+        return "login";
+    }
+
+    @PostMapping("/login")
+    public String doLogin(HttpServletRequest req, UserCredentials credentials, RedirectAttributes attr) {
+
+        Subject subject = SecurityUtils.getSubject();
+
+        if (!subject.isAuthenticated()) {
+            UsernamePasswordToken token = new UsernamePasswordToken(credentials.getUsername(), credentials.getPassword());
+            try {
+                subject.login(token);
+            } catch (AuthenticationException ae) {
+                ae.printStackTrace();
+                attr.addFlashAttribute("error", "Invalid Credentials");
+                return "redirect:/login";
+            }
+        }
+        return "redirect:/home";
+    }
+
+    @GetMapping("/home")
+    public String getMeHome(Model model) {
+
+        addUserAttributes(model);
+
+        return "home";
+    }
+
+    @GetMapping("/admin")
+    public String adminOnly(Model model) {
+        addUserAttributes(model);
+
+        Subject currentUser = SecurityUtils.getSubject();
+        if (currentUser.hasRole("ADMIN")) {
+            model.addAttribute("adminContent", "only admin can view this");
+        }
+        return "home";
+    }
+
+    @PostMapping("/logout")
+    public String logout() {
+        Subject subject = SecurityUtils.getSubject();
+        subject.logout();
+        return "redirect:/";
+    }
+
+    private void addUserAttributes(Model model) {
+        Subject currentUser = SecurityUtils.getSubject();
+        String permission = "";
+
+        if (currentUser.hasRole("ADMIN")) {
+            model.addAttribute("role", "ADMIN");
+        } else if (currentUser.hasRole("USER")) {
+            model.addAttribute("role", "USER");
+        }
+
+        if (currentUser.isPermitted("READ")) {
+            permission = permission + " READ";
+        }
+
+        if (currentUser.isPermitted("WRITE")) {
+            permission = permission + " WRITE";
+        }
+        model.addAttribute("username", currentUser.getPrincipal());
+        model.addAttribute("permission", permission);
+    }
+
+}
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
new file mode 100644
index 0000000000..5dbafa30ec
--- /dev/null
+++ b/java-security/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
@@ -0,0 +1,28 @@
+package com.baeldung.shiro.models;
+
+public class UserCredentials {
+
+    private String username;
+    private String password;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    @Override
+    public String toString() {
+        return "username = " + getUsername();
+    }
+}
diff --git a/java-security/apache-shiro/src/main/resources/application.yml b/java-security/apache-shiro/src/main/resources/application.yml
new file mode 100644
index 0000000000..509f655919
--- /dev/null
+++ b/java-security/apache-shiro/src/main/resources/application.yml
@@ -0,0 +1,16 @@
+server:
+  port: 8081
+
+logging:
+  level:
+    root: WARN
+    org.springframework.web: INFO
+
+shiro:
+  loginUrl: /login
+  successUrl: /home
+  unauthorizedUrl: /login
+
+spring:
+  freemarker:
+    suffix: .ftl
\ No newline at end of file
diff --git a/java-security/apache-shiro/src/main/resources/templates/home.ftl b/java-security/apache-shiro/src/main/resources/templates/home.ftl
new file mode 100644
index 0000000000..37eb3d1812
--- /dev/null
+++ b/java-security/apache-shiro/src/main/resources/templates/home.ftl
@@ -0,0 +1,19 @@
+<html>
+<head>
+    <title>Home Page</title>
+</head>
+<body style="margin-left: 30px;">
+<h1>Welcome ${username}!</h1>
+<p><strong>Role</strong>: ${role}</p>
+<p><strong>Permissions</strong></p>
+<p>${permission}</p>
+<a href="/admin">Admin only</a>
+<#if adminContent??>
+  ${adminContent}
+</#if>
+<br>
+<form role="form" action="/logout" method="POST">
+   <input type="Submit" value="Logout" />
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/java-security/apache-shiro/src/main/resources/templates/index.ftl b/java-security/apache-shiro/src/main/resources/templates/index.ftl
new file mode 100644
index 0000000000..0210d656fc
--- /dev/null
+++ b/java-security/apache-shiro/src/main/resources/templates/index.ftl
@@ -0,0 +1,10 @@
+<html>
+<head>
+    <title>Index</title>
+</head>
+<body>
+    <h1>Welcome Guest!</h1>
+    <br>
+    <a href="/login">Login</a>
+</body>
+</html>
\ No newline at end of file
diff --git a/java-security/apache-shiro/src/main/resources/templates/login.ftl b/java-security/apache-shiro/src/main/resources/templates/login.ftl
new file mode 100644
index 0000000000..7340f47204
--- /dev/null
+++ b/java-security/apache-shiro/src/main/resources/templates/login.ftl
@@ -0,0 +1,25 @@
+<html>
+<head>
+    <title>Login</title>
+</head>
+<body style="margin-left: 30px;">
+<h3>Login</h3>
+<br>
+<form action="/login" method="post">
+    <#if (error?length > 0)??>
+        <p style="color:darkred;">${error}</p>
+    <#else>
+    </#if>
+
+    <label for="username">Username</label>
+    <br>
+    <input type="text" name="username">
+    <br><br>
+    <label for="password">Password</label>
+    <br>
+    <input type="password" name="password">
+    <br><br>
+    <input type="submit" value="Submit">
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/java-security/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java b/java-security/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
new file mode 100644
index 0000000000..0b5e690403
--- /dev/null
+++ b/java-security/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
@@ -0,0 +1,18 @@
+package com.baeldung.shiro;
+
+
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@SpringBootTest(classes = { ShiroApplication.class })
+public class SpringContextTest {
+
+    @Test
+    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
+
+    }
+
+}
\ No newline at end of file
diff --git a/java-security/pom.xml b/java-security/pom.xml
new file mode 100644
index 0000000000..f6e0df3990
--- /dev/null
+++ b/java-security/pom.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>java-security</artifactId>
+    <version>1.0-SNAPSHOT</version>
+    <name>java-security</name>
+    <packaging>pom</packaging>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>parent-boot-2</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>../parent-boot-2</relativePath>
+    </parent>
+
+    <modules>
+        <module>apache-shiro</module>
+        <module>spring-security</module>
+    </modules>
+
+</project>
diff --git a/java-security/spring-security/.gitignore b/java-security/spring-security/.gitignore
new file mode 100644
index 0000000000..020cda4898
--- /dev/null
+++ b/java-security/spring-security/.gitignore
@@ -0,0 +1,4 @@
+
+/.idea/
+/target/
+/apache-shiro.iml
\ No newline at end of file
diff --git a/java-security/spring-security/pom.xml b/java-security/spring-security/pom.xml
new file mode 100644
index 0000000000..a2c7430426
--- /dev/null
+++ b/java-security/spring-security/pom.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>spring-security</artifactId>
+    <name>spring-security</name>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>java-security</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-freemarker</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>
diff --git a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java
new file mode 100644
index 0000000000..318a9a52ec
--- /dev/null
+++ b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java
@@ -0,0 +1,12 @@
+package com.baeldung.springsecurity;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+}
\ No newline at end of file
diff --git a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
new file mode 100644
index 0000000000..0516c1fddb
--- /dev/null
+++ b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
@@ -0,0 +1,45 @@
+package com.baeldung.springsecurity.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests(authorize -> authorize.antMatchers("/index", "/login")
+            .permitAll()
+            .antMatchers("/home", "/logout")
+            .authenticated()
+            .antMatchers("/admin/**")
+            .hasRole("ADMIN"))
+            .formLogin(formLogin -> formLogin.loginPage("/login")
+                .failureUrl("/login-error"));
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.inMemoryAuthentication()
+            .withUser("Jerry")
+            .password(passwordEncoder().encode("password"))
+            .authorities("READ", "WRITE")
+            .roles("ADMIN")
+            .and()
+            .withUser("Tom")
+            .password(passwordEncoder().encode("password"))
+            .authorities("READ")
+            .roles("USER");
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+}
diff --git a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java
new file mode 100644
index 0000000000..d5eafaf954
--- /dev/null
+++ b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java
@@ -0,0 +1,79 @@
+package com.baeldung.springsecurity.web;
+
+import java.util.Collection;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+@Controller
+public class SpringController {
+
+    @GetMapping("/")
+    public String index() {
+        return "index";
+    }
+
+    @GetMapping("/login")
+    public String showLoginPage() {
+        return "login";
+    }
+
+    @RequestMapping("/login-error")
+    public String loginError(Model model) {
+        model.addAttribute("error", "Invalid Credentials");
+        return "login";
+    }
+
+    @PostMapping("/login")
+    public String doLogin(HttpServletRequest req) {
+        return "redirect:/home";
+    }
+
+    @GetMapping("/home")
+    public String showHomePage(HttpServletRequest req, Model model) {
+        addUserAttributes(model);
+        return "home";
+    }
+
+    @GetMapping("/admin")
+    public String adminOnly(HttpServletRequest req, Model model) {
+        addUserAttributes(model);
+        model.addAttribute("adminContent", "only admin can view this");
+        return "home";
+    }
+
+    private void addUserAttributes(Model model) {
+        Authentication auth = SecurityContextHolder.getContext()
+            .getAuthentication();
+        if (auth != null && !auth.getClass()
+            .equals(AnonymousAuthenticationToken.class)) {
+            User user = (User) auth.getPrincipal();
+            model.addAttribute("username", user.getUsername());
+
+            Collection<GrantedAuthority> authorities = user.getAuthorities();
+
+            for (GrantedAuthority authority : authorities) {
+                if (authority.getAuthority()
+                    .contains("USER")) {
+                    model.addAttribute("role", "USER");
+                    model.addAttribute("permissions", "READ");
+                } else if (authority.getAuthority()
+                    .contains("ADMIN")) {
+                    model.addAttribute("role", "ADMIN");
+                    model.addAttribute("permissions", "READ WRITE");
+                }
+            }
+        }
+    }
+
+}
diff --git a/java-security/spring-security/src/main/resources/application.yml b/java-security/spring-security/src/main/resources/application.yml
new file mode 100644
index 0000000000..d2cbd10a91
--- /dev/null
+++ b/java-security/spring-security/src/main/resources/application.yml
@@ -0,0 +1,12 @@
+server:
+  port: 8080
+
+logging:
+  level:
+    root: WARN
+    org.springframework.web: INFO
+    org.springframework.security: INFO
+
+spring:
+  freemarker:
+    suffix: .ftl
diff --git a/java-security/spring-security/src/main/resources/templates/home.ftl b/java-security/spring-security/src/main/resources/templates/home.ftl
new file mode 100644
index 0000000000..dcf6d96d50
--- /dev/null
+++ b/java-security/spring-security/src/main/resources/templates/home.ftl
@@ -0,0 +1,20 @@
+<html>
+<head>
+    <title>Home Page</title>
+</head>
+<body style="margin-left: 30px;">
+<h1>Welcome ${username}!</h1>
+<p><strong>Role</strong>: ${role}</p>
+<p><strong>Permissions</strong></p>
+<p>${permissions}</p>
+<a href="/admin">Admin only</a>
+<#if adminContent??>
+  ${adminContent}
+</#if>
+<br>
+<form role="form" action="/logout" method="POST">
+   <input type="Submit" value="Logout" />
+   <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/java-security/spring-security/src/main/resources/templates/index.ftl b/java-security/spring-security/src/main/resources/templates/index.ftl
new file mode 100644
index 0000000000..8f35c0af1b
--- /dev/null
+++ b/java-security/spring-security/src/main/resources/templates/index.ftl
@@ -0,0 +1,10 @@
+<html>
+<head>
+    <title>Index</title>
+</head>
+<body>
+    <h1>Welcome Guest!</h1>
+    <br>
+    Go to the <a href="/home">secured page
+</body>
+</html>
\ No newline at end of file
diff --git a/java-security/spring-security/src/main/resources/templates/login.ftl b/java-security/spring-security/src/main/resources/templates/login.ftl
new file mode 100644
index 0000000000..266b5dfb80
--- /dev/null
+++ b/java-security/spring-security/src/main/resources/templates/login.ftl
@@ -0,0 +1,26 @@
+<html>
+<head>
+    <title>Login</title>
+</head>
+<body style="margin-left: 30px;">
+<h3>Login</h3>
+<br>
+<form action="/login" method="post">
+    <#if (error?length > 0)??>
+        <p style="color:darkred;">${error}</p>
+    <#else>
+    </#if>
+
+    <label for="username">Username</label>
+    <br>
+    <input type="text" name="username">
+    <br><br>
+    <label for="password">Password</label>
+    <br>
+    <input type="password" name="password">
+    <br><br>
+    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
+    <input type="submit" value="Submit">
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java b/java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
new file mode 100644
index 0000000000..a3adfa30c4
--- /dev/null
+++ b/java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
@@ -0,0 +1,17 @@
+package com.baeldung.springsecurity;
+
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@SpringBootTest(classes = { Application.class })
+public class SpringContextTest {
+
+    @Test
+    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
+
+    }
+
+}
\ No newline at end of file

From 296abb0d870eab5ac3523724b3e26dd42e230e71 Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Sat, 20 Jun 2020 11:05:14 +0530
Subject: [PATCH 2/8] BAEL-4019: Renamed module to avoid name conflict

---
 .../{apache-shiro => apache-shiro-security}/.gitignore        | 0
 java-security/{apache-shiro => apache-shiro-security}/pom.xml | 4 ++--
 .../src/main/java/com/baeldung/shiro/CustomRealm.java         | 0
 .../src/main/java/com/baeldung/shiro/ShiroApplication.java    | 0
 .../java/com/baeldung/shiro/controllers/ShiroController.java  | 0
 .../main/java/com/baeldung/shiro/models/UserCredentials.java  | 0
 .../src/main/resources/application.yml                        | 0
 .../src/main/resources/templates/home.ftl                     | 0
 .../src/main/resources/templates/index.ftl                    | 0
 .../src/main/resources/templates/login.ftl                    | 0
 .../src/test/java/com/baeldung/shiro/SpringContextTest.java   | 0
 java-security/pom.xml                                         | 2 +-
 12 files changed, 3 insertions(+), 3 deletions(-)
 rename java-security/{apache-shiro => apache-shiro-security}/.gitignore (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/pom.xml (93%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/java/com/baeldung/shiro/CustomRealm.java (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/java/com/baeldung/shiro/ShiroApplication.java (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/java/com/baeldung/shiro/controllers/ShiroController.java (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/java/com/baeldung/shiro/models/UserCredentials.java (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/resources/application.yml (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/resources/templates/home.ftl (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/resources/templates/index.ftl (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/main/resources/templates/login.ftl (100%)
 rename java-security/{apache-shiro => apache-shiro-security}/src/test/java/com/baeldung/shiro/SpringContextTest.java (100%)

diff --git a/java-security/apache-shiro/.gitignore b/java-security/apache-shiro-security/.gitignore
similarity index 100%
rename from java-security/apache-shiro/.gitignore
rename to java-security/apache-shiro-security/.gitignore
diff --git a/java-security/apache-shiro/pom.xml b/java-security/apache-shiro-security/pom.xml
similarity index 93%
rename from java-security/apache-shiro/pom.xml
rename to java-security/apache-shiro-security/pom.xml
index ad8bf67afc..14468a5d49 100644
--- a/java-security/apache-shiro/pom.xml
+++ b/java-security/apache-shiro-security/pom.xml
@@ -2,8 +2,8 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <artifactId>apache-shiro</artifactId>
-    <name>apache-shiro</name>
+    <artifactId>apache-shiro-security</artifactId>
+    <name>apache-shiro-security</name>
 
     <parent>
         <groupId>com.baeldung</groupId>
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
similarity index 100%
rename from java-security/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
rename to java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/ShiroApplication.java
similarity index 100%
rename from java-security/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
rename to java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/ShiroApplication.java
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
similarity index 100%
rename from java-security/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
rename to java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
diff --git a/java-security/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/models/UserCredentials.java
similarity index 100%
rename from java-security/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
rename to java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/models/UserCredentials.java
diff --git a/java-security/apache-shiro/src/main/resources/application.yml b/java-security/apache-shiro-security/src/main/resources/application.yml
similarity index 100%
rename from java-security/apache-shiro/src/main/resources/application.yml
rename to java-security/apache-shiro-security/src/main/resources/application.yml
diff --git a/java-security/apache-shiro/src/main/resources/templates/home.ftl b/java-security/apache-shiro-security/src/main/resources/templates/home.ftl
similarity index 100%
rename from java-security/apache-shiro/src/main/resources/templates/home.ftl
rename to java-security/apache-shiro-security/src/main/resources/templates/home.ftl
diff --git a/java-security/apache-shiro/src/main/resources/templates/index.ftl b/java-security/apache-shiro-security/src/main/resources/templates/index.ftl
similarity index 100%
rename from java-security/apache-shiro/src/main/resources/templates/index.ftl
rename to java-security/apache-shiro-security/src/main/resources/templates/index.ftl
diff --git a/java-security/apache-shiro/src/main/resources/templates/login.ftl b/java-security/apache-shiro-security/src/main/resources/templates/login.ftl
similarity index 100%
rename from java-security/apache-shiro/src/main/resources/templates/login.ftl
rename to java-security/apache-shiro-security/src/main/resources/templates/login.ftl
diff --git a/java-security/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java b/java-security/apache-shiro-security/src/test/java/com/baeldung/shiro/SpringContextTest.java
similarity index 100%
rename from java-security/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
rename to java-security/apache-shiro-security/src/test/java/com/baeldung/shiro/SpringContextTest.java
diff --git a/java-security/pom.xml b/java-security/pom.xml
index f6e0df3990..b09fdf4b4a 100644
--- a/java-security/pom.xml
+++ b/java-security/pom.xml
@@ -15,7 +15,7 @@
     </parent>
 
     <modules>
-        <module>apache-shiro</module>
+        <module>apache-shiro-security</module>
         <module>spring-security</module>
     </modules>
 

From bd617e9cae4cd2ccdc2a5f94b9083ae82150e6ed Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Sat, 20 Jun 2020 13:32:18 +0530
Subject: [PATCH 3/8] BAEL-4019: Updated README

---
 java-security/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java-security/README.md b/java-security/README.md
index bdf020ac4c..23f4b6f00a 100644
--- a/java-security/README.md
+++ b/java-security/README.md
@@ -1,6 +1,6 @@
 ## Java Security
 
-This module contains articles about Java security frameworks
+This module contains articles about Java Security frameworks
 
 ### Relevant articles:
 

From 6c6dc6b1592ea14d3b78343d1c17e1c41b2ee3da Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Fri, 3 Jul 2020 19:43:33 +0530
Subject: [PATCH 4/8] BAEL-4019: Added logger to log exceptions

---
 .../src/main/java/com/baeldung/shiro/CustomRealm.java       | 6 +++++-
 .../com/baeldung/shiro/controllers/ShiroController.java     | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
index d911f37c20..f1daed45aa 100644
--- a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
+++ b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
@@ -19,8 +19,12 @@ import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
 import org.apache.shiro.realm.jdbc.JdbcRealm;
 import org.apache.shiro.subject.PrincipalCollection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public class CustomRealm extends JdbcRealm {
+    
+    private Logger logger = LoggerFactory.getLogger(CustomRealm.class);
 
     private Map<String, String> credentials = new HashMap<>();
     private Map<String, Set<String>> roles = new HashMap<>();
@@ -60,7 +64,7 @@ public class CustomRealm extends JdbcRealm {
                 roles.addAll(getRoleNamesForUser(null, (String) user));
                 permissions.addAll(getPermissions(null, null, roles));
             } catch (SQLException e) {
-                e.printStackTrace();
+                logger.error(e.getMessage());
             }
         }
         SimpleAuthorizationInfo authInfo = new SimpleAuthorizationInfo(roles);
diff --git a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
index 8e9403d3d3..747bc3e924 100644
--- a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
+++ b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
@@ -6,6 +6,8 @@ import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.subject.Subject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -16,6 +18,8 @@ import com.baeldung.shiro.models.UserCredentials;
 
 @Controller
 public class ShiroController {
+    
+    private Logger logger = LoggerFactory.getLogger(ShiroController.class);
 
     @GetMapping("/")
     public String index() {
@@ -37,7 +41,7 @@ public class ShiroController {
             try {
                 subject.login(token);
             } catch (AuthenticationException ae) {
-                ae.printStackTrace();
+                logger.error(ae.getMessage());
                 attr.addFlashAttribute("error", "Invalid Credentials");
                 return "redirect:/login";
             }

From 1aef63a59dcdd8c731bba5573ee400391b6f80eb Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Thu, 9 Jul 2020 17:59:22 +0530
Subject: [PATCH 5/8] BAEL-4019: removed new module java-security

---
 java-security/.gitignore                      |  4 -
 java-security/README.md                       |  8 --
 .../apache-shiro-security/.gitignore          |  4 -
 java-security/apache-shiro-security/pom.xml   | 40 --------
 .../java/com/baeldung/shiro/CustomRealm.java  | 96 ------------------
 .../com/baeldung/shiro/ShiroApplication.java  | 32 ------
 .../shiro/controllers/ShiroController.java    | 99 -------------------
 .../shiro/models/UserCredentials.java         | 28 ------
 .../src/main/resources/application.yml        | 16 ---
 .../src/main/resources/templates/home.ftl     | 19 ----
 .../src/main/resources/templates/index.ftl    | 10 --
 .../src/main/resources/templates/login.ftl    | 25 -----
 .../com/baeldung/shiro/SpringContextTest.java | 18 ----
 java-security/pom.xml                         | 22 -----
 java-security/spring-security/.gitignore      |  4 -
 java-security/spring-security/pom.xml         | 31 ------
 .../baeldung/springsecurity/Application.java  | 12 ---
 .../springsecurity/config/SecurityConfig.java | 45 ---------
 .../springsecurity/web/SpringController.java  | 79 ---------------
 .../src/main/resources/application.yml        | 12 ---
 .../src/main/resources/templates/home.ftl     | 20 ----
 .../src/main/resources/templates/index.ftl    | 10 --
 .../src/main/resources/templates/login.ftl    | 26 -----
 .../springsecurity/SpringContextTest.java     | 17 ----
 24 files changed, 677 deletions(-)
 delete mode 100644 java-security/.gitignore
 delete mode 100644 java-security/README.md
 delete mode 100644 java-security/apache-shiro-security/.gitignore
 delete mode 100644 java-security/apache-shiro-security/pom.xml
 delete mode 100644 java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
 delete mode 100644 java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/ShiroApplication.java
 delete mode 100644 java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
 delete mode 100644 java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/models/UserCredentials.java
 delete mode 100644 java-security/apache-shiro-security/src/main/resources/application.yml
 delete mode 100644 java-security/apache-shiro-security/src/main/resources/templates/home.ftl
 delete mode 100644 java-security/apache-shiro-security/src/main/resources/templates/index.ftl
 delete mode 100644 java-security/apache-shiro-security/src/main/resources/templates/login.ftl
 delete mode 100644 java-security/apache-shiro-security/src/test/java/com/baeldung/shiro/SpringContextTest.java
 delete mode 100644 java-security/pom.xml
 delete mode 100644 java-security/spring-security/.gitignore
 delete mode 100644 java-security/spring-security/pom.xml
 delete mode 100644 java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java
 delete mode 100644 java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
 delete mode 100644 java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java
 delete mode 100644 java-security/spring-security/src/main/resources/application.yml
 delete mode 100644 java-security/spring-security/src/main/resources/templates/home.ftl
 delete mode 100644 java-security/spring-security/src/main/resources/templates/index.ftl
 delete mode 100644 java-security/spring-security/src/main/resources/templates/login.ftl
 delete mode 100644 java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java

diff --git a/java-security/.gitignore b/java-security/.gitignore
deleted file mode 100644
index 020cda4898..0000000000
--- a/java-security/.gitignore
+++ /dev/null
@@ -1,4 +0,0 @@
-
-/.idea/
-/target/
-/apache-shiro.iml
\ No newline at end of file
diff --git a/java-security/README.md b/java-security/README.md
deleted file mode 100644
index 23f4b6f00a..0000000000
--- a/java-security/README.md
+++ /dev/null
@@ -1,8 +0,0 @@
-## Java Security
-
-This module contains articles about Java Security frameworks
-
-### Relevant articles:
-
-
-
diff --git a/java-security/apache-shiro-security/.gitignore b/java-security/apache-shiro-security/.gitignore
deleted file mode 100644
index 020cda4898..0000000000
--- a/java-security/apache-shiro-security/.gitignore
+++ /dev/null
@@ -1,4 +0,0 @@
-
-/.idea/
-/target/
-/apache-shiro.iml
\ No newline at end of file
diff --git a/java-security/apache-shiro-security/pom.xml b/java-security/apache-shiro-security/pom.xml
deleted file mode 100644
index 14468a5d49..0000000000
--- a/java-security/apache-shiro-security/pom.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <artifactId>apache-shiro-security</artifactId>
-    <name>apache-shiro-security</name>
-
-    <parent>
-        <groupId>com.baeldung</groupId>
-        <artifactId>java-security</artifactId>
-        <version>1.0-SNAPSHOT</version>
-    </parent>
-
-    <dependencies>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-freemarker</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.shiro</groupId>
-            <artifactId>shiro-spring-boot-web-starter</artifactId>
-            <version>${apache-shiro-core-version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.shiro</groupId>
-            <artifactId>shiro-core</artifactId>
-            <version>${apache-shiro-core-version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>jcl-over-slf4j</artifactId>
-            <scope>runtime</scope>
-        </dependency>
-    </dependencies>
-
-    <properties>
-        <apache-shiro-core-version>1.5.3</apache-shiro-core-version>
-    </properties>
-
-</project>
diff --git a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
deleted file mode 100644
index f1daed45aa..0000000000
--- a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/CustomRealm.java
+++ /dev/null
@@ -1,96 +0,0 @@
-package com.baeldung.shiro;
-
-import java.sql.Connection;
-import java.sql.SQLException;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.SimpleAuthenticationInfo;
-import org.apache.shiro.authc.UnknownAccountException;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.authz.AuthorizationInfo;
-import org.apache.shiro.authz.SimpleAuthorizationInfo;
-import org.apache.shiro.realm.jdbc.JdbcRealm;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class CustomRealm extends JdbcRealm {
-    
-    private Logger logger = LoggerFactory.getLogger(CustomRealm.class);
-
-    private Map<String, String> credentials = new HashMap<>();
-    private Map<String, Set<String>> roles = new HashMap<>();
-    private Map<String, Set<String>> permissions = new HashMap<>();
-
-    {
-        credentials.put("Tom", "password");
-        credentials.put("Jerry", "password");
-
-        roles.put("Jerry", new HashSet<>(Arrays.asList("ADMIN")));
-        roles.put("Tom", new HashSet<>(Arrays.asList("USER")));
-
-        permissions.put("ADMIN", new HashSet<>(Arrays.asList("READ", "WRITE")));
-        permissions.put("USER", new HashSet<>(Arrays.asList("READ")));
-    }
-
-    @Override
-    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
-
-        UsernamePasswordToken userToken = (UsernamePasswordToken) token;
-
-        if (userToken.getUsername() == null || userToken.getUsername()
-            .isEmpty() || !credentials.containsKey(userToken.getUsername())) {
-            throw new UnknownAccountException("User doesn't exist");
-        }
-
-        return new SimpleAuthenticationInfo(userToken.getUsername(), credentials.get(userToken.getUsername()), getName());
-    }
-
-    @Override
-    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-        Set<String> roles = new HashSet<>();
-        Set<String> permissions = new HashSet<>();
-
-        for (Object user : principals) {
-            try {
-                roles.addAll(getRoleNamesForUser(null, (String) user));
-                permissions.addAll(getPermissions(null, null, roles));
-            } catch (SQLException e) {
-                logger.error(e.getMessage());
-            }
-        }
-        SimpleAuthorizationInfo authInfo = new SimpleAuthorizationInfo(roles);
-        authInfo.setStringPermissions(permissions);
-        return authInfo;
-    }
-
-    @Override
-    protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException {
-        if (!roles.containsKey(username)) {
-            throw new SQLException("User doesn't exist");
-        }
-        return roles.get(username);
-    }
-
-    @Override
-    protected Set<String> getPermissions(Connection conn, String username, Collection<String> roles) throws SQLException {
-        Set<String> userPermissions = new HashSet<>();
-
-        for (String role : roles) {
-            if (!permissions.containsKey(role)) {
-                throw new SQLException("Role doesn't exist");
-            }
-            userPermissions.addAll(permissions.get(role));
-        }
-        return userPermissions;
-    }
-
-}
diff --git a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/ShiroApplication.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/ShiroApplication.java
deleted file mode 100644
index 16c50ff1c5..0000000000
--- a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/ShiroApplication.java
+++ /dev/null
@@ -1,32 +0,0 @@
-package com.baeldung.shiro;
-
-import org.apache.shiro.realm.Realm;
-import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
-import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.context.annotation.Bean;
-
-@SpringBootApplication
-public class ShiroApplication {
-
-    public static void main(String... args) {
-        SpringApplication.run(ShiroApplication.class, args);
-    }
-
-    @Bean
-    public Realm realm() {
-        return new CustomRealm();
-    }
-
-    @Bean
-    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
-        DefaultShiroFilterChainDefinition filter = new DefaultShiroFilterChainDefinition();
-
-        filter.addPathDefinition("/home", "authc");
-        filter.addPathDefinition("/**", "anon");
-
-        return filter;
-    }
-
-}
diff --git a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
deleted file mode 100644
index 747bc3e924..0000000000
--- a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
+++ /dev/null
@@ -1,99 +0,0 @@
-package com.baeldung.shiro.controllers;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.subject.Subject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.stereotype.Controller;
-import org.springframework.ui.Model;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.servlet.mvc.support.RedirectAttributes;
-
-import com.baeldung.shiro.models.UserCredentials;
-
-@Controller
-public class ShiroController {
-    
-    private Logger logger = LoggerFactory.getLogger(ShiroController.class);
-
-    @GetMapping("/")
-    public String index() {
-        return "index";
-    }
-
-    @GetMapping("/login")
-    public String showLoginPage() {
-        return "login";
-    }
-
-    @PostMapping("/login")
-    public String doLogin(HttpServletRequest req, UserCredentials credentials, RedirectAttributes attr) {
-
-        Subject subject = SecurityUtils.getSubject();
-
-        if (!subject.isAuthenticated()) {
-            UsernamePasswordToken token = new UsernamePasswordToken(credentials.getUsername(), credentials.getPassword());
-            try {
-                subject.login(token);
-            } catch (AuthenticationException ae) {
-                logger.error(ae.getMessage());
-                attr.addFlashAttribute("error", "Invalid Credentials");
-                return "redirect:/login";
-            }
-        }
-        return "redirect:/home";
-    }
-
-    @GetMapping("/home")
-    public String getMeHome(Model model) {
-
-        addUserAttributes(model);
-
-        return "home";
-    }
-
-    @GetMapping("/admin")
-    public String adminOnly(Model model) {
-        addUserAttributes(model);
-
-        Subject currentUser = SecurityUtils.getSubject();
-        if (currentUser.hasRole("ADMIN")) {
-            model.addAttribute("adminContent", "only admin can view this");
-        }
-        return "home";
-    }
-
-    @PostMapping("/logout")
-    public String logout() {
-        Subject subject = SecurityUtils.getSubject();
-        subject.logout();
-        return "redirect:/";
-    }
-
-    private void addUserAttributes(Model model) {
-        Subject currentUser = SecurityUtils.getSubject();
-        String permission = "";
-
-        if (currentUser.hasRole("ADMIN")) {
-            model.addAttribute("role", "ADMIN");
-        } else if (currentUser.hasRole("USER")) {
-            model.addAttribute("role", "USER");
-        }
-
-        if (currentUser.isPermitted("READ")) {
-            permission = permission + " READ";
-        }
-
-        if (currentUser.isPermitted("WRITE")) {
-            permission = permission + " WRITE";
-        }
-        model.addAttribute("username", currentUser.getPrincipal());
-        model.addAttribute("permission", permission);
-    }
-
-}
diff --git a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/models/UserCredentials.java b/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/models/UserCredentials.java
deleted file mode 100644
index 5dbafa30ec..0000000000
--- a/java-security/apache-shiro-security/src/main/java/com/baeldung/shiro/models/UserCredentials.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package com.baeldung.shiro.models;
-
-public class UserCredentials {
-
-    private String username;
-    private String password;
-
-    public String getUsername() {
-        return username;
-    }
-
-    public void setUsername(String username) {
-        this.username = username;
-    }
-
-    public String getPassword() {
-        return password;
-    }
-
-    public void setPassword(String password) {
-        this.password = password;
-    }
-
-    @Override
-    public String toString() {
-        return "username = " + getUsername();
-    }
-}
diff --git a/java-security/apache-shiro-security/src/main/resources/application.yml b/java-security/apache-shiro-security/src/main/resources/application.yml
deleted file mode 100644
index 509f655919..0000000000
--- a/java-security/apache-shiro-security/src/main/resources/application.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-server:
-  port: 8081
-
-logging:
-  level:
-    root: WARN
-    org.springframework.web: INFO
-
-shiro:
-  loginUrl: /login
-  successUrl: /home
-  unauthorizedUrl: /login
-
-spring:
-  freemarker:
-    suffix: .ftl
\ No newline at end of file
diff --git a/java-security/apache-shiro-security/src/main/resources/templates/home.ftl b/java-security/apache-shiro-security/src/main/resources/templates/home.ftl
deleted file mode 100644
index 37eb3d1812..0000000000
--- a/java-security/apache-shiro-security/src/main/resources/templates/home.ftl
+++ /dev/null
@@ -1,19 +0,0 @@
-<html>
-<head>
-    <title>Home Page</title>
-</head>
-<body style="margin-left: 30px;">
-<h1>Welcome ${username}!</h1>
-<p><strong>Role</strong>: ${role}</p>
-<p><strong>Permissions</strong></p>
-<p>${permission}</p>
-<a href="/admin">Admin only</a>
-<#if adminContent??>
-  ${adminContent}
-</#if>
-<br>
-<form role="form" action="/logout" method="POST">
-   <input type="Submit" value="Logout" />
-</form>
-</body>
-</html>
\ No newline at end of file
diff --git a/java-security/apache-shiro-security/src/main/resources/templates/index.ftl b/java-security/apache-shiro-security/src/main/resources/templates/index.ftl
deleted file mode 100644
index 0210d656fc..0000000000
--- a/java-security/apache-shiro-security/src/main/resources/templates/index.ftl
+++ /dev/null
@@ -1,10 +0,0 @@
-<html>
-<head>
-    <title>Index</title>
-</head>
-<body>
-    <h1>Welcome Guest!</h1>
-    <br>
-    <a href="/login">Login</a>
-</body>
-</html>
\ No newline at end of file
diff --git a/java-security/apache-shiro-security/src/main/resources/templates/login.ftl b/java-security/apache-shiro-security/src/main/resources/templates/login.ftl
deleted file mode 100644
index 7340f47204..0000000000
--- a/java-security/apache-shiro-security/src/main/resources/templates/login.ftl
+++ /dev/null
@@ -1,25 +0,0 @@
-<html>
-<head>
-    <title>Login</title>
-</head>
-<body style="margin-left: 30px;">
-<h3>Login</h3>
-<br>
-<form action="/login" method="post">
-    <#if (error?length > 0)??>
-        <p style="color:darkred;">${error}</p>
-    <#else>
-    </#if>
-
-    <label for="username">Username</label>
-    <br>
-    <input type="text" name="username">
-    <br><br>
-    <label for="password">Password</label>
-    <br>
-    <input type="password" name="password">
-    <br><br>
-    <input type="submit" value="Submit">
-</form>
-</body>
-</html>
\ No newline at end of file
diff --git a/java-security/apache-shiro-security/src/test/java/com/baeldung/shiro/SpringContextTest.java b/java-security/apache-shiro-security/src/test/java/com/baeldung/shiro/SpringContextTest.java
deleted file mode 100644
index 0b5e690403..0000000000
--- a/java-security/apache-shiro-security/src/test/java/com/baeldung/shiro/SpringContextTest.java
+++ /dev/null
@@ -1,18 +0,0 @@
-package com.baeldung.shiro;
-
-
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit.jupiter.SpringExtension;
-
-@ExtendWith(SpringExtension.class)
-@SpringBootTest(classes = { ShiroApplication.class })
-public class SpringContextTest {
-
-    @Test
-    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
-
-    }
-
-}
\ No newline at end of file
diff --git a/java-security/pom.xml b/java-security/pom.xml
deleted file mode 100644
index b09fdf4b4a..0000000000
--- a/java-security/pom.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <artifactId>java-security</artifactId>
-    <version>1.0-SNAPSHOT</version>
-    <name>java-security</name>
-    <packaging>pom</packaging>
-
-    <parent>
-        <groupId>com.baeldung</groupId>
-        <artifactId>parent-boot-2</artifactId>
-        <version>0.0.1-SNAPSHOT</version>
-        <relativePath>../parent-boot-2</relativePath>
-    </parent>
-
-    <modules>
-        <module>apache-shiro-security</module>
-        <module>spring-security</module>
-    </modules>
-
-</project>
diff --git a/java-security/spring-security/.gitignore b/java-security/spring-security/.gitignore
deleted file mode 100644
index 020cda4898..0000000000
--- a/java-security/spring-security/.gitignore
+++ /dev/null
@@ -1,4 +0,0 @@
-
-/.idea/
-/target/
-/apache-shiro.iml
\ No newline at end of file
diff --git a/java-security/spring-security/pom.xml b/java-security/spring-security/pom.xml
deleted file mode 100644
index a2c7430426..0000000000
--- a/java-security/spring-security/pom.xml
+++ /dev/null
@@ -1,31 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <artifactId>spring-security</artifactId>
-    <name>spring-security</name>
-
-    <parent>
-        <groupId>com.baeldung</groupId>
-        <artifactId>java-security</artifactId>
-        <version>1.0-SNAPSHOT</version>
-    </parent>
-
-    <dependencies>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-web</artifactId>
-        </dependency>
-
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-freemarker</artifactId>
-        </dependency>
-
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-        </dependency>
-    </dependencies>
-
-</project>
diff --git a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java
deleted file mode 100644
index 318a9a52ec..0000000000
--- a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/Application.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package com.baeldung.springsecurity;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-@SpringBootApplication
-public class Application {
-
-    public static void main(String[] args) {
-        SpringApplication.run(Application.class, args);
-    }
-}
\ No newline at end of file
diff --git a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
deleted file mode 100644
index 0516c1fddb..0000000000
--- a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
+++ /dev/null
@@ -1,45 +0,0 @@
-package com.baeldung.springsecurity.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-@EnableWebSecurity
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests(authorize -> authorize.antMatchers("/index", "/login")
-            .permitAll()
-            .antMatchers("/home", "/logout")
-            .authenticated()
-            .antMatchers("/admin/**")
-            .hasRole("ADMIN"))
-            .formLogin(formLogin -> formLogin.loginPage("/login")
-                .failureUrl("/login-error"));
-    }
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.inMemoryAuthentication()
-            .withUser("Jerry")
-            .password(passwordEncoder().encode("password"))
-            .authorities("READ", "WRITE")
-            .roles("ADMIN")
-            .and()
-            .withUser("Tom")
-            .password(passwordEncoder().encode("password"))
-            .authorities("READ")
-            .roles("USER");
-    }
-
-    @Bean
-    public PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
-    }
-
-}
diff --git a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java b/java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java
deleted file mode 100644
index d5eafaf954..0000000000
--- a/java-security/spring-security/src/main/java/com/baeldung/springsecurity/web/SpringController.java
+++ /dev/null
@@ -1,79 +0,0 @@
-package com.baeldung.springsecurity.web;
-
-import java.util.Collection;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.security.authentication.AnonymousAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.stereotype.Controller;
-import org.springframework.ui.Model;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-
-@Controller
-public class SpringController {
-
-    @GetMapping("/")
-    public String index() {
-        return "index";
-    }
-
-    @GetMapping("/login")
-    public String showLoginPage() {
-        return "login";
-    }
-
-    @RequestMapping("/login-error")
-    public String loginError(Model model) {
-        model.addAttribute("error", "Invalid Credentials");
-        return "login";
-    }
-
-    @PostMapping("/login")
-    public String doLogin(HttpServletRequest req) {
-        return "redirect:/home";
-    }
-
-    @GetMapping("/home")
-    public String showHomePage(HttpServletRequest req, Model model) {
-        addUserAttributes(model);
-        return "home";
-    }
-
-    @GetMapping("/admin")
-    public String adminOnly(HttpServletRequest req, Model model) {
-        addUserAttributes(model);
-        model.addAttribute("adminContent", "only admin can view this");
-        return "home";
-    }
-
-    private void addUserAttributes(Model model) {
-        Authentication auth = SecurityContextHolder.getContext()
-            .getAuthentication();
-        if (auth != null && !auth.getClass()
-            .equals(AnonymousAuthenticationToken.class)) {
-            User user = (User) auth.getPrincipal();
-            model.addAttribute("username", user.getUsername());
-
-            Collection<GrantedAuthority> authorities = user.getAuthorities();
-
-            for (GrantedAuthority authority : authorities) {
-                if (authority.getAuthority()
-                    .contains("USER")) {
-                    model.addAttribute("role", "USER");
-                    model.addAttribute("permissions", "READ");
-                } else if (authority.getAuthority()
-                    .contains("ADMIN")) {
-                    model.addAttribute("role", "ADMIN");
-                    model.addAttribute("permissions", "READ WRITE");
-                }
-            }
-        }
-    }
-
-}
diff --git a/java-security/spring-security/src/main/resources/application.yml b/java-security/spring-security/src/main/resources/application.yml
deleted file mode 100644
index d2cbd10a91..0000000000
--- a/java-security/spring-security/src/main/resources/application.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-server:
-  port: 8080
-
-logging:
-  level:
-    root: WARN
-    org.springframework.web: INFO
-    org.springframework.security: INFO
-
-spring:
-  freemarker:
-    suffix: .ftl
diff --git a/java-security/spring-security/src/main/resources/templates/home.ftl b/java-security/spring-security/src/main/resources/templates/home.ftl
deleted file mode 100644
index dcf6d96d50..0000000000
--- a/java-security/spring-security/src/main/resources/templates/home.ftl
+++ /dev/null
@@ -1,20 +0,0 @@
-<html>
-<head>
-    <title>Home Page</title>
-</head>
-<body style="margin-left: 30px;">
-<h1>Welcome ${username}!</h1>
-<p><strong>Role</strong>: ${role}</p>
-<p><strong>Permissions</strong></p>
-<p>${permissions}</p>
-<a href="/admin">Admin only</a>
-<#if adminContent??>
-  ${adminContent}
-</#if>
-<br>
-<form role="form" action="/logout" method="POST">
-   <input type="Submit" value="Logout" />
-   <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
-</form>
-</body>
-</html>
\ No newline at end of file
diff --git a/java-security/spring-security/src/main/resources/templates/index.ftl b/java-security/spring-security/src/main/resources/templates/index.ftl
deleted file mode 100644
index 8f35c0af1b..0000000000
--- a/java-security/spring-security/src/main/resources/templates/index.ftl
+++ /dev/null
@@ -1,10 +0,0 @@
-<html>
-<head>
-    <title>Index</title>
-</head>
-<body>
-    <h1>Welcome Guest!</h1>
-    <br>
-    Go to the <a href="/home">secured page
-</body>
-</html>
\ No newline at end of file
diff --git a/java-security/spring-security/src/main/resources/templates/login.ftl b/java-security/spring-security/src/main/resources/templates/login.ftl
deleted file mode 100644
index 266b5dfb80..0000000000
--- a/java-security/spring-security/src/main/resources/templates/login.ftl
+++ /dev/null
@@ -1,26 +0,0 @@
-<html>
-<head>
-    <title>Login</title>
-</head>
-<body style="margin-left: 30px;">
-<h3>Login</h3>
-<br>
-<form action="/login" method="post">
-    <#if (error?length > 0)??>
-        <p style="color:darkred;">${error}</p>
-    <#else>
-    </#if>
-
-    <label for="username">Username</label>
-    <br>
-    <input type="text" name="username">
-    <br><br>
-    <label for="password">Password</label>
-    <br>
-    <input type="password" name="password">
-    <br><br>
-    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
-    <input type="submit" value="Submit">
-</form>
-</body>
-</html>
\ No newline at end of file
diff --git a/java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java b/java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
deleted file mode 100644
index a3adfa30c4..0000000000
--- a/java-security/spring-security/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package com.baeldung.springsecurity;
-
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit.jupiter.SpringExtension;
-
-@ExtendWith(SpringExtension.class)
-@SpringBootTest(classes = { Application.class })
-public class SpringContextTest {
-
-    @Test
-    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
-
-    }
-
-}
\ No newline at end of file

From 0d5a18622d75b3fa8162c05bede6683789396871 Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Thu, 9 Jul 2020 18:03:55 +0530
Subject: [PATCH 6/8] BAEL-4019: moved code to existing module apache-shiro

---
 apache-shiro/pom.xml                          | 11 ++-
 .../java/com/baeldung/shiro/CustomRealm.java  | 96 ++++++++++++++++++
 .../com/baeldung/shiro/ShiroApplication.java  | 33 +++++++
 .../shiro/controllers/ShiroController.java    | 99 +++++++++++++++++++
 .../shiro/models/UserCredentials.java         | 28 ++++++
 .../baeldung/springsecurity/Application.java  | 19 ++++
 .../springsecurity/config/SecurityConfig.java | 45 +++++++++
 .../springsecurity/web/SpringController.java  | 79 +++++++++++++++
 .../resources/templates/comparison/home.ftl   | 19 ++++
 .../resources/templates/comparison/index.ftl  | 10 ++
 .../resources/templates/comparison/login.ftl  | 25 +++++
 .../com/baeldung/shiro/SpringContextTest.java | 18 ++++
 .../springsecurity/SpringContextTest.java     | 17 ++++
 13 files changed, 498 insertions(+), 1 deletion(-)
 create mode 100644 apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
 create mode 100644 apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
 create mode 100644 apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
 create mode 100644 apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
 create mode 100644 apache-shiro/src/main/java/com/baeldung/springsecurity/Application.java
 create mode 100644 apache-shiro/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
 create mode 100644 apache-shiro/src/main/java/com/baeldung/springsecurity/web/SpringController.java
 create mode 100644 apache-shiro/src/main/resources/templates/comparison/home.ftl
 create mode 100644 apache-shiro/src/main/resources/templates/comparison/index.ftl
 create mode 100644 apache-shiro/src/main/resources/templates/comparison/login.ftl
 create mode 100644 apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
 create mode 100644 apache-shiro/src/test/java/com/baeldung/springsecurity/SpringContextTest.java

diff --git a/apache-shiro/pom.xml b/apache-shiro/pom.xml
index 3df6283437..59bb91d400 100644
--- a/apache-shiro/pom.xml
+++ b/apache-shiro/pom.xml
@@ -39,10 +39,19 @@
             <artifactId>jcl-over-slf4j</artifactId>
             <scope>runtime</scope>
         </dependency>
+        <!-- spring-sec -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
     </dependencies>
 
     <properties>
-        <apache-shiro-core-version>1.4.0</apache-shiro-core-version>
+        <apache-shiro-core-version>1.5.3</apache-shiro-core-version>
         <log4j-version>1.2.17</log4j-version>
     </properties>
 
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java b/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
new file mode 100644
index 0000000000..f1daed45aa
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
@@ -0,0 +1,96 @@
+package com.baeldung.shiro;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authc.UnknownAccountException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.jdbc.JdbcRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class CustomRealm extends JdbcRealm {
+    
+    private Logger logger = LoggerFactory.getLogger(CustomRealm.class);
+
+    private Map<String, String> credentials = new HashMap<>();
+    private Map<String, Set<String>> roles = new HashMap<>();
+    private Map<String, Set<String>> permissions = new HashMap<>();
+
+    {
+        credentials.put("Tom", "password");
+        credentials.put("Jerry", "password");
+
+        roles.put("Jerry", new HashSet<>(Arrays.asList("ADMIN")));
+        roles.put("Tom", new HashSet<>(Arrays.asList("USER")));
+
+        permissions.put("ADMIN", new HashSet<>(Arrays.asList("READ", "WRITE")));
+        permissions.put("USER", new HashSet<>(Arrays.asList("READ")));
+    }
+
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+
+        UsernamePasswordToken userToken = (UsernamePasswordToken) token;
+
+        if (userToken.getUsername() == null || userToken.getUsername()
+            .isEmpty() || !credentials.containsKey(userToken.getUsername())) {
+            throw new UnknownAccountException("User doesn't exist");
+        }
+
+        return new SimpleAuthenticationInfo(userToken.getUsername(), credentials.get(userToken.getUsername()), getName());
+    }
+
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        Set<String> roles = new HashSet<>();
+        Set<String> permissions = new HashSet<>();
+
+        for (Object user : principals) {
+            try {
+                roles.addAll(getRoleNamesForUser(null, (String) user));
+                permissions.addAll(getPermissions(null, null, roles));
+            } catch (SQLException e) {
+                logger.error(e.getMessage());
+            }
+        }
+        SimpleAuthorizationInfo authInfo = new SimpleAuthorizationInfo(roles);
+        authInfo.setStringPermissions(permissions);
+        return authInfo;
+    }
+
+    @Override
+    protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException {
+        if (!roles.containsKey(username)) {
+            throw new SQLException("User doesn't exist");
+        }
+        return roles.get(username);
+    }
+
+    @Override
+    protected Set<String> getPermissions(Connection conn, String username, Collection<String> roles) throws SQLException {
+        Set<String> userPermissions = new HashSet<>();
+
+        for (String role : roles) {
+            if (!permissions.containsKey(role)) {
+                throw new SQLException("Role doesn't exist");
+            }
+            userPermissions.addAll(permissions.get(role));
+        }
+        return userPermissions;
+    }
+
+}
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java b/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
new file mode 100644
index 0000000000..f383382c86
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
@@ -0,0 +1,33 @@
+package com.baeldung.shiro;
+
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
+import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
+import org.springframework.context.annotation.Bean;
+
+@SpringBootApplication(exclude = SecurityAutoConfiguration.class)
+public class ShiroApplication {
+
+    public static void main(String... args) {
+        SpringApplication.run(ShiroApplication.class, args);
+    }
+
+    @Bean
+    public Realm customRealm() {
+        return new CustomRealm();
+    }
+
+    @Bean
+    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
+        DefaultShiroFilterChainDefinition filter = new DefaultShiroFilterChainDefinition();
+
+        filter.addPathDefinition("/home", "authc");
+        filter.addPathDefinition("/**", "anon");
+
+        return filter;
+    }
+
+}
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java b/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
new file mode 100644
index 0000000000..7205c44173
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
@@ -0,0 +1,99 @@
+package com.baeldung.shiro.controllers;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.subject.Subject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+import com.baeldung.shiro.models.UserCredentials;
+
+@Controller
+public class ShiroController {
+    
+    private Logger logger = LoggerFactory.getLogger(ShiroController.class);
+
+    @GetMapping("/")
+    public String getIndex() {
+        return "comparison/index";
+    }
+
+    @GetMapping("/login")
+    public String showLoginPage() {
+        return "comparison/login";
+    }
+
+    @PostMapping("/login")
+    public String doLogin(HttpServletRequest req, UserCredentials credentials, RedirectAttributes attr) {
+
+        Subject subject = SecurityUtils.getSubject();
+
+        if (!subject.isAuthenticated()) {
+            UsernamePasswordToken token = new UsernamePasswordToken(credentials.getUsername(), credentials.getPassword());
+            try {
+                subject.login(token);
+            } catch (AuthenticationException ae) {
+                logger.error(ae.getMessage());
+                attr.addFlashAttribute("error", "Invalid Credentials");
+                return "redirect:/login";
+            }
+        }
+        return "redirect:/home";
+    }
+
+    @GetMapping("/home")
+    public String getMeHome(Model model) {
+
+        addUserAttributes(model);
+
+        return "comparison/home";
+    }
+
+    @GetMapping("/admin")
+    public String adminOnly(Model model) {
+        addUserAttributes(model);
+
+        Subject currentUser = SecurityUtils.getSubject();
+        if (currentUser.hasRole("ADMIN")) {
+            model.addAttribute("adminContent", "only admin can view this");
+        }
+        return "comparison/home";
+    }
+
+    @PostMapping("/logout")
+    public String logout() {
+        Subject subject = SecurityUtils.getSubject();
+        subject.logout();
+        return "redirect:/";
+    }
+
+    private void addUserAttributes(Model model) {
+        Subject currentUser = SecurityUtils.getSubject();
+        String permission = "";
+
+        if (currentUser.hasRole("ADMIN")) {
+            model.addAttribute("role", "ADMIN");
+        } else if (currentUser.hasRole("USER")) {
+            model.addAttribute("role", "USER");
+        }
+
+        if (currentUser.isPermitted("READ")) {
+            permission = permission + " READ";
+        }
+
+        if (currentUser.isPermitted("WRITE")) {
+            permission = permission + " WRITE";
+        }
+        model.addAttribute("username", currentUser.getPrincipal());
+        model.addAttribute("permission", permission);
+    }
+
+}
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java b/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
new file mode 100644
index 0000000000..5dbafa30ec
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
@@ -0,0 +1,28 @@
+package com.baeldung.shiro.models;
+
+public class UserCredentials {
+
+    private String username;
+    private String password;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    @Override
+    public String toString() {
+        return "username = " + getUsername();
+    }
+}
diff --git a/apache-shiro/src/main/java/com/baeldung/springsecurity/Application.java b/apache-shiro/src/main/java/com/baeldung/springsecurity/Application.java
new file mode 100644
index 0000000000..61adfb9cb6
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/springsecurity/Application.java
@@ -0,0 +1,19 @@
+package com.baeldung.springsecurity;
+
+import org.apache.shiro.spring.boot.autoconfigure.ShiroAnnotationProcessorAutoConfiguration;
+import org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration;
+import org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration;
+import org.apache.shiro.spring.config.web.autoconfigure.ShiroWebFilterConfiguration;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication(exclude = {ShiroAutoConfiguration.class,
+        ShiroAnnotationProcessorAutoConfiguration.class,
+        ShiroWebAutoConfiguration.class,
+        ShiroWebFilterConfiguration.class})
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+}
\ No newline at end of file
diff --git a/apache-shiro/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java b/apache-shiro/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
new file mode 100644
index 0000000000..3fa5632db9
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
@@ -0,0 +1,45 @@
+package com.baeldung.springsecurity.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.csrf().disable().authorizeRequests(authorize -> authorize.antMatchers("/index", "/login")
+            .permitAll()
+            .antMatchers("/home", "/logout")
+            .authenticated()
+            .antMatchers("/admin/**")
+            .hasRole("ADMIN"))
+            .formLogin(formLogin -> formLogin.loginPage("/login")
+                .failureUrl("/login-error"));
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.inMemoryAuthentication()
+            .withUser("Jerry")
+            .password(passwordEncoder().encode("password"))
+            .authorities("READ", "WRITE")
+            .roles("ADMIN")
+            .and()
+            .withUser("Tom")
+            .password(passwordEncoder().encode("password"))
+            .authorities("READ")
+            .roles("USER");
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+}
diff --git a/apache-shiro/src/main/java/com/baeldung/springsecurity/web/SpringController.java b/apache-shiro/src/main/java/com/baeldung/springsecurity/web/SpringController.java
new file mode 100644
index 0000000000..1bde241bf9
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/springsecurity/web/SpringController.java
@@ -0,0 +1,79 @@
+package com.baeldung.springsecurity.web;
+
+import java.util.Collection;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+@Controller
+public class SpringController {
+
+    @GetMapping("/")
+    public String getIndex() {
+        return "comparison/index";
+    }
+
+    @GetMapping("/login")
+    public String showLoginPage() {
+        return "comparison/login";
+    }
+
+    @RequestMapping("/login-error")
+    public String loginError(Model model) {
+        model.addAttribute("error", "Invalid Credentials");
+        return "comparison/login";
+    }
+
+    @PostMapping("/login")
+    public String doLogin(HttpServletRequest req) {
+        return "redirect:/home";
+    }
+
+    @GetMapping("/home")
+    public String showHomePage(HttpServletRequest req, Model model) {
+        addUserAttributes(model);
+        return "comparison/home";
+    }
+
+    @GetMapping("/admin")
+    public String adminOnly(HttpServletRequest req, Model model) {
+        addUserAttributes(model);
+        model.addAttribute("adminContent", "only admin can view this");
+        return "comparison/home";
+    }
+
+    private void addUserAttributes(Model model) {
+        Authentication auth = SecurityContextHolder.getContext()
+            .getAuthentication();
+        if (auth != null && !auth.getClass()
+            .equals(AnonymousAuthenticationToken.class)) {
+            User user = (User) auth.getPrincipal();
+            model.addAttribute("username", user.getUsername());
+
+            Collection<GrantedAuthority> authorities = user.getAuthorities();
+
+            for (GrantedAuthority authority : authorities) {
+                if (authority.getAuthority()
+                    .contains("USER")) {
+                    model.addAttribute("role", "USER");
+                    model.addAttribute("permission", "READ");
+                } else if (authority.getAuthority()
+                    .contains("ADMIN")) {
+                    model.addAttribute("role", "ADMIN");
+                    model.addAttribute("permission", "READ WRITE");
+                }
+            }
+        }
+    }
+
+}
diff --git a/apache-shiro/src/main/resources/templates/comparison/home.ftl b/apache-shiro/src/main/resources/templates/comparison/home.ftl
new file mode 100644
index 0000000000..37eb3d1812
--- /dev/null
+++ b/apache-shiro/src/main/resources/templates/comparison/home.ftl
@@ -0,0 +1,19 @@
+<html>
+<head>
+    <title>Home Page</title>
+</head>
+<body style="margin-left: 30px;">
+<h1>Welcome ${username}!</h1>
+<p><strong>Role</strong>: ${role}</p>
+<p><strong>Permissions</strong></p>
+<p>${permission}</p>
+<a href="/admin">Admin only</a>
+<#if adminContent??>
+  ${adminContent}
+</#if>
+<br>
+<form role="form" action="/logout" method="POST">
+   <input type="Submit" value="Logout" />
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/apache-shiro/src/main/resources/templates/comparison/index.ftl b/apache-shiro/src/main/resources/templates/comparison/index.ftl
new file mode 100644
index 0000000000..8f35c0af1b
--- /dev/null
+++ b/apache-shiro/src/main/resources/templates/comparison/index.ftl
@@ -0,0 +1,10 @@
+<html>
+<head>
+    <title>Index</title>
+</head>
+<body>
+    <h1>Welcome Guest!</h1>
+    <br>
+    Go to the <a href="/home">secured page
+</body>
+</html>
\ No newline at end of file
diff --git a/apache-shiro/src/main/resources/templates/comparison/login.ftl b/apache-shiro/src/main/resources/templates/comparison/login.ftl
new file mode 100644
index 0000000000..7340f47204
--- /dev/null
+++ b/apache-shiro/src/main/resources/templates/comparison/login.ftl
@@ -0,0 +1,25 @@
+<html>
+<head>
+    <title>Login</title>
+</head>
+<body style="margin-left: 30px;">
+<h3>Login</h3>
+<br>
+<form action="/login" method="post">
+    <#if (error?length > 0)??>
+        <p style="color:darkred;">${error}</p>
+    <#else>
+    </#if>
+
+    <label for="username">Username</label>
+    <br>
+    <input type="text" name="username">
+    <br><br>
+    <label for="password">Password</label>
+    <br>
+    <input type="password" name="password">
+    <br><br>
+    <input type="submit" value="Submit">
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java b/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
new file mode 100644
index 0000000000..0b5e690403
--- /dev/null
+++ b/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
@@ -0,0 +1,18 @@
+package com.baeldung.shiro;
+
+
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@SpringBootTest(classes = { ShiroApplication.class })
+public class SpringContextTest {
+
+    @Test
+    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
+
+    }
+
+}
\ No newline at end of file
diff --git a/apache-shiro/src/test/java/com/baeldung/springsecurity/SpringContextTest.java b/apache-shiro/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
new file mode 100644
index 0000000000..a3adfa30c4
--- /dev/null
+++ b/apache-shiro/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
@@ -0,0 +1,17 @@
+package com.baeldung.springsecurity;
+
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+@ExtendWith(SpringExtension.class)
+@SpringBootTest(classes = { Application.class })
+public class SpringContextTest {
+
+    @Test
+    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
+
+    }
+
+}
\ No newline at end of file

From 990e0c15123907df656e26251a1c5d07f6e2dedc Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Thu, 9 Jul 2020 18:05:11 +0530
Subject: [PATCH 7/8] BAEL-4019: movements for old code to accommodate new
 shiro application

---
 .../src/main/java/com/baeldung/{ => intro}/Main.java       | 2 +-
 .../main/java/com/baeldung/{ => intro}/MyCustomRealm.java  | 2 +-
 .../com/baeldung/{ => intro}/ShiroSpringApplication.java   | 7 ++++---
 .../{ => intro}/controllers/ShiroSpringController.java     | 5 +++--
 .../com/baeldung/{ => intro}/models/UserCredentials.java   | 2 +-
 5 files changed, 10 insertions(+), 8 deletions(-)
 rename apache-shiro/src/main/java/com/baeldung/{ => intro}/Main.java (99%)
 rename apache-shiro/src/main/java/com/baeldung/{ => intro}/MyCustomRealm.java (99%)
 rename apache-shiro/src/main/java/com/baeldung/{ => intro}/ShiroSpringApplication.java (80%)
 rename apache-shiro/src/main/java/com/baeldung/{ => intro}/controllers/ShiroSpringController.java (97%)
 rename apache-shiro/src/main/java/com/baeldung/{ => intro}/models/UserCredentials.java (95%)

diff --git a/apache-shiro/src/main/java/com/baeldung/Main.java b/apache-shiro/src/main/java/com/baeldung/intro/Main.java
similarity index 99%
rename from apache-shiro/src/main/java/com/baeldung/Main.java
rename to apache-shiro/src/main/java/com/baeldung/intro/Main.java
index 99515bb705..fbd3bc7ac7 100644
--- a/apache-shiro/src/main/java/com/baeldung/Main.java
+++ b/apache-shiro/src/main/java/com/baeldung/intro/Main.java
@@ -1,4 +1,4 @@
-package com.baeldung;
+package com.baeldung.intro;
 
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.AuthenticationException;
diff --git a/apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java b/apache-shiro/src/main/java/com/baeldung/intro/MyCustomRealm.java
similarity index 99%
rename from apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java
rename to apache-shiro/src/main/java/com/baeldung/intro/MyCustomRealm.java
index 6d7c01d96e..9d65e37ec4 100644
--- a/apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java
+++ b/apache-shiro/src/main/java/com/baeldung/intro/MyCustomRealm.java
@@ -1,4 +1,4 @@
-package com.baeldung;
+package com.baeldung.intro;
 
 import java.sql.Connection;
 import java.sql.SQLException;
diff --git a/apache-shiro/src/main/java/com/baeldung/ShiroSpringApplication.java b/apache-shiro/src/main/java/com/baeldung/intro/ShiroSpringApplication.java
similarity index 80%
rename from apache-shiro/src/main/java/com/baeldung/ShiroSpringApplication.java
rename to apache-shiro/src/main/java/com/baeldung/intro/ShiroSpringApplication.java
index e12d3ebffa..dc288a273b 100644
--- a/apache-shiro/src/main/java/com/baeldung/ShiroSpringApplication.java
+++ b/apache-shiro/src/main/java/com/baeldung/intro/ShiroSpringApplication.java
@@ -1,4 +1,4 @@
-package com.baeldung;
+package com.baeldung.intro;
 
 import org.apache.shiro.realm.Realm;
 import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
@@ -7,12 +7,13 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
 import org.springframework.context.annotation.Bean;
 
 /**
  * Created by smatt on 21/08/2017.
  */
-@SpringBootApplication
+@SpringBootApplication(exclude = SecurityAutoConfiguration.class)
 public class ShiroSpringApplication {
 
     private static final transient Logger log = LoggerFactory.getLogger(ShiroSpringApplication.class);
@@ -29,7 +30,7 @@ public class ShiroSpringApplication {
 
 
     @Bean
-    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
+    public ShiroFilterChainDefinition filterChainDefinition() {
         DefaultShiroFilterChainDefinition filter
           = new DefaultShiroFilterChainDefinition();
 
diff --git a/apache-shiro/src/main/java/com/baeldung/controllers/ShiroSpringController.java b/apache-shiro/src/main/java/com/baeldung/intro/controllers/ShiroSpringController.java
similarity index 97%
rename from apache-shiro/src/main/java/com/baeldung/controllers/ShiroSpringController.java
rename to apache-shiro/src/main/java/com/baeldung/intro/controllers/ShiroSpringController.java
index 2713786d71..1605f390a8 100644
--- a/apache-shiro/src/main/java/com/baeldung/controllers/ShiroSpringController.java
+++ b/apache-shiro/src/main/java/com/baeldung/intro/controllers/ShiroSpringController.java
@@ -1,6 +1,5 @@
-package com.baeldung.controllers;
+package com.baeldung.intro.controllers;
 
-import com.baeldung.models.UserCredentials;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.UsernamePasswordToken;
@@ -13,6 +12,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 
+import com.baeldung.intro.models.UserCredentials;
+
 import javax.servlet.http.HttpServletRequest;
 
 @Controller
diff --git a/apache-shiro/src/main/java/com/baeldung/models/UserCredentials.java b/apache-shiro/src/main/java/com/baeldung/intro/models/UserCredentials.java
similarity index 95%
rename from apache-shiro/src/main/java/com/baeldung/models/UserCredentials.java
rename to apache-shiro/src/main/java/com/baeldung/intro/models/UserCredentials.java
index 51b429046a..6614d07257 100644
--- a/apache-shiro/src/main/java/com/baeldung/models/UserCredentials.java
+++ b/apache-shiro/src/main/java/com/baeldung/intro/models/UserCredentials.java
@@ -1,4 +1,4 @@
-package com.baeldung.models;
+package com.baeldung.intro.models;
 
 public class UserCredentials {
 

From d1748592317772444c58d61fd3e4ad3ff3aac954 Mon Sep 17 00:00:00 2001
From: sampadawagde <sampada.wagde@gmail.com>
Date: Sat, 11 Jul 2020 10:02:44 +0530
Subject: [PATCH 8/8] BAEL-4019: changed package name

---
 .../java/com/baeldung/{ => comparison}/shiro/CustomRealm.java | 2 +-
 .../com/baeldung/{ => comparison}/shiro/ShiroApplication.java | 2 +-
 .../{ => comparison}/shiro/controllers/ShiroController.java   | 4 ++--
 .../{ => comparison}/shiro/models/UserCredentials.java        | 2 +-
 .../baeldung/{ => comparison}/springsecurity/Application.java | 2 +-
 .../springsecurity/config/SecurityConfig.java                 | 2 +-
 .../{ => comparison}/springsecurity/web/SpringController.java | 2 +-
 .../com/baeldung/{shiro => }/permissions/custom/Main.java     | 2 +-
 .../{shiro => }/permissions/custom/PathPermission.java        | 2 +-
 .../permissions/custom/PathPermissionResolver.java            | 2 +-
 .../baeldung/{ => comparison}/shiro/SpringContextTest.java    | 4 +++-
 .../{ => comparison}/springsecurity/SpringContextTest.java    | 4 +++-
 12 files changed, 17 insertions(+), 13 deletions(-)
 rename apache-shiro/src/main/java/com/baeldung/{ => comparison}/shiro/CustomRealm.java (98%)
 rename apache-shiro/src/main/java/com/baeldung/{ => comparison}/shiro/ShiroApplication.java (96%)
 rename apache-shiro/src/main/java/com/baeldung/{ => comparison}/shiro/controllers/ShiroController.java (96%)
 rename apache-shiro/src/main/java/com/baeldung/{ => comparison}/shiro/models/UserCredentials.java (91%)
 rename apache-shiro/src/main/java/com/baeldung/{ => comparison}/springsecurity/Application.java (94%)
 rename apache-shiro/src/main/java/com/baeldung/{ => comparison}/springsecurity/config/SecurityConfig.java (96%)
 rename apache-shiro/src/main/java/com/baeldung/{ => comparison}/springsecurity/web/SpringController.java (98%)
 rename apache-shiro/src/main/java/com/baeldung/{shiro => }/permissions/custom/Main.java (98%)
 rename apache-shiro/src/main/java/com/baeldung/{shiro => }/permissions/custom/PathPermission.java (90%)
 rename apache-shiro/src/main/java/com/baeldung/{shiro => }/permissions/custom/PathPermissionResolver.java (88%)
 rename apache-shiro/src/test/java/com/baeldung/{ => comparison}/shiro/SpringContextTest.java (81%)
 rename apache-shiro/src/test/java/com/baeldung/{ => comparison}/springsecurity/SpringContextTest.java (79%)

diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/CustomRealm.java
similarity index 98%
rename from apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
rename to apache-shiro/src/main/java/com/baeldung/comparison/shiro/CustomRealm.java
index f1daed45aa..d82fb1a5d5 100644
--- a/apache-shiro/src/main/java/com/baeldung/shiro/CustomRealm.java
+++ b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/CustomRealm.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro;
+package com.baeldung.comparison.shiro;
 
 import java.sql.Connection;
 import java.sql.SQLException;
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/ShiroApplication.java
similarity index 96%
rename from apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
rename to apache-shiro/src/main/java/com/baeldung/comparison/shiro/ShiroApplication.java
index f383382c86..92d43ea957 100644
--- a/apache-shiro/src/main/java/com/baeldung/shiro/ShiroApplication.java
+++ b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/ShiroApplication.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro;
+package com.baeldung.comparison.shiro;
 
 import org.apache.shiro.realm.Realm;
 import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/controllers/ShiroController.java
similarity index 96%
rename from apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
rename to apache-shiro/src/main/java/com/baeldung/comparison/shiro/controllers/ShiroController.java
index 7205c44173..b819286c57 100644
--- a/apache-shiro/src/main/java/com/baeldung/shiro/controllers/ShiroController.java
+++ b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/controllers/ShiroController.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro.controllers;
+package com.baeldung.comparison.shiro.controllers;
 
 import javax.servlet.http.HttpServletRequest;
 
@@ -14,7 +14,7 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 
-import com.baeldung.shiro.models.UserCredentials;
+import com.baeldung.comparison.shiro.models.UserCredentials;
 
 @Controller
 public class ShiroController {
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/models/UserCredentials.java
similarity index 91%
rename from apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
rename to apache-shiro/src/main/java/com/baeldung/comparison/shiro/models/UserCredentials.java
index 5dbafa30ec..100809f6ea 100644
--- a/apache-shiro/src/main/java/com/baeldung/shiro/models/UserCredentials.java
+++ b/apache-shiro/src/main/java/com/baeldung/comparison/shiro/models/UserCredentials.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro.models;
+package com.baeldung.comparison.shiro.models;
 
 public class UserCredentials {
 
diff --git a/apache-shiro/src/main/java/com/baeldung/springsecurity/Application.java b/apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/Application.java
similarity index 94%
rename from apache-shiro/src/main/java/com/baeldung/springsecurity/Application.java
rename to apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/Application.java
index 61adfb9cb6..6878c309df 100644
--- a/apache-shiro/src/main/java/com/baeldung/springsecurity/Application.java
+++ b/apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/Application.java
@@ -1,4 +1,4 @@
-package com.baeldung.springsecurity;
+package com.baeldung.comparison.springsecurity;
 
 import org.apache.shiro.spring.boot.autoconfigure.ShiroAnnotationProcessorAutoConfiguration;
 import org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration;
diff --git a/apache-shiro/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java b/apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/config/SecurityConfig.java
similarity index 96%
rename from apache-shiro/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
rename to apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/config/SecurityConfig.java
index 3fa5632db9..d838eef9b3 100644
--- a/apache-shiro/src/main/java/com/baeldung/springsecurity/config/SecurityConfig.java
+++ b/apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/config/SecurityConfig.java
@@ -1,4 +1,4 @@
-package com.baeldung.springsecurity.config;
+package com.baeldung.comparison.springsecurity.config;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
diff --git a/apache-shiro/src/main/java/com/baeldung/springsecurity/web/SpringController.java b/apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/web/SpringController.java
similarity index 98%
rename from apache-shiro/src/main/java/com/baeldung/springsecurity/web/SpringController.java
rename to apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/web/SpringController.java
index 1bde241bf9..34b6b0c0e3 100644
--- a/apache-shiro/src/main/java/com/baeldung/springsecurity/web/SpringController.java
+++ b/apache-shiro/src/main/java/com/baeldung/comparison/springsecurity/web/SpringController.java
@@ -1,4 +1,4 @@
-package com.baeldung.springsecurity.web;
+package com.baeldung.comparison.springsecurity.web;
 
 import java.util.Collection;
 
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/Main.java b/apache-shiro/src/main/java/com/baeldung/permissions/custom/Main.java
similarity index 98%
rename from apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/Main.java
rename to apache-shiro/src/main/java/com/baeldung/permissions/custom/Main.java
index a902a24388..c9ab2b6e37 100644
--- a/apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/Main.java
+++ b/apache-shiro/src/main/java/com/baeldung/permissions/custom/Main.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro.permissions.custom;
+package com.baeldung.permissions.custom;
 
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.AuthenticationException;
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/PathPermission.java b/apache-shiro/src/main/java/com/baeldung/permissions/custom/PathPermission.java
similarity index 90%
rename from apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/PathPermission.java
rename to apache-shiro/src/main/java/com/baeldung/permissions/custom/PathPermission.java
index f7dfbda06a..828484087f 100644
--- a/apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/PathPermission.java
+++ b/apache-shiro/src/main/java/com/baeldung/permissions/custom/PathPermission.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro.permissions.custom;
+package com.baeldung.permissions.custom;
 
 import org.apache.shiro.authz.Permission;
 
diff --git a/apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/PathPermissionResolver.java b/apache-shiro/src/main/java/com/baeldung/permissions/custom/PathPermissionResolver.java
similarity index 88%
rename from apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/PathPermissionResolver.java
rename to apache-shiro/src/main/java/com/baeldung/permissions/custom/PathPermissionResolver.java
index 4b60d2fbd4..30bdece65f 100644
--- a/apache-shiro/src/main/java/com/baeldung/shiro/permissions/custom/PathPermissionResolver.java
+++ b/apache-shiro/src/main/java/com/baeldung/permissions/custom/PathPermissionResolver.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro.permissions.custom;
+package com.baeldung.permissions.custom;
 
 import org.apache.shiro.authz.Permission;
 import org.apache.shiro.authz.permission.PermissionResolver;
diff --git a/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java b/apache-shiro/src/test/java/com/baeldung/comparison/shiro/SpringContextTest.java
similarity index 81%
rename from apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
rename to apache-shiro/src/test/java/com/baeldung/comparison/shiro/SpringContextTest.java
index 0b5e690403..0d150d0fad 100644
--- a/apache-shiro/src/test/java/com/baeldung/shiro/SpringContextTest.java
+++ b/apache-shiro/src/test/java/com/baeldung/comparison/shiro/SpringContextTest.java
@@ -1,4 +1,4 @@
-package com.baeldung.shiro;
+package com.baeldung.comparison.shiro;
 
 
 import org.junit.jupiter.api.Test;
@@ -6,6 +6,8 @@ import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
+import com.baeldung.comparison.shiro.ShiroApplication;
+
 @ExtendWith(SpringExtension.class)
 @SpringBootTest(classes = { ShiroApplication.class })
 public class SpringContextTest {
diff --git a/apache-shiro/src/test/java/com/baeldung/springsecurity/SpringContextTest.java b/apache-shiro/src/test/java/com/baeldung/comparison/springsecurity/SpringContextTest.java
similarity index 79%
rename from apache-shiro/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
rename to apache-shiro/src/test/java/com/baeldung/comparison/springsecurity/SpringContextTest.java
index a3adfa30c4..5044b40e31 100644
--- a/apache-shiro/src/test/java/com/baeldung/springsecurity/SpringContextTest.java
+++ b/apache-shiro/src/test/java/com/baeldung/comparison/springsecurity/SpringContextTest.java
@@ -1,10 +1,12 @@
-package com.baeldung.springsecurity;
+package com.baeldung.comparison.springsecurity;
 
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
+import com.baeldung.comparison.springsecurity.Application;
+
 @ExtendWith(SpringExtension.class)
 @SpringBootTest(classes = { Application.class })
 public class SpringContextTest {