The book doesn't cover this, but the approach is fairly straightforward.
First, store user data in the database via a JPA repository just like you would for any entity type. (Be sure to encrypt the password!) Then you can create a custom UserService implementation for Spring Security that uses your JPA repository to fetch the user entity given the username.
The book doesn't go to this level of detail, but it's certainly possible. I could possibly bake up a simple example if you need one.
Siegfried Heintze wrote:The book Spring in Action discusses how to use JPA in a Spring REST service.
Is there spring support for using JPA to store usernames and passwords for authentication?
Does the book discuss this? Last I remember, there is no discussion of using JPA for storing usernames and passwords in the book.
Can someone point me to a discussion/example/tutorial of how to store usernames and passwords using JPA?
Well if anyone has time I'd love a minimal example that demonstrates
(1) Username password authentication/authorization security with JPA
(2) JPA for a domain object like a guest book visitor or a spittle (yucko! I prefer tweet!)
(3) REST & JSON service
(4) Two Simple MVC pages (login page and a get list of tweets or spittles)
(5) The best of all worlds with an executable spring boot WAR that I could run independently or drop into a jetty or tomcat deploy directory.
(6) A brief example of a integration test I could run with maven or gradle that would fire up the service and login to the service (with AND without the MVC login web page) and get a session cookie and then subsequently get list of guests or tweets or spittles. I think you said this could be done more easily with spring boot?
(7) some directions on how to run the integration test.
OK, I'm asking a lot! I'd love it if you could help me! I've been trying very hard to make this work for a long time now!