Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP Update security-getting-started-tutorial from QE feedback #45686

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 12 additions & 4 deletions docs/src/main/asciidoc/security-getting-started-tutorial.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,7 @@ endif::no-quarkus-security-jpa-reactive[]
Add a regular Jakarta REST resource to your Java source code, as shown in the following code snippet:
+
====
.TBD filepath
[source,java]
----
package org.acme.security.jpa;
Expand Down Expand Up @@ -185,6 +186,7 @@ The source code for the `/api/admin` endpoint is similar, but instead, you use a
Add a Jakarta REST resource with the following `@RolesAllowed` annotation:
+
====
.TBD filepath
[source,java]
----
package org.acme.security.jpa;
Expand All @@ -211,12 +213,12 @@ public class AdminResource {
Use `SecurityContext` to get access to the currently authenticated `Principal` user and to return their username, all of which is retrieved from the database.
+
====
.TBD filepath
[source,java]
----
package org.acme.security.jpa;

import jakarta.annotation.security.RolesAllowed;
import jakarta.inject.Inject;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.core.Context;
Expand All @@ -238,8 +240,9 @@ public class UserResource {
[[define-the-user-entity]]
== Define the user entity

* You can now describe how you want security information to be stored in the model by adding annotations to the `user` entity, as outlined in the following code snippet:
Specify how security information is stored in the model by adding the following annotations to the `user` entity:

.TBD filepath
[source,java]
----
package org.acme.security.jpa;
Expand Down Expand Up @@ -316,10 +319,11 @@ When secure access is required, and no other authentication mechanisms are enabl
Therefore, in this tutorial, you do not need to set the property `quarkus.http.auth.basic` to `true`.
====
+
. Configure at least one data source in the `application.properties` file so the `quarkus-security-jpa` extension can access your database.
. Configure at least one data source in the `src/main/resources/application.properties` file so the `quarkus-security-jpa` extension can access your database.
For example:
+
====
.src/main/resources/application.properties
[source,properties]
----
quarkus.http.auth.basic=true
Expand All @@ -344,6 +348,7 @@ ifndef::no-quarkus-security-jpa-reactive[]
* The URLs of Reactive datasources that are used by the `quarkus-security-jpa-reactive` extension are set with the `quarkus.datasource.reactive.url`
configuration property and not the `quarkus.datasource.jdbc.url` configuration property typically used by JDBC datasources.
+
.src/main/resources/application.properties
[source,properties]
----
%prod.quarkus.datasource.reactive.url=vertx-reactive:postgresql://localhost:5431/security_jpa
Expand All @@ -356,6 +361,7 @@ Therefore, adjustments are needed in a production environment.
====
endif::no-quarkus-security-jpa-reactive[]

.TBD filepath
[source,java]
----
package org.acme.security.jpa;
Expand Down Expand Up @@ -418,6 +424,7 @@ In this scenario, `Dev Services for PostgreSQL` launches and configures a `Postg

To write the integration test, use the following code sample:

.TBD filepath
[source,java]
----
package org.acme.security.jpa;
Expand Down Expand Up @@ -495,7 +502,8 @@ Dev Services for PostgreSQL supports testing while you develop by providing a se

== Test your application in production mode by using Curl or browser

To test your application using Curl or the browser, you must first start a PostgreSQL server, then compile and run your application either in JVM or native mode.
To test your application using Curl, or a browser, start a PostgreSQL server first.
Then, compile and run your application in either JVM or native mode.

=== Start the PostgreSQL server

Expand Down
Loading