scala-web-sbt-spring-jsp-register-rsa-encrypted-argon2-encode

Description

A springboot secure web app with jsp support. Three roles are defined; USER, ADMIN, and SUPER. All roles can access pages /home, /login, and /about. Only USER can access /user and ADMIN only /admin whereas SUPER can navigate to either and have its own /super. Each role has an action USER=VIEW ONLY, ADMIN=READ/WRITE, SUPER=CREATE. All password are encrypted with RSA and encoded with argon2 to insure strong passwords.

The encrypted text is 512 in length when compressed ~ 306. To compress the encrypted text gzip was used.

When storing a password it is best practice to use a one-way hash such as bcrypt, scrypt, or argon2.

Tech stack

• scala
• sbt

Docker stack

• hseeberger/scala-sbt:11.0.2-oraclelinux7_1.3.5_2.12.10

To run

sudo ./install.sh -u Available at http://localhost

• Login with id: user and password: pass
• Login with id: admin and password: pass
• Login with id: super and password: pass

To stop (optional)

sudo ./install.sh -d

For help

sudo ./install.sh -h

Credits

• https://hellokoding.com/spring-security-login-logout-jsp/
• https://www.javainterviewpoint.com/spring-security-inmemoryuserdetailsmanager/