1
00:00:00,510 --> 00:00:08,550
Well, speaking a lot about the authority's rules, privileges to control user level access and user

2
00:00:08,550 --> 00:00:13,390
level actions that he or she can perform in any secure application.

3
00:00:13,410 --> 00:00:20,210
But if you ask me, where does all these authorities are rules, privileges, details are stored inside

4
00:00:20,220 --> 00:00:24,210
string security, the answer is user details itself.

5
00:00:24,390 --> 00:00:31,280
If you can remember from the previous videos, User Details is a contract which is maintained by Sprink

6
00:00:31,290 --> 00:00:37,590
Security, where all the details associated to end user will be stored.

7
00:00:37,800 --> 00:00:45,150
It includes is authentication details, username, email, password along with the authorities.

8
00:00:45,330 --> 00:00:47,430
So inside user details interface.

9
00:00:47,640 --> 00:00:55,740
If you go unchecked, we have a method called Get Authorities and it will return a collection of granter

10
00:00:55,740 --> 00:00:56,490
authority.

11
00:00:56,820 --> 00:01:04,290
Granted, authority is again an interface which has a single method called Get Authority, which will

12
00:01:04,290 --> 00:01:07,750
return the authority name in a string format.

13
00:01:07,980 --> 00:01:12,540
This indicates a single user can have multiple authorities.

14
00:01:12,660 --> 00:01:21,720
The rules like as a user, I mean how both read write authorities in such scenarios, user details has

15
00:01:21,720 --> 00:01:27,360
the flexibility to maintain all my authority details detailed in its collection.

16
00:01:27,360 --> 00:01:33,000
And we store all these authorities detailed using Granton Authority interface.

17
00:01:33,060 --> 00:01:40,020
And inside this interface we have a method called Cat Authority, which will be called by spring security

18
00:01:40,020 --> 00:01:46,470
at the right time to fetch the name of the authority and try to compare with other configurations or

19
00:01:46,470 --> 00:01:48,650
business logic that you have implemented.

20
00:01:48,840 --> 00:01:51,490
So let's try to go and see inside the code.

21
00:01:51,600 --> 00:01:53,880
All this person interfaces.

22
00:01:54,150 --> 00:01:56,730
No, we are inside the user details interface.

23
00:01:57,030 --> 00:02:04,200
As you can see, there is a method called Get Authorities, which will return a collection of objects

24
00:02:04,320 --> 00:02:07,350
which implements grant authority interface.

25
00:02:07,380 --> 00:02:14,940
I can go on to insert granted authority interface is a single matter called Cat Authority, which will

26
00:02:14,940 --> 00:02:19,000
give you my authority in the string format.

27
00:02:19,020 --> 00:02:22,920
We have many implementations of granted authority.

28
00:02:23,190 --> 00:02:24,750
One such is.

29
00:02:26,000 --> 00:02:33,380
Simply granted authority, as you can see, it, is a class which implements granted authority and it

30
00:02:33,380 --> 00:02:41,120
has a method called get authority, which will return the role or authority in the string format.

31
00:02:41,130 --> 00:02:46,550
So you can call it whatever name you want, like a role or authority at the end.

32
00:02:46,790 --> 00:02:54,950
All these details are related to authorization or user level controlling access inside your application.

33
00:02:55,070 --> 00:03:00,930
Let's try and go inside our previous implementation that we have built here.

34
00:03:01,160 --> 00:03:06,350
I'm not going with a default user details manager like this user details manager.

35
00:03:06,650 --> 00:03:14,450
So if you are going with in-memory or elab or JBC user details manager, your return type will be user

36
00:03:14,450 --> 00:03:18,550
details where the authorities also will be stored.

37
00:03:18,950 --> 00:03:27,440
But here previously we have implemented our own authentication provider, which will expect an authentication

38
00:03:27,740 --> 00:03:29,170
object as a return type.

39
00:03:29,360 --> 00:03:36,350
As you can remember from our previous sections, authentication also is one of the schema representation

40
00:03:36,350 --> 00:03:43,820
of the user and inside this interface also we have the same method like user details here.

41
00:03:43,820 --> 00:03:46,280
You can see putting authentication.

42
00:03:46,430 --> 00:03:49,760
I'm trying to load user details with email address.

43
00:03:49,910 --> 00:03:54,380
Once I have customer details, I will verify his password.

44
00:03:54,650 --> 00:04:02,480
Once the passwords, everything is verified, I will try to load his role details from the database

45
00:04:02,480 --> 00:04:06,080
and convert it into a simple grantor authority.

46
00:04:06,260 --> 00:04:12,130
And while retaining this authentication object, I pass a username, password and authorities.

47
00:04:12,320 --> 00:04:15,410
So now my frame hotspring security.

48
00:04:15,410 --> 00:04:21,399
How and access to these authorities using gate authorities method.

49
00:04:21,860 --> 00:04:29,240
Now we know how this authorities insert spring security will be stored and how those details will be

50
00:04:29,240 --> 00:04:31,550
loaded by the spring security.

51
00:04:31,820 --> 00:04:39,050
Let's try to see in the next video how I can really configure authorization of my An application like

52
00:04:39,320 --> 00:04:45,190
this user with this Rulz only should be able to access this Apapa.

53
00:04:45,320 --> 00:04:47,930
Thank you and get you in the next room by.