How to use DbProfileService from PAC4J framework

Question

I'm trying to implement security layer with PAC4J framework, using users from DB. PAC4J documentation recomends DbProfileService, but I don't know how to use it.

1. Where to define it? In the ConfigFactory?

    final DirectBasicAuthClient directBasicAuthClient = new DirectBasicAuthClient(new DbProfileService());

2. Where is the validation made? I mean user, password are correct? Maybe I shouldn't care and it is internaly done.

Answer 1

After contact PAC4J owner, I found how to use it:

1. You create a table for users in your DB
2. Create DbProfileService and pass DataSource connection to it
3. You indicate table name, and columns for Id, user and password.
4. Password is encrypted, you need to indicate how (in this case using SALT)

Example:

    DataSource dataSource = FeerBoxServerDB.getDatasource();
    DbProfileService dbProfileService = new DbProfileService(dataSource);
    dbProfileService.setUsersTable("restusers");
    dbProfileService.setIdAttribute("id");
    dbProfileService.setUsernameAttribute("username");
    dbProfileService.setPasswordAttribute("password");
    dbProfileService.setPasswordEncoder(new JBCryptPasswordEncoder(ServerConfigFactory.PWD_SALT));
    final DirectBasicAuthClient directBasicAuthClient = new DirectBasicAuthClient(dbProfileService);