# rbac **Repository Path**: Irenag/rbac ## Basic Information - **Project Name**: rbac - **Description**: No description available - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2025-11-29 - **Last Updated**: 2025-11-29 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # RBAC Spring Boot Starter A lightweight RBAC (Role-Based Access Control) starter for Spring Boot, powered by Apache Shiro and JWT. ## Features - **Authentication**: JWT based authentication (Stateless). - **Authorization**: RBAC via Shiro annotations (`@RequiresRoles`, `@RequiresPermissions`). - **Auto Configuration**: Zero config setup for quick start. - **Extensible**: Custom `RbacUserService` to load users from any source. ## Modules - `core`: Core logic, models, exceptions, and JWT utilities. - `autoconfig`: Spring Boot Auto Configuration. - `starter`: The artifact to include in your project. - `samples`: Example application. ## Quick Start 1. **Add Dependency** Add the starter to your `pom.xml`: ```xml com.rbac rbac-spring-boot-starter 1.0.0-SNAPSHOT ``` 2. **Configuration** Configure `application.yml`: ```yaml rbac: jwt: secret: "YourSecretKeyHere_MustBeLongEnough_ForSecurity" expiration: 3600000 # 1 hour excluded-paths: # Optional: Public paths - "/public/**" - "/health" ``` 3. **Implement `RbacUserService`** Provide your own user loading logic: ```java @Bean public RbacUserService rbacUserService() { return username -> { // Fetch user from DB // Return AuthUser(id, username, password, enabled, roles, permissions) return new AuthUser(...); }; } ``` 4. **Secure Your Controllers** Use Shiro annotations: ```java @RestController public class MyController { @GetMapping("/admin") @RequiresRoles("admin") public String adminOnly() { return "Admin Content"; } @GetMapping("/user") @RequiresPermissions("user:read") public String userRead() { return "User Content"; } } ``` ## Built-in Endpoints The starter comes with a default `AuthController` enabled by default (can be disabled via `rbac.controller.enabled=false`). - `POST /auth/login`: Login with `{ "username": "...", "password": "..." }`. Returns a JWT token. ## Default User (Testing) If no `RbacUserService` is defined, a default implementation is provided with: - User: `admin` / `admin` (Role: `admin`, Perm: `user:delete`) - User: `user` / `user` (Role: `user`, Perm: `user:read`) ## Build ```bash mvn clean install ```