Configuring JdbcUserDetailsManager to use groups

By default, Spring Security does not use GBAC. Therefore, we must instruct Spring Security to enable the use of groups. Modify the SecurityConfig.java file to use GROUP_AUTHORITIES_BY_USERNAME_QUERY, as follows:

    //src/main/java/com/packtpub/springsecurity/configuration/SecurityConfig.java

    private static String GROUP_AUTHORITIES_BY_USERNAME_QUERY = “ ”+
                     "select g.id, g.group_name, ga.authority " +
                     "from groups g, group_members gm, " +
                    "group_authorities ga where gm.username = ? " +
                     "and g.id = ga.group_id and g.id = gm.group_id";
    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
     auth
       .jdbcAuthentication()
       .dataSource(dataSource)
       .groupAuthoritiesByUsername(
         GROUP_AUTHORITIES_BY_USERNAME_QUERY
     );
    }