[SCB-1364]add database implementations for UserDetailsService
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
index 0921bb6..0e4b462 100644
--- a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java
@@ -17,24 +17,15 @@
 
 package org.apache.servicecomb.authentication;
 
-import java.util.Arrays;
-
 import org.apache.servicecomb.authentication.token.AbstractOpenIDTokenStore;
 import org.apache.servicecomb.authentication.token.InMemoryOpenIDTokenStore;
 import org.apache.servicecomb.authentication.util.CommonConstants;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
 import org.springframework.security.jwt.crypto.sign.MacSigner;
 import org.springframework.security.jwt.crypto.sign.SignerVerifier;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 @Configuration
 public class AuthenticationConfiguration {
@@ -55,30 +46,4 @@
     // NOTICE: Use in memory store for testing. Need to implement JDBC or Redis SessionIDTokenStore in product. 
     return new InMemoryOpenIDTokenStore();
   }
-
-  @Bean(name = CommonConstants.BEAN_AUTH_USER_DETAILS_SERVICE)
-  public UserDetailsService authUserDetailsService(
-      @Autowired @Qualifier(CommonConstants.BEAN_AUTH_PASSWORD_ENCODER) PasswordEncoder passwordEncoder) {
-    // NOTICE: Use in memory UserDetails, need to implement JDBC or others in product
-    InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
-    UserDetails uAdmin = new User("admin", passwordEncoder.encode("changeMyPassword"),
-        Arrays.asList(new SimpleGrantedAuthority("ADMIN")));
-    UserDetails uGuest = new User("guest", passwordEncoder.encode("changeMyPassword"),
-        Arrays.asList(new SimpleGrantedAuthority("GUEST")));
-    UserDetails uGuestExpiresQuickly = new User("guestExpiresQuickly", passwordEncoder.encode("changeMyPassword"),
-        Arrays.asList(new SimpleGrantedAuthority("GUEST")));
-
-    // Third party users
-    UserDetails githubAnonymous = new User("github:anonymous", "",
-        Arrays.asList(new SimpleGrantedAuthority("GUEST")));
-    UserDetails githubLiubao68 = new User("github:liubao68", "",
-        Arrays.asList(new SimpleGrantedAuthority("ADMIN")));
-
-    manager.createUser(uAdmin);
-    manager.createUser(uGuest);
-    manager.createUser(uGuestExpiresQuickly);
-    manager.createUser(githubAnonymous);
-    manager.createUser(githubLiubao68);
-    return manager;
-  }
 }
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCUserDetails.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCUserDetails.java
new file mode 100644
index 0000000..d2f5caf
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCUserDetails.java
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication;
+
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.servicecomb.authentication.user.UserInfo;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+public class JDBCUserDetails implements UserDetails {
+  private static final long serialVersionUID = -8279248170258388057L;
+
+  private UserInfo info;
+
+  public JDBCUserDetails(UserInfo info) {
+    this.info = info;
+  }
+
+  @Override
+  public Collection<? extends GrantedAuthority> getAuthorities() {
+    Set<String> roles = info.getRoles();
+    Set<SimpleGrantedAuthority> grantedAuthorities = new HashSet<>(roles.size());
+    roles.forEach(r -> grantedAuthorities.add(new SimpleGrantedAuthority(r)));
+    return grantedAuthorities;
+  }
+
+  @Override
+  public String getPassword() {
+    return info.getPassword();
+  }
+
+  @Override
+  public String getUsername() {
+    return info.getUsername();
+  }
+
+  @Override
+  public boolean isAccountNonExpired() {
+    return info.isAccountNonExpired();
+  }
+
+  @Override
+  public boolean isAccountNonLocked() {
+    return info.isAccountNonLocked();
+  }
+
+  @Override
+  public boolean isCredentialsNonExpired() {
+    return info.isCredentialsNonExpired();
+  }
+
+  @Override
+  public boolean isEnabled() {
+    return info.isEnabled();
+  }
+
+}
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCUserDetailsManager.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCUserDetailsManager.java
new file mode 100644
index 0000000..08ff3a7
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/JDBCUserDetailsManager.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication;
+
+import org.apache.servicecomb.authentication.user.UserInfo;
+import org.apache.servicecomb.authentication.user.UserMapper;
+import org.apache.servicecomb.authentication.util.CommonConstants;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.provisioning.UserDetailsManager;
+import org.springframework.stereotype.Component;
+
+@Component(CommonConstants.BEAN_AUTH_USER_DETAILS_SERVICE)
+public class JDBCUserDetailsManager implements UserDetailsManager {
+
+  @Autowired
+  private UserMapper userMapper;
+
+  @Override
+  public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+    UserInfo info = userMapper.selectUserByUsername(username);
+    if (info == null) {
+      throw new UsernameNotFoundException("");
+    }
+    info.setRoles(userMapper.selectRolesByUsername(username));
+    return new JDBCUserDetails(info);
+  }
+
+  @Override
+  public void createUser(UserDetails user) {
+    // TODO Auto-generated method stub
+
+  }
+
+  @Override
+  public void updateUser(UserDetails user) {
+    // TODO Auto-generated method stub
+
+  }
+
+  @Override
+  public void deleteUser(String username) {
+    // TODO Auto-generated method stub
+
+  }
+
+  @Override
+  public void changePassword(String oldPassword, String newPassword) {
+    // TODO Auto-generated method stub
+
+  }
+
+  @Override
+  public boolean userExists(String username) {
+    // TODO Auto-generated method stub
+    return false;
+  }
+
+}
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/UserInfo.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/UserInfo.java
new file mode 100644
index 0000000..7ebb21d
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/UserInfo.java
@@ -0,0 +1,104 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication.user;
+
+import java.util.Set;
+
+public class UserInfo {
+  private int id;
+
+  private String password;
+
+  private String username;
+
+  private Set<String> roles;
+
+  private boolean accountNonExpired;
+
+  private boolean accountNonLocked;
+
+  private boolean credentialsNonExpired;
+
+  private boolean enabled;
+
+  public String getPassword() {
+    return password;
+  }
+
+  public void setPassword(String password) {
+    this.password = password;
+  }
+
+  public String getUsername() {
+    return username;
+  }
+
+  public void setUsername(String username) {
+    this.username = username;
+  }
+
+  public Set<String> getRoles() {
+    return roles;
+  }
+
+  public void setRoles(Set<String> roles) {
+    this.roles = roles;
+  }
+
+  public boolean isAccountNonExpired() {
+    return accountNonExpired;
+  }
+
+  public void setAccountNonExpired(boolean accountNonExpired) {
+    this.accountNonExpired = accountNonExpired;
+  }
+
+  public boolean isAccountNonLocked() {
+    return accountNonLocked;
+  }
+
+  public void setAccountNonLocked(boolean accountNonLocked) {
+    this.accountNonLocked = accountNonLocked;
+  }
+
+  public boolean isCredentialsNonExpired() {
+    return credentialsNonExpired;
+  }
+
+  public void setCredentialsNonExpired(boolean credentialsNonExpired) {
+    this.credentialsNonExpired = credentialsNonExpired;
+  }
+
+  public boolean isEnabled() {
+    return enabled;
+  }
+
+  public void setEnabled(boolean enabled) {
+    this.enabled = enabled;
+  }
+
+  public int getId() {
+    return id;
+  }
+
+  public void setId(int id) {
+    this.id = id;
+  }
+
+
+}
diff --git a/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/UserMapper.java b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/UserMapper.java
new file mode 100644
index 0000000..f50cdf8
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/java/org/apache/servicecomb/authentication/user/UserMapper.java
@@ -0,0 +1,26 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.authentication.user;
+
+import java.util.Set;
+
+public interface UserMapper {
+  UserInfo selectUserByUsername(String username);
+
+  Set<String> selectRolesByUsername(String username);
+}
diff --git a/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml b/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml
new file mode 100644
index 0000000..dac1cdf
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/resources/META-INF/spring/authentication.server.bean.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- ~ Licensed to the Apache Software Foundation (ASF) under one or more 
+  ~ contributor license agreements. See the NOTICE file distributed with ~ 
+  this work for additional information regarding copyright ownership. ~ The 
+  ASF licenses this file to You under the Apache License, Version 2.0 ~ (the 
+  "License"); you may not use this file except in compliance with ~ the License. 
+  You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 
+  ~ ~ Unless required by applicable law or agreed to in writing, software ~ 
+  distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT 
+  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the 
+  License for the specific language governing permissions and ~ limitations 
+  under the License. -->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
+  xsi:schemaLocation="
+        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
+
+  <bean id="dataSource" class="org.apache.commons.dbcp2.BasicDataSource"
+    destroy-method="close">
+    <property name="driverClassName"
+      value="${db.driverClassName:com.mysql.jdbc.Driver}" />
+    <property name="url"
+      value="${db.url:jdbc:mysql://localhost/authentication_server_db}" />
+    <property name="username" value="${db.username:root}" />
+    <property name="password" value="${db.password:}" />
+  </bean>
+
+  <bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
+    <property name="dataSource" ref="dataSource" />
+    <property name="configLocation" value="classpath:/config/mybatis-config.xml"></property>
+  </bean>
+
+  <bean id="userMapper" class="org.mybatis.spring.mapper.MapperFactoryBean">
+    <property name="mapperInterface"
+      value="org.apache.servicecomb.authentication.user.UserMapper" />
+    <property name="sqlSessionFactory" ref="sqlSessionFactory" />
+  </bean>
+
+</beans>
\ No newline at end of file
diff --git a/samples/AuthenticationServer/src/main/resources/config/UserMapper.xml b/samples/AuthenticationServer/src/main/resources/config/UserMapper.xml
new file mode 100644
index 0000000..5261d02
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/resources/config/UserMapper.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- ~ Licensed to the Apache Software Foundation (ASF) under one or more 
+  ~ contributor license agreements. See the NOTICE file distributed with ~ 
+  this work for additional information regarding copyright ownership. ~ The 
+  ASF licenses this file to You under the Apache License, Version 2.0 ~ (the 
+  "License"); you may not use this file except in compliance with ~ the License. 
+  You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 
+  ~ ~ Unless required by applicable law or agreed to in writing, software ~ 
+  distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT 
+  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the 
+  License for the specific language governing permissions and ~ limitations 
+  under the License. -->
+
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="org.apache.servicecomb.authentication.user.UserMapper">
+  <resultMap id="userInfo"
+    type="org.apache.servicecomb.authentication.user.UserInfo">
+    <result column="ID" property="id" />
+    <result column="USER_NAME" property="username" />
+    <result column="PASSWORD" property="password" />
+    <result column="ACCOUNT_NON_EXPIRED" property="accountNonExpired" />
+    <result column="ACCOUNT_NON_LOCKED" property="accountNonLocked" />
+    <result column="CREDENTIALS_NON_EXPIRED" property="credentialsNonExpired" />
+    <result column="ENABLED" property="enabled" />
+  </resultMap>
+
+  <sql id="all_column">
+    ID, USER_NAME, PASSWORD, ACCOUNT_NON_EXPIRED,
+    ACCOUNT_NON_LOCKED,
+    CREDENTIALS_NON_EXPIRED, ENABLED
+  </sql>
+
+  <select id="selectUserByUsername" parameterType="java.lang.String"
+    resultMap="userInfo">
+    select
+    <include refid="all_column" />
+    from T_USERS where USER_NAME = #{0,jdbcType=VARCHAR}
+  </select>
+
+  <select id="selectRolesByUsername" parameterType="java.lang.String"
+    resultType="java.lang.String">
+    select ROLE_NAME
+    from T_ROLES where USER_NAME =
+    #{0,jdbcType=VARCHAR}
+  </select>
+
+</mapper>
\ No newline at end of file
diff --git a/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml b/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml
new file mode 100644
index 0000000..2bd7b68
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/resources/config/mybatis-config.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!-- ~ Licensed to the Apache Software Foundation (ASF) under one or more 
+  ~ contributor license agreements. See the NOTICE file distributed with ~ 
+  this work for additional information regarding copyright ownership. ~ The 
+  ASF licenses this file to You under the Apache License, Version 2.0 ~ (the 
+  "License"); you may not use this file except in compliance with ~ the License. 
+  You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 
+  ~ ~ Unless required by applicable law or agreed to in writing, software ~ 
+  distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT 
+  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the 
+  License for the specific language governing permissions and ~ limitations 
+  under the License. -->
+
+<!DOCTYPE configuration
+  PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
+  "http://mybatis.org/dtd/mybatis-3-config.dtd">
+<configuration>
+    <mappers>
+        <mapper resource="config/UserMapper.xml"/>
+    </mappers>
+</configuration>
\ No newline at end of file
diff --git a/samples/AuthenticationServer/src/main/resources/microservice.yaml b/samples/AuthenticationServer/src/main/resources/microservice.yaml
index 2a2373d..3e9adc4 100644
--- a/samples/AuthenticationServer/src/main/resources/microservice.yaml
+++ b/samples/AuthenticationServer/src/main/resources/microservice.yaml
@@ -42,6 +42,8 @@
         expiresIn: 3
 
     github:
-      clientId: ? # change to your github client id
-      clientSecret: ? # change to your github client secret
+      clientId: * # change to your github client id
+      clientSecret: * # change to your github client secret
 
+db:
+  password: *
diff --git a/samples/AuthenticationServer/src/main/resources/sql/user.sql b/samples/AuthenticationServer/src/main/resources/sql/user.sql
new file mode 100644
index 0000000..223826d
--- /dev/null
+++ b/samples/AuthenticationServer/src/main/resources/sql/user.sql
@@ -0,0 +1,79 @@
+#
+## ---------------------------------------------------------------------------
+## Licensed to the Apache Software Foundation (ASF) under one or more
+## contributor license agreements.  See the NOTICE file distributed with
+## this work for additional information regarding copyright ownership.
+## The ASF licenses this file to You under the Apache License, Version 2.0
+## (the "License"); you may not use this file except in compliance with
+## the License.  You may obtain a copy of the License at
+##
+##      http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ---------------------------------------------------------------------------
+
+CREATE DATABASE IF NOT EXISTS authentication_server_db;
+
+USE authentication_server_db;
+
+DROP TABLE IF EXISTS T_USERS;
+
+CREATE TABLE `T_USERS` (
+  `ID` INTEGER(8) NOT NULL AUTO_INCREMENT,
+  `USER_NAME` VARCHAR(64) NOT NULL,
+  `PASSWORD` VARCHAR(256) NOT NULL,
+  `ACCOUNT_NON_EXPIRED` TINYINT(1) NOT NULL,
+  `ACCOUNT_NON_LOCKED` TINYINT(1) NOT NULL,
+  `CREDENTIALS_NON_EXPIRED` TINYINT(1) NOT NULL,
+  `ENABLED` TINYINT(1) NOT NULL,
+  PRIMARY KEY (`ID`)
+);
+
+/* PBKDF encrypted password for changeMyPassword , please note to change it */
+INSERT INTO T_USERS(USER_NAME, PASSWORD, ACCOUNT_NON_EXPIRED, ACCOUNT_NON_LOCKED, CREDENTIALS_NON_EXPIRED, ENABLED)
+  VALUES("admin", "14761713125f5a1880e4b8f3c735e5afc9a550757225c45bb6d3d428ce05ca04962dadf774643a5f", true, true, true, true);
+INSERT INTO T_USERS(USER_NAME, PASSWORD, ACCOUNT_NON_EXPIRED, ACCOUNT_NON_LOCKED, CREDENTIALS_NON_EXPIRED, ENABLED)
+  VALUES("guest", "aec37aebc3ee961b8d615192025a03b24180e18b87bb690e038717d73acfa7b650a6b31eb8887d43", true, true, true, true);
+INSERT INTO T_USERS(USER_NAME, PASSWORD, ACCOUNT_NON_EXPIRED, ACCOUNT_NON_LOCKED, CREDENTIALS_NON_EXPIRED, ENABLED)
+  VALUES("guestExpiresQuickly", "295cbb2c18c7d3bcb164840c8e16d41a1cc21246054d8f68f5e95f30c37a06fc3a429f832dc1c6dd", true, true, true, true);
+
+/* empty password user can not login directly */
+INSERT INTO T_USERS(USER_NAME, PASSWORD, ACCOUNT_NON_EXPIRED, ACCOUNT_NON_LOCKED, CREDENTIALS_NON_EXPIRED, ENABLED)
+  VALUES("github:anonymous", "", true, true, true, true);
+INSERT INTO T_USERS(USER_NAME, PASSWORD, ACCOUNT_NON_EXPIRED, ACCOUNT_NON_LOCKED, CREDENTIALS_NON_EXPIRED, ENABLED)
+  VALUES("github:liubao68", "", true, true, true, true);
+
+DROP TABLE IF EXISTS T_ROLES;
+
+CREATE TABLE `T_ROLES` (
+  `ID` INTEGER(8) NOT NULL AUTO_INCREMENT,
+  `ROLE_NAME` VARCHAR(64) NOT NULL,
+  `USER_NAME` VARCHAR(64) NOT NULL,
+  PRIMARY KEY (`ID`)
+);
+
+INSERT INTO T_ROLES(ROLE_NAME, USER_NAME) 
+  VALUES("ADMIN", "admin");
+INSERT INTO T_ROLES(ROLE_NAME, USER_NAME) 
+  VALUES("GUEST", "guest");
+INSERT INTO T_ROLES(ROLE_NAME, USER_NAME) 
+  VALUES("GUEST", "guestExpiresQuickly");
+INSERT INTO T_ROLES(ROLE_NAME, USER_NAME) 
+  VALUES("GUEST", "github:anonymous");
+INSERT INTO T_ROLES(ROLE_NAME, USER_NAME) 
+  VALUES("ADMIN", "github:liubao68");
+
+DROP TABLE IF EXISTS T_TOKENS;
+
+CREATE TABLE `T_TOKENS` (
+  `ID` INTEGER(8) NOT NULL AUTO_INCREMENT,
+  `ACCESS_TOKEN_VALUE` VARCHAR(256) NOT NULL,
+  `REFRESH_TOKEN_VALUE` VARCHAR(256) NOT NULL,
+  `ID_TOKEN_VALUE` VARCHAR(256) NOT NULL,
+  `TOKEN` TEXT NOT NULL,
+  PRIMARY KEY (`ID`)
+);