Spring Security config

The Spring Security config class extends WebSecurityConfigurerAdapter. We will override three methods, as shown in the following code snippet:

@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
  @Autowired
  private BCryptPasswordEncoder passwordEncoder;
  @Autowired
  public void globalUserDetails(final AuthenticationManagerBuilder auth) throws 
        Exception {
      auth
          .inMemoryAuthentication()
          .withUser("user").password(passwordEncoder.encode("password"))
          .roles("USER")
          .and()
          .withUser("admin").password(passwordEncoder.encode("password"))
          .roles("USER", "ADMIN");
  }
  //...
}

We autowire the password encoder. We then override the following methods: globalUserDetails, authenticationManagerBean, and configure. There isn't anything special to mention here. We define two users, managed in-memory (user and admin).

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.21.248.47