In the Spring Security config class, we set up the user credentials (in-memory) that can be used to log in to the application and can access secured resources. In the configure method, some of the resources are marked as secured and some as unsecured.