We know that we have to instruct the application to start using Spring Security. One easy way is to declare the Spring Security filter in web.xml. If you want to avoid using XML and perform the actions using Java instead, then create a class that extends AbstractSecurityWebApplicationInitializer; this will do the trick of initializing the filter and setting Spring Security for your application:

public class SecurityWebApplicationInitializer
       extends AbstractSecurityWebApplicationInitializer {

}

With this, we have completed all the setup required to see basic authentication in action.