The following WebSecurityConfig will configure all the necessary filters required to protect the resource endpoints:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws
Exception {
auth.userDetailsService(userDetailsService);
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws
Exception {
return super.authenticationManagerBean();
}
}
In the configure(AuthenticationManagerBuilder auth) method, it has UserDetailsService configured using an injected bean UserDetailsService, which is injected. As our UserService already implements this interface, it will be injected into this.