2 Securing Web

This example uses WebMvc framework, which uses WebMvcConfigurerAdapter and ViewControllerRegistry to connect the urls and html templates.

Add spring-boot-starter-security into dependency, make WebSecurityConfig.java.

@Configuration
@EnableWebMvcSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/", "/home").permitAll()
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .loginPage("/login")
                .permitAll()
                .and()
            .logout()
                .permitAll();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .inMemoryAuthentication()
                .withUser("user").password("password").roles("USER");
        // user repository in memory with username = "user" and password = "password"
        // it is just for demon
    }
}