├── README.md
├── src
    ├── main
    │   ├── resources
    │   │   └── application.properties
    │   └── java
    │   │   └── com
    │   │       └── javatechie
    │   │           └── spring
    │   │               └── security
    │   │                   └── api
    │   │                       ├── controller
    │   │                           ├── NoAuthController.java
    │   │                           └── ApplicationController.java
    │   │                       ├── SpringBasicSecurityApplication.java
    │   │                       └── config
    │   │                           └── SpringSecurityConfig.java
    └── test
    │   └── java
    │       └── com
    │           └── javatechie
    │               └── spring
    │                   └── security
    │                       └── api
    │                           └── SpringBasicSecurityApplicationTests.java
└── pom.xml


/README.md:
--------------------------------------------------------------------------------
1 | # spring-basic-security
2 | Spring Security : Basic Authentication and Authorization  using spring boot
3 | 


--------------------------------------------------------------------------------
/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | #spring.security.user.name=Java Techie
2 | #spring.security.user.password=password


--------------------------------------------------------------------------------
/src/test/java/com/javatechie/spring/security/api/SpringBasicSecurityApplicationTests.java:
--------------------------------------------------------------------------------
 1 | package com.javatechie.spring.security.api;
 2 | 
 3 | import org.junit.Test;
 4 | import org.junit.runner.RunWith;
 5 | import org.springframework.boot.test.context.SpringBootTest;
 6 | import org.springframework.test.context.junit4.SpringRunner;
 7 | 
 8 | @RunWith(SpringRunner.class)
 9 | @SpringBootTest
10 | public class SpringBasicSecurityApplicationTests {
11 | 
12 | 	@Test
13 | 	public void contextLoads() {
14 | 	}
15 | 
16 | }
17 | 


--------------------------------------------------------------------------------
/src/main/java/com/javatechie/spring/security/api/controller/NoAuthController.java:
--------------------------------------------------------------------------------
 1 | package com.javatechie.spring.security.api.controller;
 2 | 
 3 | import org.springframework.web.bind.annotation.GetMapping;
 4 | import org.springframework.web.bind.annotation.RequestMapping;
 5 | import org.springframework.web.bind.annotation.RestController;
 6 | 
 7 | @RestController
 8 | @RequestMapping("/noAuth/rest")
 9 | public class NoAuthController {
10 | 
11 | 	@GetMapping("/sayHi")
12 | 	public String sayHi() {
13 | 		return "hi";
14 | 	}
15 | 
16 | }
17 | 


--------------------------------------------------------------------------------
/src/main/java/com/javatechie/spring/security/api/controller/ApplicationController.java:
--------------------------------------------------------------------------------
 1 | package com.javatechie.spring.security.api.controller;
 2 | 
 3 | import org.springframework.web.bind.annotation.GetMapping;
 4 | import org.springframework.web.bind.annotation.RequestMapping;
 5 | import org.springframework.web.bind.annotation.RestController;
 6 | 
 7 | @RestController
 8 | @RequestMapping("/rest/auth")
 9 | public class ApplicationController {
10 | 
11 | 	@GetMapping("/getMsg")
12 | 	public String greeting() {
13 | 		return "spring security example";
14 | 	}
15 | 
16 | }
17 | 


--------------------------------------------------------------------------------
/src/main/java/com/javatechie/spring/security/api/SpringBasicSecurityApplication.java:
--------------------------------------------------------------------------------
 1 | package com.javatechie.spring.security.api;
 2 | 
 3 | import org.springframework.boot.SpringApplication;
 4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
 5 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 6 | 
 7 | @SpringBootApplication
 8 | @EnableWebSecurity
 9 | public class SpringBasicSecurityApplication {
10 | 
11 | 	public static void main(String[] args) {
12 | 		SpringApplication.run(SpringBasicSecurityApplication.class, args);
13 | 	}
14 | }
15 | 


--------------------------------------------------------------------------------
/src/main/java/com/javatechie/spring/security/api/config/SpringSecurityConfig.java:
--------------------------------------------------------------------------------
 1 | package com.javatechie.spring.security.api.config;
 2 | 
 3 | import org.springframework.context.annotation.Bean;
 4 | import org.springframework.context.annotation.Configuration;
 5 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 6 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 7 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 8 | import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 9 | 
10 | @SuppressWarnings("deprecation")
11 | @Configuration
12 | public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
13 | 	@Override
14 | 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
15 | 		auth.inMemoryAuthentication().withUser("Java Techie").password("Password").roles("ADMIN");
16 | 		auth.inMemoryAuthentication().withUser("Basant").password("Password2").roles("USER");
17 | 	}
18 | 
19 | 	// security for all API
20 | 
21 | 	/*
22 | 	 * @Override protected void configure(HttpSecurity http) throws Exception {
23 | 	 * http.csrf().disable();
24 | 	 * http.authorizeRequests().anyRequest().fullyAuthenticated().and().
25 | 	 * httpBasic(); }
26 | 	 */
27 | 
28 | 	// security based on URL
29 | 
30 | 	/*
31 | 	 * @Override protected void configure(HttpSecurity http) throws Exception {
32 | 	 * http.csrf().disable();
33 | 	 * http.authorizeRequests().antMatchers("/rest/**").fullyAuthenticated().and
34 | 	 * ().httpBasic(); }
35 | 	 */
36 | 
37 | 	// security based on ROLE
38 | 	@Override
39 | 	protected void configure(HttpSecurity http) throws Exception {
40 | 		http.csrf().disable();
41 | 		http.authorizeRequests().antMatchers("/rest/**").hasAnyRole("ADMIN").anyRequest().fullyAuthenticated().and()
42 | 				.httpBasic();
43 | 	}
44 | 
45 | 	@Bean
46 | 	public static NoOpPasswordEncoder passwordEncoder() {
47 | 		return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
48 | 	}
49 | }
50 | 


--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 | 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 4 | 	<modelVersion>4.0.0</modelVersion>
 5 | 
 6 | 	<groupId>com.example</groupId>
 7 | 	<artifactId>spring-basic-security</artifactId>
 8 | 	<version>0.0.1-SNAPSHOT</version>
 9 | 	<packaging>jar</packaging>
10 | 
11 | 	<name>spring-basic-security</name>
12 | 	<description>spring security example</description>
13 | 
14 | 	<parent>
15 | 		<groupId>org.springframework.boot</groupId>
16 | 		<artifactId>spring-boot-starter-parent</artifactId>
17 | 		<version>2.0.1.RELEASE</version>
18 | 		<relativePath/> <!-- lookup parent from repository -->
19 | 	</parent>
20 | 
21 | 	<properties>
22 | 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
23 | 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
24 | 		<java.version>1.8</java.version>
25 | 	</properties>
26 | 
27 | 	<dependencies>
28 | 		<dependency>
29 | 			<groupId>org.springframework.boot</groupId>
30 | 			<artifactId>spring-boot-starter-security</artifactId>
31 | 		</dependency>
32 | 		<dependency>
33 | 			<groupId>org.springframework.boot</groupId>
34 | 			<artifactId>spring-boot-starter-web</artifactId>
35 | 		</dependency>
36 | 
37 | 		<dependency>
38 | 			<groupId>org.springframework.boot</groupId>
39 | 			<artifactId>spring-boot-devtools</artifactId>
40 | 			<scope>runtime</scope>
41 | 		</dependency>
42 | 		<dependency>
43 | 			<groupId>org.springframework.boot</groupId>
44 | 			<artifactId>spring-boot-starter-test</artifactId>
45 | 			<scope>test</scope>
46 | 		</dependency>
47 | 		<dependency>
48 | 			<groupId>org.springframework.security</groupId>
49 | 			<artifactId>spring-security-test</artifactId>
50 | 			<scope>test</scope>
51 | 		</dependency>
52 | 	</dependencies>
53 | 
54 | 	<build>
55 | 		<plugins>
56 | 			<plugin>
57 | 				<groupId>org.springframework.boot</groupId>
58 | 				<artifactId>spring-boot-maven-plugin</artifactId>
59 | 			</plugin>
60 | 		</plugins>
61 | 	</build>
62 | 
63 | 
64 | </project>
65 | 


--------------------------------------------------------------------------------