Scribd
Upload
24 views

Spring Security Authentication&Authorization

Uploaded by

nameedyusuf
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
24 views

Spring Security Authentication&Authorization

Uploaded by

nameedyusuf
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Authentication & Authorization

Steps:

1. Spring Initializr:

2. File Structure:

3. AutheAuthoApplication(Default):

package com.example.AutheAutho;

import org.springframework.boot.SpringApplication;

import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class AutheAuthoApplication {

public static void main(String[] args) {

SpringApplication.run(AutheAuthoApplication.class, args);

4. UserController:

package com.example.AutheAutho.controller;

import org.springframework.security.access.prepost.PreAuthorize;

import org.springframework.web.bind.annotation.*;

@RestController

public class UserController {

@GetMapping("/welcome")

public String welcome() {

return "Welcome this endpoint is not secure";

@GetMapping("/user/userProfile")

@PreAuthorize("hasAuthority('ROLE_USER')")

public String userProfile() {

return "Welcome to User Profile";

@GetMapping("/admin/adminProfile")

@PreAuthorize("hasAuthority('ROLE_ADMIN')")

public String adminProfile() {

return "Welcome to Admin Profile";

5. SecurityConfig:

package com.example.AutheAutho.security;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.core.userdetails.*;

import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@Configuration

@EnableWebSecurity

@EnableMethodSecurity

public class SecurityConfig {

// User Creation

@Bean

public UserDetailsService userDetailsService(PasswordEncoder encoder) {

// InMemoryUserDetailsManager

UserDetails admin = User.withUsername("Amiya")

.password(encoder.encode("123"))

.roles("ADMIN", "USER")

.build();

UserDetails user = User.withUsername("Ejaz")

.password(encoder.encode("123"))

.roles("USER")

.build();

return new InMemoryUserDetailsManager(admin, user);

// Password Encoding

@Bean

public PasswordEncoder passwordEncoder() {

return new BCryptPasswordEncoder();

You might also like