Scribd
Upload
26 views

Spring Security Authentication&Authorization

Uploaded by

nameedyusuf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
26 views

Spring Security Authentication&Authorization

Uploaded by

nameedyusuf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Authentication & Authorization

Steps:

1. Spring Initializr:

2. File Structure:

3. AutheAuthoApplication(Default):

package com.example.AutheAutho;

import org.springframework.boot.SpringApplication;

import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class AutheAuthoApplication {

public static void main(String[] args) {

SpringApplication.run(AutheAuthoApplication.class, args);

4. UserController:

package com.example.AutheAutho.controller;

import org.springframework.security.access.prepost.PreAuthorize;

import org.springframework.web.bind.annotation.*;

@RestController

public class UserController {

@GetMapping("/welcome")

public String welcome() {

return "Welcome this endpoint is not secure";

@GetMapping("/user/userProfile")

@PreAuthorize("hasAuthority('ROLE_USER')")

public String userProfile() {

return "Welcome to User Profile";

@GetMapping("/admin/adminProfile")

@PreAuthorize("hasAuthority('ROLE_ADMIN')")

public String adminProfile() {

return "Welcome to Admin Profile";

5. SecurityConfig:

package com.example.AutheAutho.security;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.core.userdetails.*;

import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@Configuration

@EnableWebSecurity

@EnableMethodSecurity

public class SecurityConfig {

// User Creation

@Bean

public UserDetailsService userDetailsService(PasswordEncoder encoder) {

// InMemoryUserDetailsManager

UserDetails admin = User.withUsername("Amiya")

.password(encoder.encode("123"))

.roles("ADMIN", "USER")

.build();

UserDetails user = User.withUsername("Ejaz")

.password(encoder.encode("123"))

.roles("USER")

.build();

return new InMemoryUserDetailsManager(admin, user);

// Password Encoding

@Bean

public PasswordEncoder passwordEncoder() {

return new BCryptPasswordEncoder();

You might also like