Minimal configuration is needed for implementation. All you need to do is add thespring-boot-starter-securitystarter in the pom.xml file. You will also need to create a Spring config class that will override the required method while extending the WebSecurityConfigurerAdapter to achieve security in the application. Here is some example code:
1
package com.gkatzioura.security.securityendpoints.config;
2
import org.springframework.context.annotation.Configuration;
3
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
4
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
5
@Configuration
6
public class SecurityConfig extends WebSecurityConfigurerAdapter {
7
@Override
8
protected void configure(HttpSecurity http) throws Exception {
9
http.authorizeRequests()
10
.antMatchers("/welcome").permitAll()
11
.anyRequest().authenticated()
12
.and()
13
.formLogin()
14
.permitAll()
15
.and()
16
.logout()
17
.permitAll();
18
}
19