overall security cleanup and fixes

spring-all/pom.xml

@@ -134,6 +134,15 @@
 			
 			<plugin>
                 <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-war-plugin</artifactId>
+                <version>2.3</version>
+                <configuration>
+                    <failOnMissingWebXml>false</failOnMissingWebXml>
+                </configuration>
+            </plugin>
+            
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <version>${maven-surefire-plugin.version}</version>
                 <configuration>

spring-security-custom/.springBeans

@@ -7,7 +7,7 @@
 	</configSuffixes>
 	<enableImports><![CDATA[false]]></enableImports>
 	<configs>
-		<config>src/main/webapp/WEB-INF/mvc-servlet.xml</config>
+		<config>src/main/webapp/WEB-INF/api-servlet.xml</config>
 	</configs>
 	<configSets>
 	</configSets>

spring-security-custom/src/main/java/org/baeldung/spring/MvcConfig.java

@@ -1,7 +1,6 @@
 package org.baeldung.spring;
 
 import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.ViewResolver;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
@@ -9,8 +8,8 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
 import org.springframework.web.servlet.view.InternalResourceViewResolver;
 import org.springframework.web.servlet.view.JstlView;
 
+// @Configuration
 @EnableWebMvc
-@Configuration
 public class MvcConfig extends WebMvcConfigurerAdapter {
 
     public MvcConfig() {

spring-security-custom/src/main/resources/webSecurityConfig.xml

@@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
 	xsi:schemaLocation="
         http://www.springframework.org/schema/security 
         http://www.springframework.org/schema/security/spring-security-3.1.xsd
@@ -10,8 +11,11 @@
 		<intercept-url pattern="/login*" access="permitAll" />
 		<intercept-url pattern="/**" access="isAuthenticated()" />
 
-        <form-login login-page='/login.html' login-processing-url="/perform_login" default-target-url="/homepage.html" authentication-failure-url="/login.html?error=true"
+		<!-- <form-login login-page='/login.html' login-processing-url="/perform_login" 
-            always-use-default-target="true" />
+			default-target-url="/homepage.html" authentication-failure-url="/login.html?error=true" -->
+		<!-- always-use-default-target="true" /> -->
+
+		<http-basic />
 
 	</http>
 

spring-security-custom/src/main/webapp/WEB-INF/web.xml

@@ -24,13 +24,13 @@
 
     <!-- Spring child -->
     <servlet>
-        <servlet-name>mvc</servlet-name>
+        <servlet-name>api</servlet-name>
         <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
         <load-on-startup>1</load-on-startup>
     </servlet>
     <servlet-mapping>
-        <servlet-name>mvc</servlet-name>
+        <servlet-name>api</servlet-name>
-        <url-pattern>/</url-pattern>
+        <url-pattern>/api/*</url-pattern>
     </servlet-mapping>
 
     <!-- Spring Security -->