diff --git a/guest/spring-security/README.md b/guest/spring-security/README.md
new file mode 100644
index 0000000000..9e5cd64a04
--- /dev/null
+++ b/guest/spring-security/README.md
@@ -0,0 +1,17 @@
+## Building
+
+To build the module, use Maven's `package` goal:
+
+```
+mvn clean package
+```
+
+## Running
+
+To run the application, use Spring Boot's `run` goal:
+
+```
+mvn spring-boot:run
+```
+
+The application will be accessible at [http://localhost:8080/](http://localhost:8080/)
diff --git a/guest/spring-security/pom.xml b/guest/spring-security/pom.xml
new file mode 100644
index 0000000000..c41637bfc2
--- /dev/null
+++ b/guest/spring-security/pom.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.stackify.guest</groupId>
+    <artifactId>spring-security</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>2.0.0.M6</version>
+        <relativePath/>
+    </parent>
+
+    <name>spring-security</name>
+    <description>Spring Security Sample Project</description>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.thymeleaf</groupId>
+            <artifactId>thymeleaf-spring5</artifactId>
+            <version>3.0.8.RELEASE</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-jdbc</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+    </dependencies>
+
+    <repositories>
+        <repository>
+            <id>spring-milestones</id>
+            <name>Spring Milestones</name>
+            <url>https://repo.spring.io/milestone</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+    </repositories>
+    <pluginRepositories>
+        <pluginRepository>
+            <id>spring-milestones</id>
+            <name>Spring Milestones</name>
+            <url>https://repo.spring.io/milestone</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </pluginRepository>
+    </pluginRepositories>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+        <java.version>1.8</java.version>
+    </properties>
+
+</project>
\ No newline at end of file
diff --git a/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/Application.java b/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/Application.java
new file mode 100644
index 0000000000..fbd0eee044
--- /dev/null
+++ b/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/Application.java
@@ -0,0 +1,15 @@
+package com.stackify.guest.springsecurity;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.ComponentScan;
+
+@SpringBootApplication
+@ComponentScan(basePackages = {"com.stackify.guest.springsecurity"})
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+
+}
diff --git a/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/config/WebMvcConfiguration.java b/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/config/WebMvcConfiguration.java
new file mode 100644
index 0000000000..b8dfe9050d
--- /dev/null
+++ b/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/config/WebMvcConfiguration.java
@@ -0,0 +1,16 @@
+package com.stackify.guest.springsecurity.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class WebMvcConfiguration implements WebMvcConfigurer {
+
+    @Override
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("/customLogin").setViewName("customLogin");
+        registry.addViewController("/loginSuccess").setViewName("index");
+    }
+
+}
\ No newline at end of file
diff --git a/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/config/WebSecurityConfig.java b/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/config/WebSecurityConfig.java
new file mode 100644
index 0000000000..164808d5b3
--- /dev/null
+++ b/guest/spring-security/src/main/java/com/stackify/guest/springsecurity/config/WebSecurityConfig.java
@@ -0,0 +1,40 @@
+package com.stackify.guest.springsecurity.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.JdbcUserDetailsManager;
+
+import javax.sql.DataSource;
+
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Bean
+    public UserDetailsService jdbcUserDetailsService(DataSource dataSource) {
+        JdbcUserDetailsManager manager = new JdbcUserDetailsManager();
+        manager.setDataSource(dataSource);
+        return manager;
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .antMatchers("/css/**").permitAll()
+                .anyRequest().authenticated()
+                .and().formLogin()
+                .loginPage("/customLogin")
+                .defaultSuccessUrl("/loginSuccess", true)
+                .permitAll();
+    }
+
+}
\ No newline at end of file
diff --git a/guest/spring-security/src/main/resources/data.sql b/guest/spring-security/src/main/resources/data.sql
new file mode 100644
index 0000000000..b3f7db9105
--- /dev/null
+++ b/guest/spring-security/src/main/resources/data.sql
@@ -0,0 +1,2 @@
+INSERT INTO users VALUES ('jill', '$2a$04$qUlqAEEYF1YvrpJMosodoewgL6aO.qgHytl2k5L7kdXEWnJsFdxvq', TRUE);
+INSERT INTO authorities VALUES ('jill', 'USERS');
diff --git a/guest/spring-security/src/main/resources/schema.sql b/guest/spring-security/src/main/resources/schema.sql
new file mode 100644
index 0000000000..3de1b9a29f
--- /dev/null
+++ b/guest/spring-security/src/main/resources/schema.sql
@@ -0,0 +1,10 @@
+CREATE TABLE users (
+  username VARCHAR(256) PRIMARY KEY,
+  password VARCHAR(256),
+  enabled  BOOLEAN
+);
+
+CREATE TABLE authorities (
+  username  VARCHAR(256) REFERENCES users (username),
+  authority VARCHAR(256)
+);
diff --git a/guest/spring-security/src/main/resources/static/css/styles.css b/guest/spring-security/src/main/resources/static/css/styles.css
new file mode 100644
index 0000000000..72bcc4934f
--- /dev/null
+++ b/guest/spring-security/src/main/resources/static/css/styles.css
@@ -0,0 +1,3 @@
+.bad-login {
+  color: red;
+}
\ No newline at end of file
diff --git a/guest/spring-security/src/main/resources/templates/customLogin.html b/guest/spring-security/src/main/resources/templates/customLogin.html
new file mode 100644
index 0000000000..c689c78514
--- /dev/null
+++ b/guest/spring-security/src/main/resources/templates/customLogin.html
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml"
+      xmlns:th="http://www.thymeleaf.org">
+<head>
+    <link rel="stylesheet" href="/css/styles.css">
+</head>
+<body>
+<form th:action="@{/customLogin}" method="post">
+    <fieldset>
+        <label for="username">Login:</label>
+        <input id="username" name="username">
+        <label for="password">Password:</label>
+        <input id="password" name="password" type="password">
+    </fieldset>
+    <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
+    <input type="submit" value="Login">
+    <div th:if="${param.error}" class="bad-login">Bad login or password.</div>
+    <div th:if="${param.logout}">Log out successful.</div>
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/guest/spring-security/src/main/resources/templates/index.html b/guest/spring-security/src/main/resources/templates/index.html
new file mode 100644
index 0000000000..0769f9015f
--- /dev/null
+++ b/guest/spring-security/src/main/resources/templates/index.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml"
+      xmlns:th="http://www.thymeleaf.org">
+<p>Hello, <span th:text="${
+    T(org.springframework.security.core.context.SecurityContextHolder)
+      .context.authentication.principal.username}"></span>!</p>
+<form action="/logout" method="post">
+    <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
+    <input type="submit" value="Log Out">
+</form>
+</html>
\ No newline at end of file