Create HttpSecurityConfig.java

2023-09-30 13:11:57 +01:00 · 2023-09-30 13:11:57 +01:00 · 5f016b6220
commit 5f016b6220
parent 2dc953dcad
1 changed files with 32 additions and 0 deletions
--- a/spring-security-modules/spring-security-core/src/main/java/com/baeldung/httpsecurityvswebsecurity/HttpSecurityConfig.java
+++ b/spring-security-modules/spring-security-core/src/main/java/com/baeldung/httpsecurityvswebsecurity/HttpSecurityConfig.java
@ -0,0 +1,32 @@
+package com.baeldung.httpsecurityvswebsecurity;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class HttpSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        // Given: HttpSecurity configured
+
+        http
+                .authorizeRequests()
+                .antMatchers("/public/**").permitAll()
+                .antMatchers("/admin/**").hasRole("ADMIN")
+                .anyRequest().authenticated()
+                .and()
+                .formLogin()
+                .loginPage("/login")
+                .permitAll()
+                .and()
+                .logout()
+                .permitAll();
+
+        // When: Accessing specific URLs
+        // Then: Access is granted based on defined rules
+    }
+}