diff --git a/spring-boot-security/pom.xml b/spring-boot-security/pom.xml
index 5283a69c2d..18d292c8a1 100644
--- a/spring-boot-security/pom.xml
+++ b/spring-boot-security/pom.xml
@@ -44,6 +44,23 @@
org.springframework.boot
spring-boot-starter-web
+
+
+
+ org.springframework.security
+ spring-security-taglibs
+
+
+
+
+ org.apache.tomcat.embed
+ tomcat-embed-jasper
+ provided
+
+
+ javax.servlet
+ jstl
+
org.springframework.boot
diff --git a/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/HomeController.java b/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/HomeController.java
new file mode 100644
index 0000000000..eca093a76f
--- /dev/null
+++ b/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/HomeController.java
@@ -0,0 +1,14 @@
+package com.baeldung.springsecuritytaglibs;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+@Controller
+@RequestMapping("/")
+public class HomeController {
+
+ @RequestMapping
+ public String home() {
+ return "home";
+ }
+}
diff --git a/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/SpringBootSecurityTagLibsApplication.java b/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/SpringBootSecurityTagLibsApplication.java
new file mode 100644
index 0000000000..397ea47f96
--- /dev/null
+++ b/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/SpringBootSecurityTagLibsApplication.java
@@ -0,0 +1,9 @@
+package com.baeldung.springsecuritytaglibs;
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:application-taglibs.properties")
+public class SpringBootSecurityTagLibsApplication {
+}
diff --git a/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/config/SpringBootSecurityTagLibsConfig.java b/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/config/SpringBootSecurityTagLibsConfig.java
new file mode 100644
index 0000000000..665dd0bce9
--- /dev/null
+++ b/spring-boot-security/src/main/java/com/baeldung/springsecuritytaglibs/config/SpringBootSecurityTagLibsConfig.java
@@ -0,0 +1,31 @@
+package com.baeldung.springsecuritytaglibs.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class SpringBootSecurityTagLibsConfig extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication()
+ .withUser("testUser")
+ .password("password")
+ .roles("ADMIN");
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ // @formatter:off
+ http.csrf()
+ .and()
+ .authorizeRequests()
+ .antMatchers("/userManagement").hasRole("ADMIN")
+ .anyRequest().permitAll().and().httpBasic();
+ // @formatter:on
+ }
+}
\ No newline at end of file
diff --git a/spring-boot-security/src/main/resources/application-taglibs.properties b/spring-boot-security/src/main/resources/application-taglibs.properties
new file mode 100644
index 0000000000..218868405f
--- /dev/null
+++ b/spring-boot-security/src/main/resources/application-taglibs.properties
@@ -0,0 +1,3 @@
+#jsp config
+spring.mvc.view.prefix: /WEB-INF/views/
+spring.mvc.view.suffix: .jsp
diff --git a/spring-boot-security/src/main/resources/application.properties b/spring-boot-security/src/main/resources/application.properties
index c2b8d70dc6..e776132359 100644
--- a/spring-boot-security/src/main/resources/application.properties
+++ b/spring-boot-security/src/main/resources/application.properties
@@ -1,4 +1,4 @@
#spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
#security.user.password=password
#security.oauth2.client.client-id=client
-#security.oauth2.client.client-secret=secret
+#security.oauth2.client.client-secret=secret
\ No newline at end of file
diff --git a/spring-boot-security/src/main/webapp/WEB-INF/views/home.jsp b/spring-boot-security/src/main/webapp/WEB-INF/views/home.jsp
new file mode 100644
index 0000000000..80ecd61cb5
--- /dev/null
+++ b/spring-boot-security/src/main/webapp/WEB-INF/views/home.jsp
@@ -0,0 +1,38 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8"
+ pageEncoding="UTF-8"%>
+<%@ taglib prefix="sec"
+ uri="http://www.springframework.org/security/tags"%>
+
+
+
+
+
+Home Page
+
+
+
+ Login
+
+
+
+ Logout
+
+
+
+
+ Welcome back,
+
+
+ Manage Users
+
+
+
+ Manage Users
+
+
+
+
\ No newline at end of file
diff --git a/spring-boot-security/src/test/java/com/baeldung/springsecuritytaglibs/HomeControllerUnitTest.java b/spring-boot-security/src/test/java/com/baeldung/springsecuritytaglibs/HomeControllerUnitTest.java
new file mode 100644
index 0000000000..0585c06a59
--- /dev/null
+++ b/spring-boot-security/src/test/java/com/baeldung/springsecuritytaglibs/HomeControllerUnitTest.java
@@ -0,0 +1,60 @@
+package com.baeldung.springsecuritytaglibs;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.web.client.TestRestTemplate;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT, classes = SpringBootSecurityTagLibsApplication.class)
+public class HomeControllerUnitTest {
+
+ @Autowired
+ private TestRestTemplate restTemplate;
+
+ @Test
+ public void whenUserIsAuthenticatedThenAuthenticatedSectionsShowOnSite() throws Exception {
+ String body = this.restTemplate.withBasicAuth("testUser", "password")
+ .getForEntity("/", String.class)
+ .getBody();
+
+ // test
+ assertFalse(body.contains("Login"));
+
+ // test
+ assertTrue(body.contains("Logout"));
+
+ // test
+ assertTrue(body.contains("Manage Users"));
+
+ // test
+ assertTrue(body.contains("testUser"));
+
+ // test
+ assertTrue(body.contains(""));
+
+ // test
+ assertTrue(body.contains("
+ assertTrue(body.contains(""));
+ }
+
+ @Test
+ public void whenUserIsNotAuthenticatedThenOnlyAnonymousSectionsShowOnSite() throws Exception {
+ String body = this.restTemplate.getForEntity("/", String.class)
+ .getBody();
+
+ // test
+ assertTrue(body.contains("Login"));
+
+ // test
+ assertFalse(body.contains("Logout"));
+ }
+}