diff --git a/initial/pom.xml b/initial/pom.xml
index 49130d6..a33d15c 100644
--- a/initial/pom.xml
+++ b/initial/pom.xml
@@ -9,9 +9,9 @@
com.example
- securing-web-initial
+ securing-web-complete
0.0.1-SNAPSHOT
- securing-web-initial
+ securing-web-complete
Demo project for Spring Boot
@@ -27,6 +27,21 @@
org.springframework.boot
spring-boot-starter-web
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+ org.thymeleaf.extras
+ thymeleaf-extras-springsecurity6
+
+ 3.1.1.RELEASE
+
+
+ org.springframework.security
+ spring-security-test
+ test
+
org.springframework.boot
@@ -35,13 +50,4 @@
-
-
-
- org.springframework.boot
- spring-boot-maven-plugin
-
-
-
-
-
+
\ No newline at end of file
diff --git a/initial/src/main/java/com/example/securingweb/WebSecurityConfig.java b/initial/src/main/java/com/example/securingweb/WebSecurityConfig.java
new file mode 100644
index 0000000..2818692
--- /dev/null
+++ b/initial/src/main/java/com/example/securingweb/WebSecurityConfig.java
@@ -0,0 +1,57 @@
+package com.example.securingweb;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig {
+
+ /*
+ * SecurityFilterChain- defines which URL paths should be secured
+ * i.e. "/" and "/home"
+ * all other paths require auth.
+ *
+ * If user successfully logs in
+ * then redirect to requested page e.g. "/hello"
+ */
+ @Bean
+ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http
+ .authorizeHttpRequests((requests) -> requests
+ .requestMatchers("/", "/home").permitAll()
+ .anyRequest().authenticated()
+ )
+ .formLogin((form) -> form
+ .loginPage("/login")
+ .permitAll()
+ )
+ .logout((logout) -> logout.permitAll());
+
+ return http.build();
+ }
+
+ /*
+ * UserDetailsService- sets up an in-memory user store (singe user)
+ * User is given user name and password, and role
+ * e.g. user, password, USER
+ */
+ @Bean
+ public UserDetailsService userDetailsService() {
+ UserDetails user =
+ User.withDefaultPasswordEncoder()
+ .username("user")
+ .password("password")
+ .roles("USER")
+ .build();
+
+ return new InMemoryUserDetailsManager(user);
+ }
+}
\ No newline at end of file
diff --git a/initial/src/main/resources/templates/hello.html b/initial/src/main/resources/templates/hello.html
index dce5dd6..65885d2 100644
--- a/initial/src/main/resources/templates/hello.html
+++ b/initial/src/main/resources/templates/hello.html
@@ -1,9 +1,13 @@
-
+
Hello World!
- Hello world!
+ Hello thymeleaf!
+
-
\ No newline at end of file
+
diff --git a/initial/src/main/resources/templates/login.html b/initial/src/main/resources/templates/login.html
new file mode 100644
index 0000000..c352a21
--- /dev/null
+++ b/initial/src/main/resources/templates/login.html
@@ -0,0 +1,19 @@
+
+
+
+ Spring Security Example
+
+
+
+ Invalid username and password.
+
+
+ You have been logged out.
+
+
+
+
\ No newline at end of file