Configure Spring Security to Authenticate user using In-Memory Authentication.
To implement inMemory authentication, all you need to do is
- extend
WebSecurityConfigurerAdapter. - override
configure(AuthenticationManagerBuilder)method - add
username,passwordandroles/authoritiesfor authentication.
After adding the following class to your application, you will be able to login using these username password pairs.
package com.ekiras.ss.config;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* @author ekiras
*/
@EnableWebSecurity
public class SpringSecurityConfigurer extends WebSecurityConfigurerAdapter{
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("ekansh")
.password("password")
.roles("USER", "ROLE");
auth.inMemoryAuthentication()
.withUser("admin")
.password("admin")
.roles("ADMIN");
}
}
As shown in the code above, we have configured two user-password pairs,
- username : user , password : user and role/authorities : USER.
- username : admin , password : admin and role/authorities : ADMIN.
Note
You can use any of the above pairs to login and authenticate user. First, can be used for requests that can be accessed by USER role and Second can be used to access the requests with ADMIN role.
Also Read
- Configure Spring Security with Spring boot
- Configure JDBC Authetication using MYSQL Query
- Authenticate User with Custom UserDetailsService
- Implement Role Hierarchy with In-Memory Authentication
- How to list the User Authorities in Controller,Filter and Services
- Disable Session Creation for Stateless Authentication
Download project from Github
Comments
Post a Comment