Hardcoded Password
Get started with security configuration by defining fixed passwords.
We'll cover the following...
Security configuration
The heart of security configuration always starts from a @Configuration class that extends
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter. It’s usually placed in the infrastructure.security package and named as WebSecurityConfiguration:
Press + to interact
package com.tamingthymeleaf.application.infrastructure.security;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.crypto.password.PasswordEncoder;@Configuration //<.>public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { //<.>private final PasswordEncoder passwordEncoder;public WebSecurityConfiguration(PasswordEncoder passwordEncoder) { //<.>this.passwordEncoder = passwordEncoder;}@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception { //<.>auth.inMemoryAuthentication() //<.>.withUser("user") //<.>.password(passwordEncoder.encode("verysecure")) //<.>.roles("USER"); //<.>}}
- Annotate the class with
@Configurationso the component scanning will pick it up