Configure Spring security
In order to configure Spring security we are doing the following
1. We are creating an user with authority of ROLE_USER
2. We specify that we shall be intercepting any traffic coming to our application.
3. We also create an authentication-manager and a authentication-provider for creating the user-service for us.
Let’s add the below code in our spring-security.xml.
<b:beans xmlns="http://www.springframework.org/schema/security" xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <http auto-config="true"> <intercept-url pattern ="/**" access="ROLE_USER" /> </http> <authentication-manager> <authentication-provider> <user-service> <user name="saptarshi" password="password" authorities="ROLE_USER" /> </user-service> </authentication-provider> <authentication-manager> </b:beans>
Now if we try to open any of the pages, we will be greeted with a popup asking for username and password.
Also the approach of saving the username and password in the xml file is also not very extensible. Therefore a better approach would be to store the username and password details in a data-storage.
We will be using mysql for storing the username and password info which is discussed in detail on the next tutorial.