Configure Spring security

In order to configure Spring security we are doing the following

1. We are creating an user with authority of ROLE_USER

2. We specify that we shall be intercepting any traffic coming to our application.

3. We also create an authentication-manager and a authentication-provider for creating the user-service for us.

Let’s add the below code in our spring-security.xml.

<b:beans xmlns=""

	<http auto-config="true">
             <intercept-url pattern ="/**" access="ROLE_USER" />

		 <user name="saptarshi" password="password" authorities="ROLE_USER" />


Now if we try to open any of the pages, we will be greeted with a popup asking for username and password.

Also the approach of saving the username and password in the xml file is also not very extensible. Therefore a better approach would be to store the username and password details in a data-storage.

We will be using mysql for storing the username and password info which is discussed in detail on the next tutorial.

Doubts? WhatsApp me !