Java tutorial
package com.orange.clara.pivotaltrackermirror.config; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; /** * Copyright (C) 2016 Orange * <p> * This software is distributed under the terms and conditions of the 'Apache-2.0' * license which can be found in the file 'LICENSE' in this package distribution * or at 'https://opensource.org/licenses/Apache-2.0'. * <p> * Author: Arthur Halet * Date: 15/07/2016 */ @EnableWebSecurity @Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter { @Value("${admin.username:admin}") private String adminUsername; @Value("${admin.password:password}") private String adminPassword; @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser(adminUsername).password(adminPassword).roles("ADMIN", "USER"); } @Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/swagger/**").permitAll().antMatchers("/assets/**").permitAll() .anyRequest().authenticated().and().httpBasic().and().csrf().ignoringAntMatchers("/api/**"); } }