Dear friends welcome back! In the last session Session27 we have discussed about Pagination and sorting mechanism user Spring Boot JPA.
In this post we will going to start with Spring Security. I am planning to start Spring Security in with very simple topic
By default Spring Boot is not security enable. Any one can access whatever endpoint or pages we are developing. In order to protect our pages and API endpoint , Spring Security is come into the picture. There are many things are available part of Spring Boot Security. There are two main concepts those are Authentication and Authorization. From these concept we can lean several Spring Security concepts.
What is Authentication?
Authentication is something like Security guard in the Office premises or any other Place. if you want to go inside the Premises, you need to valid authority i,e Valid authority id. You need to show your identity card to Security guard , he very the card, if your Identity card is valid, then he will allow you to go inside the Office premises. This is called as Authentication. When ever you login to Facebook or Gmail, you need valid username and password, if this is valid,Gmail or Facebook allow you to go inside your Facebook or Gmail. This is called as Authentication.
What is Authorization?
Once you allowed in inside the office premises , you are only authorize to go your department, if you go inside your department room you need to show your access card in your department room door, if you are valid person, door will open by reading your access card. This is called as Authorization. After login your with Facebook or Gmail, you can access all your post, group and pages but you are nor allowed to modify some others pages group to modify Facebook. This is called as Authorization.
How to enable Spring Security in your Spring Boot?
Enabling Spring Security in Spring Boot is very easy. Add following Artifact in your pom.xml file, automatically your Spring Boot App became Spring Security enabled.
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
Once you added this artifact you can’t access any page directly, when try to access any page , Spring Boot redirect to login page. This magic happen without writing any code changes.
What is the User name and password to login?
The default user name is “user” and password you can see when you start the server. Whenever you start the application, Spring Boot generate new password that you can see in your console. you need to use that password to login. Each time start the Spring Boot App, it will generate new password.
Go to https://start.spring.io/ and select whatever I have select in the form otherwise click this video and follow the steps.
Download source code from following GitHub link
Watch this 10 minutes video for better understanding