commit 8c954e5160ce25acf2dd8e056c06bbbecf5a4c2d
author James Bognar <jamesbognar@apache.org> Mon Oct 21 16:52:25 2019 -0400
committer GitHub <noreply@github.com> Mon Oct 21 16:52:25 2019 -0400
tree 45f95329a39cceffd5105b636eece3b008a9bdec
parent 3e08662cd60589a524c2bdf29b6341efb539e545
parent d38611bd9af10e19e18251014c3db3eb7bdfbc29

Merge pull request #5 from ishita20/dev_new

URL level security using WebSecurityConfigurerAdapter

juneau-petstore-server/pom.xml

diff --git a/juneau-petstore-server/pom.xml b/juneau-petstore-server/pom.xml
index 1b4cfa1..9dc3f39 100644
--- a/juneau-petstore-server/pom.xml
+++ b/juneau-petstore-server/pom.xml
@@ -91,12 +91,32 @@
             <groupId>org.springframework.boot</groupId>
 		    <artifactId>spring-boot-starter-data-jpa</artifactId>	 
         </dependency>
-        
+
+        <!-- Spring Security -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>5.1.5.RELEASE</version>
+        </dependency>
+
       <!-- Cache -->
         <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-cache</artifactId>
-        </dependency> 
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-test-autoconfigure</artifactId>
+        </dependency>
     </dependencies>
 
     <build>

juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java

diff --git a/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java b/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java
new file mode 100644
index 0000000..112a3b7
--- /dev/null
+++ b/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java
@@ -0,0 +1,37 @@
+package org.apache.juneau.petstore.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+public class SpringSecurityConfig extends WebSecurityConfigurerAdapter{
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+        auth.inMemoryAuthentication()
+                .withUser("user").password("{noop}password").roles("USER")
+                .and()
+                .withUser("admin").password("{noop}password").roles("USER", "ADMIN");
+
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+
+        http
+                .httpBasic()
+                .and()
+                .authorizeRequests()
+                .antMatchers(HttpMethod.POST, "/petstore/pet").hasRole("ADMIN")
+                .antMatchers(HttpMethod.PUT, "/petstore/pet/**").hasRole("ADMIN")
+                .antMatchers(HttpMethod.DELETE, "/petstore/pet/**").hasRole("ADMIN")
+                .and()
+                .csrf().disable()
+                .formLogin().disable();
+    }
+
+}