1
1
.
.
1
1
.
.
1
1
A
A
u
u
t
t
h
h
e
e
n
n
t
t
i
i
c
c
a
a
t
t
i
i
o
o
n
n
I
I
n
n
f
f
o
o
Authentication answers question: "Who are you?" => By using Credentials: Username, Password, Temporary Code
Authentication concerns itself with how to
define Users (application.properties, Class, Database)
enable Users to provide their Credentials (Login form, Authentication Header)
Authentication can be
Database Authentication if Users are defined in DB
In-memory Authentication if Users are defined in Application
Default User and autogenerated Password user/506e6f00-2b11-4036-96d6-74633e94da2d
Single User defined in application.authorities spring.security.user.name / password / roles
Multiple Users defined in SecurityConfig Class .username("myuser").password("mypass").roles("ADMIN")
After User gets Authenticated, User Object is created to hold User data (Username, Password, Authorities).
This User Object is then used to Authorize access to different Endpoints based on User's Authorities (Roles).