Create Project: springboot_security_remmberme (add Spring Boot Starters from the table)
Edit File: application.properties (add Role, User, Password)
Create Package: config (inside main package)
– Create Class: SecurityConfig.java (inside package config)
Create Package: controllers (inside main package)
– Create Class: MyController.java (inside package controllers)
application.properties
# SECURITY
spring.security.user.name = myuser
spring.security.user.password = mypassword
spring.security.user.roles = USER
SecurityConfig.java
package com.example.springboot_security_rememberme_customform.config;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
//ENABLE REMEMBER ME COOKIE
httpSecurity.rememberMe().key("something").userDetailsService(userDetailsService);
//DISABLE CSRF
httpSecurity.csrf().disable();
//SPECIFY ACCESS TO ENDPOINTS
httpSecurity.authorizeRequests()
.antMatchers("/SayHello").hasRole("USER");
//CUSTOM LOGIN FORM
httpSecurity.formLogin()
.loginPage("/MyLogin")
.loginProcessingUrl("/login");
}
}