Skip to main content


Showing posts from January 7, 2018

REST tutorial : security

Greetings! So far we have created a nice looking REST API with Java tech stack. But it is missing a crucial piece. Security!!! Complete source code,  todoapp $ git clone $ cd todoapp $ git checkout security Spring Security Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. spring-security Lets add spring security starter to our project. compile('org.springframework.boot:spring-boot-starter-security') $ gradle clean bootrun $ curl -i http://localhost:8080/todos You will get a message like this, {"timestamp":1515304279482,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/todos"} With just adding the library Spring has secured our application! Have a look at the con