Skip to main content

Posts

Showing posts from January 7, 2018

REST tutorial : security

Greetings!

So far we have created a nice looking REST API with Java tech stack. But it is missing a crucial piece. Security!!!

Complete source code, todoapp
$ git clone https://github.com/slmanju/todoapp.git
$ cd todoapp
$ git checkout security
Spring Security Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications.
spring-security

Lets add spring security starter to our project.
compile('org.springframework.boot:spring-boot-starter-security')

$ gradle clean bootrun
$ curl -i http://localhost:8080/todos
You will get a message like this,
{"timestamp":1515304279482,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/todos"}

With just adding the library Spring has secured our application!

Have a look at the console log. You can see so…