package sample.config; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; /** * @author jitendra on 3/3/16. */ @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http .formLogin() .loginPage("/login") .permitAll() .and() .authorizeRequests() .antMatchers("/resources/**").permitAll() .anyRequest().authenticated() .and() .logout() .permitAll(); } @Autowired public void configureGlobal(AuthenticationManagerBuilder builder) throws Exception { builder .inMemoryAuthentication() .withUser("user").password("password").roles("USER"); } }