- Implement method
protected void configure(HttpSecurity http)
in theSecurityConfig
class - Permit access for all user to
/register
,/login
,/inject
endpoints - Permit access only for ADMIN to all endpoints marked with
@DeleteMapping
annotation - Create and implement class
JwtTokenProvider
- Create and implement class
JwtTokenFilter
- Create and implement class
JwtConfigurer
- Implement
"/login"
endpoint - Create your own exception
InvalidJwtAuthenticationException