andifalk/spring-security-for-newbies

Spring Security Introduction Demos

Spring Security for Newbies

This repository contains demo labs to show how spring security works using a simple spring boot application.

The demo application

The application provides the following REST APIs:

• localhost:9090/api/message (GET request)
• localhost:9090/api/message (POST request)
• localhost:9090/api/admin (GET request)

In addition, it exposes all common spring actuator REST APIs:

• localhost:9090/actuator

You can also look at the REST API docs using:

• Open API V3
• Swagger UI

You may also use the provided postman collection for your convenience.

The labs

All labs are organized using different git branches:

1. Initial unsecured application (branch main)
2. Using spring security just with spring boot auto-configuration (branch autoconfig)
3. Custom authentication configuration with our own user storage (branch custom-auth)
4. Add authorization to the application (branch authorization)
5. Convert app into an OAuth/OpenID Connect resource server (branch oauth)