SpringBoot Day5: Authentication

Form Based

Spring Boot supports forms-based authentication

Create extension of WebSecurityConfigurerAdapter

Use EnableWebSecurity annotation

OAuth2

Spring Boot supports OAuth2 client and server

Use EnableOAuth2Client annotation

simple authorization server can be created with the annotation EnableAuthorizationServer and can be customized

Resource server is just: annotation EnableResourceServer

A Note on Hashing

SHA-1 should be considered owned

BCrypt is an industry standard and can be used for forms-based authentication

Simple Implementation

Add dependency

Create a class SecurityConfiguration

Create a login controller

Create a login html

Make sure login in getLoginPage() is the same with the name of login file (login.html)

Finally, we are done!