need spring security java config example showing basic auth only

Question

My current java security config looks as follows:

@Configuration
@EnableWebSecurity
public class RootConfig extends WebSecurityConfigurerAdapter {

@Override         


        

Answer 1

UPDATE: This is fixed in Spring Security 3.2.0.RC1+

This is a bug in the Security Java Configuration that will be resolved for the next release. I have created SEC-2198 to track it. For now, a work around is to use something like the following:

@Bean
public BasicAuthenticationEntryPoint entryPoint() {
    BasicAuthenticationEntryPoint basicAuthEntryPoint = new BasicAuthenticationEntryPoint();
    basicAuthEntryPoint.setRealmName("My Realm");
    return basicAuthEntryPoint;
}

@Override
protected void configure(HttpSecurity http) throws Exception {

    http
        .exceptionHandling()
            .authenticationEntryPoint(entryPoint())
            .and()
        .authorizeUrls()
            .anyRequest().authenticated()
            .and()
        .httpBasic();       
}

PS: Thanks for giving Spring Security Java Configuration a try! Keep the feedback up :)

Answer 2

With Spring Security 4.2.3 and probably before you can simply use this configuration:

@Configuration
@EnableWebSecurity
public class CommonWebSecurityConfig extends WebSecurityConfigurerAdapter {

   @Override
   protected void configure(final HttpSecurity http) throws Exception {
     http
        .authorizeRequests()
           .anyRequest().authenticated()
           .and()
        .httpBasic();
  }
  @Autowired
  public void dlcmlUserDetails(final AuthenticationManagerBuilder auth) throws Exception {
      auth.inMemoryAuthentication()
          .withUser("tom").password("111").roles("USER");
  }
}