0

Basically, Spring boot uses Spring security feature , I understood. When i search for spring boot security, i could find 2 configre methods(1 for username auth and 1 for Allowing the authorization)

@Autowired   --> Configuring Authentication using JDBC
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
    auth.jdbcAuthentication().passwordEncoder(passwordEncoder())
        .dataSource(dataSource)
        .usersByUsernameQuery("select username, password, enabled from users where username=?")
        .authoritiesByUsernameQuery("select username, role from users where username=?")
    ;
}

@Override  --> Configure form-based authentication, we override the configure(HttpSecurity) method as follows:
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
        .anyRequest().authenticated()
        .and()
        .formLogin().permitAll()
        .and()
        .logout().permitAll();     
}

Now, my question is, Is this same for Simple Spring as well. Just ignore spring boot for now. I want to know how to implement Spring security for my application without using Spring boot feature. Still we need the same 2 methods ? If so what is the difference?

Can someone explain the difference between Spring-Security and Spring Boot security ? OAuth is coming under which type(Spring or spring boot) ?

Moulina Mary A
  • 21
  • 2
  • 1
    There is no such thing as Spring Boot Security... There is only Spring Security for security for which Spring BOot provides (some) autoconfiguration. There is no such thing as Spring Boot Security. – M. Deinum Jul 13 '23 at 08:40
  • 1
    But if you want to configure Spring Securoty yes you need something, however for newer Spring Security versions the configuration is different. I strongly suggest to check the Spring Security documentation. – M. Deinum Jul 13 '23 at 08:47

0 Answers0