This repository contains a Spring Security-based project aimed at securing a Java EE application. The project demonstrates how to integrate Spring Security with a Java EE application, providing authentication and authorization mechanisms.
- User Authentication: Secure login mechanism using Spring Security.
- Role-Based Authorization: Access control using roles and authorities.
- Password Encryption: Secure password storage using BCrypt hashing.
- Custom Authentication Provider: Implementation of a custom authentication provider.
- JWT Integration (Optional): Token-based authentication using JWT.
- Session Management: Secure session management with session expiration and concurrency control.
- CSRF Protection: Cross-Site Request Forgery protection.
- Java EE
- Spring Security
- Spring Boot
- MySQL
- JDK 21
- Maven
- MySQL
- Git
1. Clone the repository:
https://github.com/sasmithx/Spring-Security.git
2. Configure the database:
- Update the application.properties file with your database credentials.
3. Build the project:
mvn clean install
4. Run the application:
mvn spring-boot:run
5. Access the application:
- Open your browser and go to http://localhost:8080.
- '/login' : User login page.
- '/logout' : User logout endpoint.
- '/register' : Register endpoint.
- '/customer' : Customer endpoint.
- The security configuration can be customized by modifying the SecurityConfig.java file in the com.sasax.SpringSec package.
This project is licensed under the MIT License - see the MIT License file for details.