Learn SPRING-SECURITY with Real Code Examples

@SpringBootApplication
public class DemoApplication {
    public static void main(String[] args) {
        SpringApplication.run(DemoApplication.class, args);
    }
}

// SecurityConfig.java
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser("user").password("{noop}password").roles("USER")
            .and()
            .withUser("admin").password("{noop}admin").roles("ADMIN");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
            .authorizeRequests()
            .antMatchers("/admin/**").hasRole("ADMIN")
            .anyRequest().authenticated()
            .and().httpBasic();
    }
}

// TodoController.java
@RestController
@RequestMapping("/todos")
public class TodoController {
    @GetMapping
    public List<String> getTodos() {
        return Arrays.asList("Task 1", "Task 2");
    }
}

Demonstrates a simple Spring Boot REST API with basic authentication and role-based access control using Spring Security.