1
00:00:00,180 --> 00:00:06,950
In this video, let's try to configure the security of the services that we developed as per our equipment,

2
00:00:07,260 --> 00:00:14,130
so like we are seeing in the last few videos, by default, spring security will try to secure all the

3
00:00:14,130 --> 00:00:20,710
services that we configure inside the project to preview that, let's try to go and do some pants on

4
00:00:20,710 --> 00:00:22,100
in court right now.

5
00:00:22,260 --> 00:00:28,560
What I'm trying to do here is like I just created a package Kondrat Easybeats config on inside that

6
00:00:28,560 --> 00:00:32,140
I created a new class called Project Security Conflict.

7
00:00:32,159 --> 00:00:33,960
So this is my last name.

8
00:00:34,260 --> 00:00:40,640
And I have annotated with the configuration annotation, which is an indication to my spring cantine

9
00:00:41,040 --> 00:00:46,880
that this is a configuration class and it has to consider while putting on the application.

10
00:00:46,890 --> 00:00:54,000
One of the basic thing that we have to do whenever we try to customize the spring security aspect our

11
00:00:54,000 --> 00:00:59,580
needs is we have to extend this Web security Conficker around.

12
00:00:59,730 --> 00:01:08,640
So this is the most important class inside spring security framework where we extend and orient the

13
00:01:08,640 --> 00:01:12,080
methods available inside it as part of our requirements.

14
00:01:12,210 --> 00:01:19,410
If you see here, I'm just trying to write a method called Conficker, which accent the parameters of

15
00:01:20,070 --> 00:01:21,000
security.

16
00:01:21,010 --> 00:01:24,870
As of now, I didn't implement anything inside this method.

17
00:01:24,960 --> 00:01:31,890
But to show you what the default configurations construct by spring security for all the rest services

18
00:01:31,890 --> 00:01:36,110
or any authentication you are allowed that we try to build in our application.

19
00:01:36,150 --> 00:01:41,160
You can go inside this class and you can look for this Conficker.

20
00:01:41,290 --> 00:01:46,560
I'm trying to go inside the class and this is a security library.

21
00:01:46,560 --> 00:01:52,680
You can see this is the jobs that I have downloaded using spring starter projects and Mavin.

22
00:01:52,800 --> 00:02:00,360
And inside this class, I am searching for a configure method which accepts strategic security as a

23
00:02:00,360 --> 00:02:00,740
parent.

24
00:02:00,930 --> 00:02:08,300
If you see here, the default implementation of this method is any request that comes to inside.

25
00:02:08,310 --> 00:02:15,420
Our application has to be authenticated, authenticated in the sense any you are or any other service

26
00:02:15,420 --> 00:02:20,820
that I have in my application, it has to be validated by credentials.

27
00:02:20,820 --> 00:02:23,340
A user has to be authenticate himself.

28
00:02:23,430 --> 00:02:29,960
And at the same time we have an end condition saying that all the request has to be authenticated,

29
00:02:29,970 --> 00:02:34,620
all you orals, and this has to happen for all form login.

30
00:02:34,620 --> 00:02:36,240
And it's pretty basic form.

31
00:02:36,240 --> 00:02:43,890
Login is the method which indicates my spring security, all the browser requests coming through forms

32
00:02:43,890 --> 00:02:50,820
like login from my contact form and at the same time historically basically is a method which indicates

33
00:02:50,820 --> 00:02:56,880
all the requests coming through my back and APIs like I may be calling through some other Java code

34
00:02:57,030 --> 00:02:59,850
through back and by using this template.

35
00:03:00,210 --> 00:03:04,200
In the case of Posman, we are also trying to call that through the back.

36
00:03:04,330 --> 00:03:10,650
There's no way and to be basic indicates that and form login indicates something trying to call from

37
00:03:10,650 --> 00:03:16,410
the browser and you can see by default, bring security, expect every request.

38
00:03:16,410 --> 00:03:21,090
Any request means any request that is coming to it has to be authenticated.

39
00:03:21,180 --> 00:03:25,590
And this applies to both form login and add to what I will do.

40
00:03:25,590 --> 00:03:33,120
Yes, I'll try to copy paste and implement the same into my project security config class.

41
00:03:33,120 --> 00:03:39,900
Also post that I will go to my spring security starting boot application class here.

42
00:03:39,900 --> 00:03:45,750
I have added another component scan, which is the package that we added and since we have multiple

43
00:03:45,750 --> 00:03:53,940
packages I am using component scans is an annotation, which is accept an array of components and annotations.

44
00:03:53,940 --> 00:03:56,940
So this will tell my springboard application.

45
00:03:56,940 --> 00:04:04,800
Go ahead and scan for these packages and to us inside these packages and it will look for all the controllers

46
00:04:04,800 --> 00:04:10,020
wrist controllers and it will build the restabilize and at the same time inside the config, it will

47
00:04:10,260 --> 00:04:13,740
try to look what the customization that we are trying to do.

48
00:04:13,800 --> 00:04:19,290
And as is shown right now, we are going with the default implementation of the spring security.

49
00:04:19,290 --> 00:04:24,600
That means every request that inside my application there are six services.

50
00:04:24,990 --> 00:04:31,050
All these six services has to be authenticate themselves before processing the business.

51
00:04:31,530 --> 00:04:33,330
So this is the default behavior.

52
00:04:33,330 --> 00:04:38,750
Let's try to see what will happen if we try to start services using this code.

53
00:04:39,120 --> 00:04:45,660
Let's try to start this application with this code that we have copy paste from the spring security

54
00:04:45,660 --> 00:04:49,050
framework and see how the application behaves as.

55
00:04:49,050 --> 00:04:52,680
But understanding this has to be nothing different.

56
00:04:52,680 --> 00:04:59,460
What we have to start before, because we are going right now with the default implementation itself

57
00:04:59,460 --> 00:04:59,850
even.

58
00:04:59,980 --> 00:05:08,800
In our spring security custom, best that I came to Bozeman and I'm going to call my cards without any

59
00:05:08,800 --> 00:05:13,380
authorization details we should expect for zero one.

60
00:05:13,420 --> 00:05:20,320
Now, if I go and provide the authentication details, which we can't figure, we should get a proper

61
00:05:20,320 --> 00:05:21,060
response.

62
00:05:21,100 --> 00:05:27,940
The same applies for all the services like my iPhone, as you can see.

63
00:05:28,060 --> 00:05:30,430
Here are the account details from the database.

64
00:05:30,430 --> 00:05:34,660
So it is confirmed by default spring security.

65
00:05:34,690 --> 00:05:40,550
Expect every Warrell to be secured inside your application in next video.

66
00:05:40,770 --> 00:05:44,110
Let's try to configure our project.

67
00:05:44,770 --> 00:05:45,310
Thank you.

68
00:05:45,310 --> 00:05:45,610
By.