In Chapter 4, Working with Spring Tag Libraries, we saw how to serve and process web forms; in that exercise we created a web page to add products. Anyone with access to the add products page could add new products to our web store. But in a typical web store, only administrators can add products. So how can we prevent other users from accessing the add products page? Spring Security comes to the rescue.
We are going to restrict access to all our web pages using Spring Security. Only an authorised user or administrator with a valid username and password can access our web pages from a browser:
Open
pom.xml
; you can findpom.xml
under the project root folder itself.You should see some tabs at the bottom of
pom.xml
; select the Dependencies tab and click the add button in the Dependencies section.A Select Dependency window will appear; enter Group Id as
org.springframework.security
, Artifact Id asspring-security-config...