This project is a simple implementation of Role-Based Authentication using Spring Security. It demonstrates how to secure endpoints based on user roles and implement user authentication and authorization effectively.
- User authentication with username and password.
- Role-based access control (e.g.,
ADMIN,USER, etc.). - Secured endpoints accessible only by authorized roles.
- Basic user data stored in memory for simplicity (can be replaced with a database).
- JWT (JSON Web Tokens) implementation for authentication (if applicable).
- Java: Core programming language.
- Spring Boot: Framework for application setup and configurations.
- Spring Security: Security framework for authentication and authorization.
- Maven: Build tool for managing dependencies and project lifecycle.
- Postman (optional): For testing API endpoints.
-
Clone the repository:
git clone https://github.com/deepakmali-09/spring-security-p02-role-base-auth.git cd sspring-security-p02-role-base-auth -
Build the project using Maven:
mvn clean install
-
Run the application:
mvn spring-boot:run
-
Access the application:
- Base URL:
http://localhost:8080
- Base URL:
| Endpoint | Method | Role Required | Description |
|---|---|---|---|
/login |
POST | Public | Authenticate user |
/transfer |
GET | ADMIN | Access restricted to ADMIN role |
/update |
GET | USER | Access restricted to USER role |
- Use Postman or a similar tool to test API endpoints.
- Login with valid credentials to receive a token.
├── src/main/java
│ ├── com.deep.SpringSecurity-P02-RoleBaseAuth
│ ├── config // Security configurations
│ ├── controllers // REST controllers
└── pom.xml // Maven dependencies
- Integrate with a database (e.g., MySQL, MongoDB) for user management.
- Add support for OAuth2 or SSO.
- Implement account locking and password recovery features.
Contributions are welcome! Feel free to submit a pull request or open an issue to discuss changes or enhancements.