pom.xml
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.9</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
</dependencies>
MyReportsApplication.java
package com.karthik.reports;
@SpringBootApplication
public class MyReportsApplication {
public static void main(String[] args) {
System.out.println("IN MAIN CLASS");
SpringApplication.run(MyReportsApplication.class, args);
}
}
I have created a configuration class for custom security configuration as shown below
SecurityConfig.java
package com.karthik.reports.config;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
public InMemoryUserDetailsManager userDetailsManager() {
UserDetails user = User.withDefaultPasswordEncoder()
.username("Karthik")
.password("pass")
.roles("ADMIN")
.build();
return new InMemoryUserDetailsManager(user);
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
System.out.println("SECURITY FILTER CHAIN");
return http
.csrf(csrf-> csrf.disable())
.authorizeRequests(auth -> {
auth.antMatchers("/country").permitAll();
auth.antMatchers("/state").hasRole("USER");
auth.antMatchers("/city/**").hasRole("ADMIN");
})
.httpBasic(Customizer.withDefaults())
.build();
}
}
When I hit my REST end point http://localhost:8090/myreports/country, I am getting a default login page. I have also enabled httpbasic authentication in the config class
Can you please advise on how to remove the default login page and why the default login form is coming for "/country" endpoint which need not be authenticated as per the config class.