0
0
Spring Bootframework~10 mins

SecurityFilterChain configuration in Spring Boot - Interactive Code Practice

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to define a SecurityFilterChain bean in Spring Boot.

Spring Boot
public @Bean SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
    return http
        .csrf().disable()
        .authorizeHttpRequests(auth -> auth.anyRequest().[1]())
        .build();
}
Drag options to blanks, or click blank then click option'
ApermitAll
Bauthenticated
CdenyAll
DhasRole
Attempts:
3 left
💡 Hint
Common Mistakes
Using 'authenticated' will require login for all requests.
Using 'denyAll' blocks all requests.
Using 'hasRole' requires specifying a role.
2fill in blank
medium

Complete the code to disable CSRF protection in the SecurityFilterChain.

Spring Boot
public @Bean SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http.[1]();
    return http.build();
}
Drag options to blanks, or click blank then click option'
Acsrf().disable
BhttpBasic
Ccsrf().enable
DauthorizeHttpRequests
Attempts:
3 left
💡 Hint
Common Mistakes
Using 'csrf().enable' is invalid.
Using 'authorizeHttpRequests' does not disable CSRF.
Using 'httpBasic' enables basic auth, not related to CSRF.
3fill in blank
hard

Fix the error in the code to require authentication for all requests.

Spring Boot
public @Bean SecurityFilterChain securityChain(HttpSecurity http) throws Exception {
    http.authorizeHttpRequests(auth -> auth.anyRequest().[1]());
    return http.build();
}
Drag options to blanks, or click blank then click option'
ApermitAll
BdenyAll
Canonymous
Dauthenticated
Attempts:
3 left
💡 Hint
Common Mistakes
Using 'permitAll' allows all requests without login.
Using 'denyAll' blocks all requests.
Using 'anonymous' allows unauthenticated access.
4fill in blank
hard

Fill both blanks to configure HTTP Basic authentication and disable CSRF.

Spring Boot
public @Bean SecurityFilterChain securityConfig(HttpSecurity http) throws Exception {
    http.[1]();
    http.[2]();
    return http.build();
}
Drag options to blanks, or click blank then click option'
AhttpBasic
Bcsrf().disable
CformLogin
DauthorizeHttpRequests
Attempts:
3 left
💡 Hint
Common Mistakes
Using 'formLogin' instead of 'httpBasic' changes the login method.
Not disabling CSRF can cause issues with POST requests.
Calling 'authorizeHttpRequests' here does not disable CSRF.
5fill in blank
hard

Fill all three blanks to create a SecurityFilterChain that disables CSRF, requires authentication for all requests, and enables HTTP Basic authentication.

Spring Boot
public @Bean SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http.csrf().[1]();
    http.authorizeHttpRequests(auth -> auth.anyRequest().[2]());
    http.[3]();
    return http.build();
}
Drag options to blanks, or click blank then click option'
Adisable
Bauthenticated
ChttpBasic
DpermitAll
Attempts:
3 left
💡 Hint
Common Mistakes
Using 'permitAll' allows all requests without login.
Not disabling CSRF can cause security issues.
Forgetting to enable HTTP Basic means no login prompt.