Complete the code to enable basic HTTP security in a Spring Boot application.
http
.authorizeHttpRequests()
.anyRequest().[1]();The authenticated() method ensures that all requests require the user to be logged in, which is a basic security measure.
Complete the code to configure a password encoder bean in Spring Security.
@Bean
public PasswordEncoder passwordEncoder() {
return new [1]();
}BCryptPasswordEncoder is the recommended password encoder because it hashes passwords securely.
Fix the error in the code to properly configure HTTP Basic authentication.
http .httpBasic() .and() .authorizeHttpRequests() .anyRequest().[1]();
Using authenticated() ensures that HTTP Basic authentication protects all requests.
Fill both blanks to create a security filter chain bean that disables CSRF and requires authentication for all requests.
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf().[1]();
http.authorizeHttpRequests().anyRequest().[2]();
return http.build();
}Disabling CSRF is done with disable(). Requiring authentication uses authenticated().
Fill all three blanks to configure a custom login page URL, logout URL, and success URL after login.
http
.formLogin()
.loginPage("[1]")
.defaultSuccessUrl("[3]", true)
.and()
.logout()
.logoutUrl("[2]");The custom login page is set to /custom-login, logout URL to /perform-logout, and after successful login, the user is redirected to /home.