spring-boot-starter-security
as Maven dependency.
BookstoreUsersService
that can load a user with username employee
, password 12345
and role EMPLOYEE
.
12345
and the role CUSTOMER
.
SecurityConfig
with bean methods that create security filter chains such that basic authentication is used and access to the REST endpoints is restricted as follows:
Service | Function | Authentication required | Grant access to role | ||
---|---|---|---|---|---|
CUSTOMER | EMPLOYEE | ||||
Catalog | Add book Update book Find book Search books |
yes yes no no |
no no |
yes yes |
|
Customer | Register customer Find customer Update customer |
no yes yes |
yes yes |
yes yes |
|
Order | Place order Find order Search orders Cancel order |
yes yes yes yes |
yes yes yes yes |
no yes yes yes |