Okay, this chapter is titled Securing Your App with Spring Boot, yet we have spent a fair amount of time... NOT securing our app! That is about to change. Thanks to this little bit of restructuring, we can move forward with locking things down as desired.
Let's take a crack at writing some security policies, starting with the chat microservice:
@EnableWebFluxSecurity public class SecurityConfiguration { @Bean SecurityWebFilterChain springWebFilterChain(HttpSecurity http) { return http .authorizeExchange() .pathMatchers("/**").authenticated() .and() .build(); } }
The preceding security policy can be defined as follows:
- @EnableWebFluxSecurity activates the Spring WebFlux security filters needed to secure our ...