I need to implement spring security for my api-controller.
-> Each page should contain a header with username (like in Siteminder?).
-> Every user has been already registered in SpringConfiguration
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { ... gets all users from database with their authorities }-> For every page it's configured, which authorities a user should have
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("**/Pagename/**").hasAuthority("authorityName"); }I cannot understand now, what should I add to make the program read a username from page header. RequestHeaderAuthenticationFilter? Another kind of filter?
The other question is if you could give me a link to tutorial/examle how to build it in without using XML.