The JWT par of this work is based on JWT Spring Security Demo By Stephan Zerhusen
This demo is build with with Maven 3 and Java 1.8.
Just start the application with the Spring Boot maven plugin (mvn spring-boot:run). The application is
running at http://localhost:8080.
There are three user accounts present to demonstrate the different levels of access to the endpoints in the API and the different authorization exceptions:
Admin - admin:admin
User - user:password
Disabled - disabled:password (this user is disabled)
There are three endpoints that are reasonable for the demo:
/auth - authentication endpoint with unrestricted access
/persons - an example endpoint that is restricted to authorized users (a valid JWT token must be present in the request header)
/protected - an example endpoint that is restricted to authorized users with the role 'ROLE_ADMIN' (a valid JWT token must be present in the request header)