diff --git a/jee-7-security/README.md b/jee-7-security/README.md
new file mode 100644
index 0000000000..314de6d957
--- /dev/null
+++ b/jee-7-security/README.md
@@ -0,0 +1,2 @@
+### Relevant Articles:
+- [Securing Java EE with Spring Security](http://www.baeldung.com/java-ee-spring-security)
diff --git a/jee-7-security/pom.xml b/jee-7-security/pom.xml
new file mode 100644
index 0000000000..622ca19903
--- /dev/null
+++ b/jee-7-security/pom.xml
@@ -0,0 +1,102 @@
+
+
+ 4.0.0
+ jee-7-security
+ 1.0-SNAPSHOT
+ war
+ jee-7-security
+ JavaEE 7 Spring Security Application
+
+
+ com.baeldung
+ parent-modules
+ 1.0.0-SNAPSHOT
+
+
+
+
+ javax
+ javaee-api
+ ${javaee_api.version}
+ provided
+
+
+ com.sun.faces
+ jsf-api
+ ${com.sun.faces.jsf.version}
+
+
+ com.sun.faces
+ jsf-impl
+ ${com.sun.faces.jsf.version}
+
+
+ javax.servlet
+ jstl
+ ${jstl.version}
+
+
+ javax.servlet
+ javax.servlet-api
+ ${javax.servlet-api.version}
+
+
+ javax.servlet.jsp
+ jsp-api
+ ${jsp-api.version}
+ provided
+
+
+ taglibs
+ standard
+ ${taglibs.standard.version}
+
+
+
+ javax.mvc
+ javax.mvc-api
+ 1.0-pr
+
+
+
+ org.springframework.security
+ spring-security-web
+ ${org.springframework.security.version}
+
+
+
+ org.springframework.security
+ spring-security-config
+ ${org.springframework.security.version}
+
+
+ org.springframework.security
+ spring-security-taglibs
+ ${org.springframework.security.version}
+
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-war-plugin
+ ${maven-war-plugin.version}
+
+ src/main/webapp
+ false
+
+
+
+
+
+
+ 7.0
+ 2.2.14
+ 2.2
+ 1.1.2
+ 4.2.3.RELEASE
+
+
+
diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/SecurityWebApplicationInitializer.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/SecurityWebApplicationInitializer.java
new file mode 100644
index 0000000000..e3e2ed80e6
--- /dev/null
+++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/SecurityWebApplicationInitializer.java
@@ -0,0 +1,10 @@
+package com.baeldung.springsecurity;
+
+import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
+
+public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
+
+ public SecurityWebApplicationInitializer() {
+ super(SpringSecurityConfig.class);
+ }
+}
diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/SpringSecurityConfig.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/SpringSecurityConfig.java
new file mode 100644
index 0000000000..70be1f91ce
--- /dev/null
+++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/SpringSecurityConfig.java
@@ -0,0 +1,46 @@
+package com.baeldung.springsecurity;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth
+ .inMemoryAuthentication()
+ .withUser("user1")
+ .password("user1Pass")
+ .roles("USER")
+ .and()
+ .withUser("admin")
+ .password("adminPass")
+ .roles("ADMIN");
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .csrf()
+ .disable()
+ .authorizeRequests()
+ .antMatchers("/auth/login*")
+ .anonymous()
+ .antMatchers("/home/admin*")
+ .hasRole("ADMIN")
+ .anyRequest()
+ .authenticated()
+ .and()
+ .formLogin()
+ .loginPage("/auth/login")
+ .defaultSuccessUrl("/home", true)
+ .failureUrl("/auth/login?error=true")
+ .and()
+ .logout()
+ .logoutSuccessUrl("/auth/login");
+ }
+}
\ No newline at end of file
diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/HomeController.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/HomeController.java
new file mode 100644
index 0000000000..1662f38609
--- /dev/null
+++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/HomeController.java
@@ -0,0 +1,28 @@
+package com.baeldung.springsecurity.controller;
+
+import javax.mvc.annotation.Controller;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+
+@Path("/home")
+@Controller
+public class HomeController {
+
+ @GET
+ public String home() {
+ return "home.jsp";
+ }
+
+ @GET
+ @Path("/user")
+ public String admin() {
+ return "user.jsp";
+ }
+
+ @GET
+ @Path("/admin")
+ public String user() {
+ return "admin.jsp";
+ }
+
+}
diff --git a/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/LoginController.java b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/LoginController.java
new file mode 100644
index 0000000000..a34abbfd2c
--- /dev/null
+++ b/jee-7-security/src/main/java/com/baeldung/springsecurity/controller/LoginController.java
@@ -0,0 +1,16 @@
+package com.baeldung.springsecurity.controller;
+
+import javax.mvc.annotation.Controller;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+
+@Path("/login")
+@Controller
+public class LoginController {
+
+ @GET
+ public String login() {
+ System.out.println("Login");
+ return "login.jsp";
+ }
+}
diff --git a/jee-7-security/src/main/resources/logback.xml b/jee-7-security/src/main/resources/logback.xml
new file mode 100644
index 0000000000..c8c077ba1d
--- /dev/null
+++ b/jee-7-security/src/main/resources/logback.xml
@@ -0,0 +1,13 @@
+
+
+
+
+ %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/WEB-INF/beans.xml b/jee-7-security/src/main/webapp/WEB-INF/beans.xml
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/jee-7-security/src/main/webapp/WEB-INF/faces-config.xml b/jee-7-security/src/main/webapp/WEB-INF/faces-config.xml
new file mode 100644
index 0000000000..1f4085458f
--- /dev/null
+++ b/jee-7-security/src/main/webapp/WEB-INF/faces-config.xml
@@ -0,0 +1,8 @@
+
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/WEB-INF/spring/security.xml b/jee-7-security/src/main/webapp/WEB-INF/spring/security.xml
new file mode 100644
index 0000000000..777cd9461f
--- /dev/null
+++ b/jee-7-security/src/main/webapp/WEB-INF/spring/security.xml
@@ -0,0 +1,23 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/admin.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/admin.jsp
new file mode 100644
index 0000000000..b83ea09f5b
--- /dev/null
+++ b/jee-7-security/src/main/webapp/WEB-INF/views/admin.jsp
@@ -0,0 +1,12 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+
+
+
+
+ Welcome to the ADMIN page
+
+ ">Logout
+
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/home.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/home.jsp
new file mode 100644
index 0000000000..c6e129c9ce
--- /dev/null
+++ b/jee-7-security/src/main/webapp/WEB-INF/views/home.jsp
@@ -0,0 +1,26 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+
+
+
+
+ This is the body of the sample view
+
+
+ This text is only visible to a user
+
+ ">Restricted Admin Page
+
+
+
+
+ This text is only visible to an admin
+
+ ">Admin Page
+
+
+
+ ">Logout
+
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/login.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/login.jsp
new file mode 100644
index 0000000000..d6f2e56f3a
--- /dev/null
+++ b/jee-7-security/src/main/webapp/WEB-INF/views/login.jsp
@@ -0,0 +1,26 @@
+
+
+
+
+Login
+
+
+
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/WEB-INF/views/user.jsp b/jee-7-security/src/main/webapp/WEB-INF/views/user.jsp
new file mode 100644
index 0000000000..11b8155da7
--- /dev/null
+++ b/jee-7-security/src/main/webapp/WEB-INF/views/user.jsp
@@ -0,0 +1,12 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+
+
+
+
+ Welcome to the Restricted Admin page
+
+ ">Logout
+
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/WEB-INF/web.xml b/jee-7-security/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000000..e656ffc5be
--- /dev/null
+++ b/jee-7-security/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,71 @@
+
+
+
+
+ Faces Servlet
+ javax.faces.webapp.FacesServlet
+
+
+ Faces Servlet
+ *.jsf
+
+
+ javax.faces.PROJECT_STAGE
+ Development
+
+
+ State saving method: 'client' or 'server' (default). See JSF Specification section 2.5.2
+ javax.faces.STATE_SAVING_METHOD
+ client
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ index.jsf
+ welcome.jsf
+ index.html
+ index.jsp
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/index.jsp b/jee-7-security/src/main/webapp/index.jsp
new file mode 100644
index 0000000000..93fef9713d
--- /dev/null
+++ b/jee-7-security/src/main/webapp/index.jsp
@@ -0,0 +1,11 @@
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+
+
+ Index Page
+
+
+ Non-secured Index Page
+
+ Login
+
+
\ No newline at end of file
diff --git a/jee-7-security/src/main/webapp/secure.jsp b/jee-7-security/src/main/webapp/secure.jsp
new file mode 100644
index 0000000000..0cadd2cd4f
--- /dev/null
+++ b/jee-7-security/src/main/webapp/secure.jsp
@@ -0,0 +1,24 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8"
+ pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib uri="http://www.springframework.org/security/tags" prefix="sec" %>
+
+
+
+
+ Home Page
+
+
+Home Page
+
+
+ Hello
+ Roles:
+
+
+
+
+
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index ef34881cef..741391e09c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -399,6 +399,7 @@
javafx
jgroups
jee-7
+ jee-7-security
jhipster
jjwt
jsf
@@ -1303,6 +1304,7 @@
javafx
jgroups
jee-7
+ jee-7-security
jjwt
jsf
json-path