diff --git a/spring-security-modules/pom.xml b/spring-security-modules/pom.xml
index 954b9335e4..e78b7fe80c 100644
--- a/spring-security-modules/pom.xml
+++ b/spring-security-modules/pom.xml
@@ -40,6 +40,7 @@
spring-security-stormpath
spring-security-thymeleaf
spring-security-x509
+ spring-security-kotlin-dsl
diff --git a/spring-security-modules/spring-security-kotlin-dsl/pom.xml b/spring-security-modules/spring-security-kotlin-dsl/pom.xml
new file mode 100644
index 0000000000..2c53d19c2c
--- /dev/null
+++ b/spring-security-modules/spring-security-kotlin-dsl/pom.xml
@@ -0,0 +1,86 @@
+
+
+ 4.0.0
+
+ com.baeldung
+ parent-boot-2
+ 0.0.1-SNAPSHOT
+ ../../parent-boot-2
+
+
+ com.baeldung.spring.security.dsl
+ spring-security-kotlin-dsl
+ 1.0
+ spring-security-kotlin-dsl
+ Spring Security Kotlin DSL
+
+
+ 11
+ 1.3.72
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+ com.fasterxml.jackson.module
+ jackson-module-kotlin
+
+
+ org.jetbrains.kotlin
+ kotlin-reflect
+
+
+ org.jetbrains.kotlin
+ kotlin-stdlib-jdk8
+
+
+
+ org.projectlombok
+ lombok
+ true
+
+
+ org.springframework.boot
+ spring-boot-starter-test
+ test
+
+
+
+
+ ${project.basedir}/src/main/kotlin
+ ${project.basedir}/src/test/kotlin
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+
+ org.jetbrains.kotlin
+ kotlin-maven-plugin
+
+
+ -Xjsr305=strict
+
+
+ spring
+
+
+
+
+ org.jetbrains.kotlin
+ kotlin-maven-allopen
+ ${kotlin.version}
+
+
+
+
+
+
diff --git a/spring-security-modules/spring-security-kotlin-dsl/src/main/kotlin/com/baeldung/security/kotlin/dsl/SpringSecurityKotlinApplication.kt b/spring-security-modules/spring-security-kotlin-dsl/src/main/kotlin/com/baeldung/security/kotlin/dsl/SpringSecurityKotlinApplication.kt
new file mode 100644
index 0000000000..27cc41c1e5
--- /dev/null
+++ b/spring-security-modules/spring-security-kotlin-dsl/src/main/kotlin/com/baeldung/security/kotlin/dsl/SpringSecurityKotlinApplication.kt
@@ -0,0 +1,71 @@
+package com.baeldung.security.kotlin.dsl
+
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.runApplication
+import org.springframework.context.annotation.Configuration
+import org.springframework.context.support.beans
+import org.springframework.core.annotation.Order
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
+import org.springframework.security.config.web.servlet.invoke
+import org.springframework.security.core.userdetails.User
+import org.springframework.security.provisioning.InMemoryUserDetailsManager
+import org.springframework.web.servlet.function.ServerResponse
+import org.springframework.web.servlet.function.router
+
+@EnableWebSecurity
+@SpringBootApplication
+class SpringSecurityKotlinApplication
+
+@Order(1)
+@Configuration
+class AdminSecurityConfiguration : WebSecurityConfigurerAdapter() {
+ override fun configure(http: HttpSecurity?) {
+ http {
+ authorizeRequests {
+ authorize("/greetings/**", hasAuthority("ROLE_ADMIN"))
+ }
+ httpBasic {}
+ }
+ }
+}
+
+@Configuration
+class BasicSecurityConfiguration : WebSecurityConfigurerAdapter() {
+ override fun configure(http: HttpSecurity?) {
+ http {
+ authorizeRequests {
+ authorize("/**", permitAll)
+ }
+ httpBasic {}
+ }
+ }
+}
+
+fun main(args: Array) {
+ runApplication(*args) {
+ addInitializers( beans {
+ bean {
+ fun user(user: String, password: String, vararg roles: String) =
+ User
+ .withDefaultPasswordEncoder()
+ .username(user)
+ .password(password)
+ .roles(*roles)
+ .build()
+
+ InMemoryUserDetailsManager(user("user", "password", "USER")
+ , user("admin", "password", "USER", "ADMIN"))
+ }
+
+ bean {
+ router {
+ GET("/greetings") {
+ request -> request.principal().map { it.name }.map { ServerResponse.ok().body(mapOf("greeting" to "Hello $it")) }.orElseGet { ServerResponse.badRequest().build() }
+ }
+ }
+ }
+ })
+ }
+}
diff --git a/spring-security-modules/spring-security-kotlin-dsl/src/main/resources/application.properties b/spring-security-modules/spring-security-kotlin-dsl/src/main/resources/application.properties
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/spring-security-modules/spring-security-kotlin-dsl/src/test/kotlin/com/spring/security/kotlin/dsl/SpringSecurityKotlinApplicationTests.kt b/spring-security-modules/spring-security-kotlin-dsl/src/test/kotlin/com/spring/security/kotlin/dsl/SpringSecurityKotlinApplicationTests.kt
new file mode 100644
index 0000000000..3da8110feb
--- /dev/null
+++ b/spring-security-modules/spring-security-kotlin-dsl/src/test/kotlin/com/spring/security/kotlin/dsl/SpringSecurityKotlinApplicationTests.kt
@@ -0,0 +1,35 @@
+package com.spring.security.kotlin.dsl
+
+import org.junit.jupiter.api.Test
+import org.junit.runner.RunWith
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.security.test.context.support.WithMockUser
+import org.springframework.test.context.junit4.SpringRunner
+import org.springframework.test.web.servlet.MockMvc
+import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.*
+import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user
+import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic
+import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated
+import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated
+import org.springframework.test.web.servlet.get
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*
+import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
+
+@RunWith(SpringRunner::class)
+@SpringBootTest
+@AutoConfigureMockMvc
+class SpringSecurityKotlinApplicationTests {
+
+ @Autowired
+ private lateinit var mockMvc: MockMvc
+
+ @Test
+ fun `ordinary user not permitted to access the endpoint`() {
+ this.mockMvc
+ .perform(get("/greetings")
+ .with(httpBasic("user", "password")))
+ .andExpect(unauthenticated())
+ }
+}