Update

pom.xml

@@ -70,6 +70,17 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-mail</artifactId>
 		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+
 	</dependencies>
 
 	<build>

src/main/java/com/libraryman_api/security/LoginController.java

@@ -1,4 +1,20 @@
 package com.libraryman_api.security;
 
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.security.Principal;
+
+@RestController
 public class LoginController {
+
+    @GetMapping("/api/ajay")
+    public String login(Principal principal) {
+        System.out.println("\n\n\n\n\n\n\n\n\n\n\n\n\n\n");
+        System.out.println("Principal Name: " + principal.getName());
+        System.out.println("Principal: " + principal);
+
+        return "Hello World";
+    }
+
 }

src/main/java/com/libraryman_api/security/PasswordEncoder.java

@@ -0,0 +1,14 @@
+package com.libraryman_api.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+public class PasswordEncoder {
+
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}

src/main/java/com/libraryman_api/security/WebConfiguration.java

@@ -0,0 +1,33 @@
+package com.libraryman_api.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+
+import static com.libraryman_api.member.Role.ADMIN;
+import static org.springframework.security.config.Customizer.withDefaults;
+import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
+
+@Configuration
+@EnableWebSecurity(debug = true) // Do not use (debug=true) in a production system! as this contain sensitive information.
+public class WebConfiguration {
+
+    @Bean
+    public SecurityFilterChain web(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests((request) -> request
+                                // make sure it is in order to access the proper Url
+
+                                .requestMatchers("/signup").permitAll()
+                                .requestMatchers("/login").permitAll()
+                )
+//                .sessionManagement(session -> session.sessionCreationPolicy(STATELESS))
+                .formLogin(withDefaults());
+        return http.build();
+    }
+}