diff --git a/dgs-graphql/src/main/kotlin/com/cubetiqs/graphql/demo/config/WebSecurityConfig.kt b/dgs-graphql/src/main/kotlin/com/cubetiqs/graphql/demo/config/WebSecurityConfig.kt
index fd14544..52075ba 100644
--- a/dgs-graphql/src/main/kotlin/com/cubetiqs/graphql/demo/config/WebSecurityConfig.kt
+++ b/dgs-graphql/src/main/kotlin/com/cubetiqs/graphql/demo/config/WebSecurityConfig.kt
@@ -1,5 +1,9 @@
 package com.cubetiqs.graphql.demo.config
 
+import com.cubetiqs.graphql.demo.secutiry.AuthService
+import com.cubetiqs.security.jwt.AuthenticationExceptionEntryPoint
+import com.cubetiqs.security.jwt.JwtSecurityConfigurer
+import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
@@ -11,11 +15,22 @@ import org.springframework.security.config.http.SessionCreationPolicy
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
 class WebSecurityConfig : WebSecurityConfigurerAdapter() {
+    @Autowired
+    private lateinit var authService: AuthService
+
     override fun configure(http: HttpSecurity) {
-        http.csrf().disable()
+        http.csrf()
+            .and()
+            .httpBasic()
+            .disable()
             .sessionManagement()
             .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
             .and()
+            .exceptionHandling()
+            .authenticationEntryPoint(AuthenticationExceptionEntryPoint())
+            .and()
+            .apply(JwtSecurityConfigurer(authService))
+            .and()
             .authorizeRequests()
             .anyRequest()
             .permitAll()
diff --git a/dgs-graphql/src/main/kotlin/com/cubetiqs/graphql/demo/secutiry/AuthService.kt b/dgs-graphql/src/main/kotlin/com/cubetiqs/graphql/demo/secutiry/AuthService.kt
new file mode 100644
index 0000000..8a62126
--- /dev/null
+++ b/dgs-graphql/src/main/kotlin/com/cubetiqs/graphql/demo/secutiry/AuthService.kt
@@ -0,0 +1,12 @@
+package com.cubetiqs.graphql.demo.secutiry
+
+import org.springframework.security.core.userdetails.UserDetails
+import org.springframework.security.core.userdetails.UserDetailsService
+import org.springframework.stereotype.Service
+
+@Service
+class AuthService : UserDetailsService {
+    override fun loadUserByUsername(username: String?): UserDetails {
+        TODO("Not yet implemented")
+    }
+}
\ No newline at end of file