diff --git a/pom.xml b/pom.xml
index 1dde8b56b..60be53522 100644
--- a/pom.xml
+++ b/pom.xml
@@ -69,6 +69,11 @@
         <groupId>org.springframework.security</groupId>  
     	<artifactId>spring-security-taglibs</artifactId>  
     </dependency>
+    <dependency>
+    	<groupId>org.springframework.boot</groupId>
+    	<artifactId>spring-boot-starter-security</artifactId>
+    	<version>2.4.4</version>
+	</dependency>
     
     <!-- Jsp -->
     <dependency>
diff --git a/src/main/java/org/springframework/cheapy/configuration/ExceptionHandlerConfiguration.java b/src/main/java/org/springframework/cheapy/configuration/ExceptionHandlerConfiguration.java
new file mode 100644
index 000000000..e578e2a7e
--- /dev/null
+++ b/src/main/java/org/springframework/cheapy/configuration/ExceptionHandlerConfiguration.java
@@ -0,0 +1,28 @@
+package org.springframework.cheapy.configuration;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * This advice is necessary because MockMvc is not a real servlet environment, therefore it does not redirect error
+ * responses to [ErrorController], which produces validation response. So we need to fake it in tests.
+ * It's not ideal, but at least we can use classic MockMvc tests for testing error response + document it.
+ */
+@ControllerAdvice
+public class ExceptionHandlerConfiguration 
+{
+	@Autowired
+	private BasicErrorController errorController;
+    // add any exceptions/validations/binding problems
+
+   @ExceptionHandler(Exception.class)
+   public String defaultErrorHandler(HttpServletRequest request,  Exception ex)  {
+        request.setAttribute("javax.servlet.error.request_uri", request.getPathInfo());
+        request.setAttribute("javax.servlet.error.status_code", 400);
+        request.setAttribute("exeption", ex);
+        return "exception";
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java b/src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java
new file mode 100644
index 000000000..46e1b8600
--- /dev/null
+++ b/src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java
@@ -0,0 +1,72 @@
+
+package org.springframework.cheapy.configuration;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+
+/**
+ * @author japarejo
+ */
+@Configuration
+@EnableWebSecurity
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+	@Autowired
+	DataSource dataSource;
+
+
+	@Override
+	protected void configure(final HttpSecurity http) throws Exception {
+
+		http.authorizeRequests().antMatchers("/resources/**", "/webjars/**", "/h2-console/**").permitAll()
+		.antMatchers(HttpMethod.GET, "/", "/oups").permitAll()
+		.antMatchers("/users/new").permitAll()
+		.antMatchers("/usuarios/new").permitAll()
+		.antMatchers("/admin/**").hasAnyAuthority("admin")
+		.antMatchers("/owners/**").hasAnyAuthority("owner", "admin")
+		.antMatchers("/vets/**").authenticated().anyRequest().denyAll()
+		.and().formLogin()
+			/* .loginPage("/login") */
+			.failureUrl("/login-error").and().logout().logoutSuccessUrl("/");
+
+		// Configuración para que funcione la consola de administración
+		// de la BD H2 (deshabilitar las cabeceras de protección contra
+		// ataques de tipo csrf y habilitar los framesets si su contenido
+		// se sirve desde esta misma página.
+		http.csrf().ignoringAntMatchers("/h2-console/**");
+		http.headers().frameOptions().sameOrigin();
+	}
+
+	@Override
+
+	public void configure(final AuthenticationManagerBuilder auth) throws Exception {
+		auth.jdbcAuthentication().dataSource(this.dataSource)
+			//[login de admin,owner y vet] .usersByUsernameQuery("select username,password,enabled " + "from users " + "where username = ?")
+			.usersByUsernameQuery("select nombre_usuario,contra,enabled from usuarios where nombre_usuario=?").authoritiesByUsernameQuery("select username, authority " + "from authorities " + "where username = ?") //[login de tallerespaco]
+			.passwordEncoder(this.passwordEncoder());
+
+	}
+
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+		PasswordEncoder encoder = NoOpPasswordEncoder.getInstance();
+		return encoder;
+	}
+
+}
diff --git a/src/main/webapp/WEB-INF/tags/menu.tag b/src/main/webapp/WEB-INF/tags/menu.tag
index ad7f36319..e35936a47 100644
--- a/src/main/webapp/WEB-INF/tags/menu.tag
+++ b/src/main/webapp/WEB-INF/tags/menu.tag
@@ -49,8 +49,6 @@
 			</ul>
 
 
-
-
 			<ul class="nav navbar-nav navbar-right">
 				<sec:authorize access="!isAuthenticated()">
 					<li><a href="<c:url value="/login" />">Login</a></li>