Skip to main content

Adding Spring-Security to Spring-Boot App


 In the previous post we have created a simple spring boot application. This application was very simple application just getting request and showing page for requested URL. Currently all urls are open to all user that is we do not have any kind of authentication on the URL. Our spring boot application is like the open pool in which any one can come and start fishing. Now we want to secure our application so that only authenticated user will be able to visit secure part of the application. For this purpose we will be using the Spring Security. 

Scope of this tutorial. 

In this we will learn basic integration of spring security with spring boot.
NOTE: This tutorial will just contain only basic integration of spring security. If you haven’t gone through previous tutorial and you are the newbies to this spring boot then I will request you to go through previous post to get understanding of spring boot. 

Now lets get started with the configuration.

If you do not have the previous code you can check  the code on github from this link

1. Add Dependency to your pom.

 Update your "pom.xml" with this dependency this will add “spring-boot-starter-security”. 


2. Build your application.

 Now run command “mvn clean install”, This will add following three jar into your build path. This “spring-boot-starter-security” has child dependencies which are listed below. We do not have to add all these dependences explicitly to enable spring security.




  1. Spring-security-core 
  2. Spring-security-config 
  3. Spring-security-web 
  4. Spring-boot-starter-security 


3. Run the spring boot Application.

Run application after build is successful as spring boot application. Now look into the console you will find something like this saying "Using generated security password: 38aa4264-efd8-4694-b2e7-0776e774b741" .


 This is the password generated by the spring security. For authentication purpose, Spring security generate a random password and encrypt it at the start of the server. This password can be used by user to login through the authentication form provided by the spring security.

 By default seeing security have “user” as default username which needed to be provided as user name in login form. 

4.  Visit any page of your application

Try to visit "localhost:8080/index" which is configured in controller. When ever you will try to visit this page we will be redirected to default login page provided by spring security. 



5. login to your application.

This login page is configured at this url “localhost:8080/login”.



 Now provide user name as “user” and password as “encrypted password displayed at console” and click on login. Now you are successfully authenticated and you can visit any part of the authenticated url of this application. 

Try visiting "localhost:8080/index" you will get following result.

NOTE: You can check the code from git hub.

Guy’s, this is very basic configuration of adding spring security to our spring boot application. This configuration will not take us any where but this is the starting point of our application. In next post we will see how this configuration works.

Comments

Popular posts from this blog

Routing in Angular 7

What you will learn after reading this post.What is Routing in Angular 7.Basic routing of component in Angular 7.Active link in routing in Angular 7.Wild card routing in Angular 7.Child routing in Angular 7.1. What is Routing in Angular 7? Whenever in normal HTML web page we click on a link we are navigated to specific page given in that link. When we are navigated then entire view of the application is reloaded again which cost resources and this type of application is not single page application. 

Decompose Monolithic Application To Microservices

How To Decompose Application into Microservices. After reading the previous two posts you all must be excited to implement microservice architecture to your application and that's good you should be ready to implement something new that might boost the application performance,  maintenance, scalability and will make your application future proof. But have you ever thought how will you be breaking your application into micro application i.e microservices. Think about it for some minute exercise your brain for some time before reading the below tutorial.

Now i am sure that you all might  have come through excellent ideas for breaking up your application in microservices. Please feel free to mention your valuable ideas in comment so that other or even me can be benefited by your ideas.

Now before breaking your application into micro-services you should consider following points.
Points to be considered before creating microservices.Your each services should be easily testable.Your a…

Feature Modules in Angular 7

Feature Module Whenever we  create angular application we go on adding components to angular application. But as our application goes on increasing it become to much problematic to maintain such application. Every feature of our application is binded under single module which we call as app module. Which is root module of our Angular 7 application. While developing angular application without modularizing its features creates several problems  Application is not easily scalable.Application is tough to maintain.Application complexity makes it hard to understand. Solution Here feature modules comes for our rescue. Feature modules help angular applications to get modularised on basis of features present in our application. As our application grows we can divide our entire application in small feature using feature module. Feature modules helps in creating boundary that separates our specific functionality or say features. Feature modules communicates with other module or root module usin…

Monolithic Application Architecture

In regular web development process what do we do? We create one war file which contains all functionality, services, modules or all use cases related to our business. In this approach of development we do not focus to make our application modularise. We may be following modularization in our code but end product is not seperated. Every services, modules are bundled up in single war and this war is deployed on server so that our business will be available for outside world which can make a request to get the required resources. This native architecture of development is called Monolithic Architecture.

Creating Simple Hello World Application with SPRING BOOT

For creating a simple running web application with spring boot we do not have to do much. We just require to follow some simple steps and we are good to go. Unlike SpringMVC framework we do not. have to take care of all heck of configuration or XML file in one go we are all set with working mvc based web application.

Now we have to follow these steps.

Generate spring boot project from this url "https://start.spring.io/" You can do the same using STS setting to.Importing the project in STS.

Lazy Loading of Feature Module in Angular 7

whenever angular application is loaded then its all modules are loaded eagerly i.e  entire application is loaded at client side on first request made to server. This cause over utilization of the resources and slows down the application at least at first time.

Just take example for E-commerce website which will have several module like order module, Feedback module, Cart Module, Product module and etc. But suppose your require to give feedback for some product you have bought and you visited to feedback page but now instead of loading just