Spring boot basic authentication database

Table of Contents

1. Overview
- Technology
2. Example
3. References
4. Source Code
- Was this post helpful?

1. Overview

Here is spring boot basic authentication database using Spring security. During RESTful web service development, basic authentication is a primary requirement so that it is only accessible from authenticated users. Spring Security provides basic authentication using JDBC database authentication. Here is a complete example of spring boot basic authentication database using spring security.

Technology

Spring Boot
Spring Security (Basic authentication)
MySQL
Maven
Java 8

2. Example

spring boot basic authentication database project structure

2.1 pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>spring-boot-example</groupId>
    <artifactId>spring-boot-basic-authentication-database</artifactId>
    <version>1.0-SNAPSHOT</version>
    <description>spring boot basic authentication database</description>
    <!-- Inherit defaults from Spring Boot -->
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>1.5.4.RELEASE</version>
    </parent>
    <properties>
        <maven.compiler.source>1.8</maven.compiler.source>
        <maven.compiler.target>1.8</maven.compiler.target>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>  <!--starter require for spring boot spring security-->
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-jdbc</artifactId>
        </dependency>
        <dependency>
            <groupId>mysql</groupId>           <!-- Its related to mysql-->
            <artifactId>mysql-connector-java</artifactId>
            <version>5.1.6</version>
        </dependency>
    </dependencies>
    <!-- Package as an executable jar -->
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>
</project>

2.2 application.properties

It’s data source properties which contain information related to connecting with a database. app.datasource is base properties name. which has been used when autowire @ConfigurationProperties("app.datasource").

app.datasource.url=jdbc:mysql://localhost/demo_database
app.datasource.username=root
app.datasource.password=
app.datasource.driver-class-name=com.mysql.jdbc.Driver

2.3 SpringBootConfig

It’s spring boot startup file. Here datasource has been created which will be passed to spring security authentication object.

package com.javadeveloperzone;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import javax.sql.DataSource;
/**
 * Created by JavaDeveloperZone on 19-07-2017.
 */
@SpringBootApplication
@ComponentScan({"com.javadeveloperzone"})
// Using a root package also allows the @ComponentScan annotation to be used without needing to specify a basePackage attribute
public class SpringBootConfig {
    public static void main(String[] args) throws Exception {
        SpringApplication.run(SpringBootConfig.class, args);            // it wil start application
    }
    @Bean(value = "datasource")
    @ConfigurationProperties("app.datasource")
    public DataSource dataSource() {
        return DataSourceBuilder.create().build();
    }
}

2.5 SecurityConfiguration

It contains all spring security configuration related to basic authentication. Spring security by default secure all pages. Here, DataSource has been autowired which contains all properties related to database connection and pass that object to Spring security authentication builder.

package com.javadeveloperzone;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.stereotype.Component;
import javax.sql.DataSource;
/**
 * Created by JavaDeveloperZone on 04-08-2017.
 */
@Configuration
@Component
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Autowired
    @Qualifier("datasource")
    private DataSource dataSource;
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication().dataSource(dataSource)
            .authoritiesByUsernameQuery("select employeeName, employeeRole FROM employee where employeeName=?")
            .usersByUsernameQuery("select employeeName,employeePassword as password,1 FROM employee where employeeName=?");
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .httpBasic()                      // it indicate basic authentication is requires
                .and()
                .authorizeRequests()
                 .antMatchers( "/index").permitAll() // /index will be accessible directly, no need of any authentication
                .anyRequest().authenticated();    // it's indicate all request will be secure
        http.csrf().disable();
    }
}

2.6 SpringBootExampleController

package com.javadeveloperzone.controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
/**
 * Created by JavaDeveloperZone on 19-07-2017.
 */
@RestController
public class SpringBootExampleController {
    @RequestMapping("/")
    public String SpringBootHello() {
        return "spring boot basic authentication database";
    }
}

Demo

spring boot basic authentication database login

spring boot basic authentication database

login success

spring boot basic authentication database login success

login faileure

spring boot basic authentication database login failed

3. References

Spring Boot Security Documents

4. Source Code

spring-boot-spring-security-database (42 KB)

Was this post helpful?

Let us know if you liked the post. That’s the only way we can improve.

Tags: spring-boot

Java Developer Zone

https://javadeveloperzone.com

JavaDeveloperZone is a group of innovative software developers. We are experienced in, ● Java Software Development ● Java web development ● Big Data development ● Data analytics ● Artificial Intelligence Development Our contributions will help Java developers and make development journey easy. Feel free to ask any questions and suggestions. Always have space for improvement! Feel free to Contact us for any software development services.