Spring – Add User Name and Password in Spring Security
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements. Some of the key features of Spring Security are:
- Comprehensive and extensible support for both Authentication and Authorization
- Protection against attacks like session fixation, clickjacking, cross-site request forgery, etc
- Servlet API integration
- Optional integration with Spring Web MVC
In this article, we will discuss how to add user names and passwords in the spring security by default the spring security provides a default password and user name.
Note: First we need to establish the spring application in our project.
Spring Initializr is a web-based tool using which we can easily generate the structure of the Spring Boot project. It also provides various different features for the projects expressed in a metadata model. This model allows us to configure the list of dependencies that are supported by JVM. Here, we will create the structure of an application using a spring initializer,
Step 1: Go to Spring Initializr
Fill in the details as per the requirements. For this application:
Project: Maven Language: Java Spring Boot: 2.4.12 Packaging: JAR Java: 8 Dependencies: Spring Web, Spring Security
Step 2: Extract the zip file. Now open a suitable IDE and then go to File > New > Project from existing sources > Spring-boot-app and select pom.xml. Click on import changes on prompt and wait for the project to sync.
Note: In the Import Project for Maven window, make sure you choose the same version of JDK which you selected while creating the project.
Step 3: Now we have to set our user name and the password in order to override the default username and the password. So we have to set it inside our application.properties file.
Now go to the src > main > java > com.gfg.Spring.boot.app > SpringBootAppApplication.java
This application is now ready to run. Run the SpringBootAppApplication class and wait for the Tomcat server to start.
Note: The default port of the Tomcat server is 8080 and can be changed in the application.properties file.
We can see there will be no default password is generated when we provided our username and the password. Now Go to any browser and type http://localhost:8080/login
This is the page that will appear when we try to access an API.