Spring Security Basic Authentication

1. Introduction

Spring Security Basic Authentication comes more into into implementation for SOAP and RESTful services, where there is no particular login URLs and we still are concerned about the user authentication. We already seen the Spring Security implementation on a simple Spring based login application. In this example, we will understand how we can go for the basic HTTP authentication in the same application, but without any login page.

2. Implementation

Lets directly move on to the implementation part, which should be hassle-free if we have already integrated Spring Security with our Spring application. If not, you can quickly navigate to this link, and get the required setup/integration done. What you won’t need is the login.jsp page. The spring-security.xml file content must be slightly different like mentioned below.

Note that, to enable HTTP basic authentication with Spring Security, we mainly removed the ‘form-login‘ element and introduced the ‘http-basic‘ tag into the spring-security.xml context file.

spring-security.xml


3. Run the application

According to the code snippet in the previous section, if I try hitting the application with the secured URL pattern i.e. /admin or /user, the application must invoke a browser dialog box automatically asking for the credentials, as shown in the below snapshot.

Spring Security Basic Authentication

So if I try logging-in with the credentials admin/123, the application will redirect me to the admin home page after successful authentication.

admin

4. Useful Links

5. Download source code

Receive our updates to your inbox

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.