Spring Boot + Security Hello World Example(2021) | CodeUsingJava








Spring Boot + Security Hello World Example(2021)

In this article, we will have a look at spring boot with security approach.

Introduction to Spring Security

Now a days everyone needs to add security to his project, in case of Spring ecosystem you can do it by using Spring Security. By adding Spring Security to your Spring Boot project and suddenly;
  • you have auto generated login page.
  • you cannot execute POST request anymore.
  • your hole application is on lockdown and prompts you to enter username and password

What is Spring Security and how it works

Spring Security is really just bunch of filters thats help you add AUTHENTICATION and AUTHORIZATION to your web application. It also integrates well with frameworks like spring Web MVC ,Spring Boot,as weell as with standard like OAuth2 or SAML. It also generate lologin/logout pages automatically and protecct against commen exploits like CSRF. Before knowing the Spring Security we must know about ;
  1. Authentication
  2. Authorization
  3. Servlet filters
In this article ,we configure a spring boot application to add basic authorization and authentication. we can see how simple it is for configuring security with spring boot. we will be adding the Spring Security configuration for the spring Boot HelloWorld Example.

Lets Begin -

Implementation -

In this example we create a spring boot application with security

Technologies to develop the application

  • Java 1.8
  • Spring Boot
  • Maven

Our project has the following look;

In the pom.xml file we have to add only spring-boot-starter-security dependency. If this security dependency is added in classpath, spring boot application automatically requires the basic authentication for all HTTP endpoints. After adding all the dependencies the pom.xml will be as follows-
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>2.4.5</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>
	<groupId>com.example</groupId>
	<artifactId>helloworld</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<name>HelloWithSecurity</name>
	<description>Demo project for Spring Boot security</description>
	<properties>
		<java.version>11</java.version>
	</properties>
	<dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>
		<dependency>
			<groupId>org.springframework.security</groupId>
			<artifactId>spring-security-test</artifactId>
			<scope>test</scope>
		</dependency>
	</dependencies>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>

</project>


Create the Springboot Bootstrap class as follows-

HelloWithSecurityApplication.java


package com.example.demo;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class HelloWithSecurityApplication {

	public static void main(String[] args) {
		SpringApplication.run(HelloWithSecurityApplication.class, args);
	}

}


In the above Class we used @SpringBootApplication annotation Which is used instead of below annotations:
  • @Configuration
  • @ComponentScan
  • @EnableAutoconfiguration
which means it enables java-based configuration,enables component scanning and also enable auto-configuration feature.

HelloController.java


package com.example.demo.controller;

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {
	
	@RequestMapping("/")
	public String hello() {
		return "Hello World";
	}

}


In the above class we used @Requestmapping annotation to map the request to current method and return the given string. @RestController specify the class is the controller class ,which is handling the request. After that go to the bootstrap class ---right click----run as----java application ; our first spring boot application is running as below;
Now open your favorite browser and type the url as - http://localhost:8080/ this url map the request to the handler of the controller class and showing the output as below-
This is how the security approach works in spring boot, that is it authenticate the user and authorized by inserting a username and password.
Spring Security provide the password as shown by highlighting in the previous figure of application running. So copy that password and insert into login form in the browser.
we can also be specify our own username and password in the application.properties file as below-
spring.security.user.password=password1
spring.security.user.name=user1

insert the username and password-
finally get the response-

Downloads-

Spring Boot + Security Hello World Example(2021) Code