By Marone: December 2019

Secure spring boot with custom authentication

Goal

This is part II of a series of articles on Spring security topic, The first part with basic authenticationcan be found here. Instead of using inMemoryAuthentication we will use for the frist time AuthenticationProvider to authenticate the users, afterwards we implement a custom UserDetailsService to load users.

Used technologies

JDK 1.8
Maven 3.2 (Spring boot 2.x and Spring security 5.x)

Maven

Rest api


In given controller, we have three API methods

Configuration with AuthenticationProvider


The custom AuthenticationProvider


Let's test


The custom CustomUserDetailsService


Adjusting SpringSecurityConfig

We pass CustomUserDetailsService. Now the curl commands will retrun the same result

References


The complete code can be found in GitHub