By Marone: December 2019

Secure spring boot with custom authentication


This is part II of a series of articles on Spring security topic, The first part with basic authenticationcan be found here. Instead of using inMemoryAuthentication we will use for the frist time AuthenticationProvider to authenticate the users, afterwards we implement a custom UserDetailsService to load users.

Used technologies

JDK 1.8
Maven 3.2 (Spring boot 2.x and Spring security 5.x)


Rest api

In given controller, we have three API methods

Configuration with AuthenticationProvider

The custom AuthenticationProvider

Let's test

The custom CustomUserDetailsService

Adjusting SpringSecurityConfig

We pass CustomUserDetailsService. Now the curl commands will retrun the same result


The complete code can be found in GitHub