Currently we are using Basic auth and setting username and password in encrypted format to HttpHeaders. Is there any way to remove/replace this with any Springboot security? If yes, can you help me to implement this in my project.
Asked
Active
Viewed 463 times
1 Answers
1
- Can you follow the step to remove existing basic-auth from spring boot
- In spring boot we can enable BasicAuth by configuring utility class which WebSecurityConfigurerAdapter, And when you configured it, You will allow to get authenticated prior to accessing any configured URL (or all urls) In your application.
Steps
- You have to remove WebSecurityConfigurerAdapter extended class
I will attach How it is look likes
@Configuration
public class EnablingSecutiry extends WebSecurityConfigurerAdapter
{
@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.csrf().disable()
.authorizeRequests().anyRequest().authenticated()
.and()
.httpBasic();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth)
throws Exception
{
auth.inMemoryAuthentication()
.withUser("admin")
.password("{noop}password")
.roles("USER");
}
}
Steps
- Remove dependency from POM file
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Dulaj Kulathunga
- 1,248
- 2
- 9
- 19