Sunday, February 10, 2013

Spring Security Authentication with HTTP Basic

In this section, you will learn about the HTTP basic authentication in Spring Security.  When HTTP basic authentication is configured, web browser will display a login dialog for user authentication. 

Required Tools used for this Application:
  • Spring MVC 3.0.1
  • Spring Security 3.1.0
  • STS 2.8.1.RELEASE
  • Tomcat 7
  • Jdk 1.7
 You can configure HTTP basic authentication in sdnext-security.xml as follows :
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xmlns:p="http://www.springframework.org/schema/p" 
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security-3.1.xsd">

   <security:http auto-config="true" >
  <security:intercept-url pattern="/index*" access="ROLE_USER" />
  <security:http-basic></security:http-basic>
  <security:logout logout-success-url="/logout" />
 </security:http>

    <security:authentication-manager>
   <security:authentication-provider>
     <security:user-service>
   <security:user name="dineshonjava" password="sweety" authorities="ROLE_USER" />
     </security:user-service>
     
   </security:authentication-provider>
 </security:authentication-manager>

</beans>
To enable HTTP basic, just change "form-login" to "http-basic" tag. As follows on the above file
<security:http auto-config="true" >
  <security:intercept-url pattern="/index*" access="ROLE_USER" />
  <security:http-basic></security:http-basic>
  <security:logout logout-success-url="/logout" />
 </security:http>

And all remaining code same as the previous example Spring Security form-based login example ,

After that we will run the example.
Running the example

Export the example as war and deploy it Tomcat 7 server. While browsing the project you will get the following screen for login:

Access URL http://localhost:8080/sdnext/index“, Spring will redirect to your custom login form.
URL : http://localhost:8080/sdnext/index


If username/password is correct, authentication success, display requested page.

URL : http://localhost:8080/sdnext/index



Download Source Code + Libs
SpringSecurityHttpBasic.zip



References- 
http://www.dineshonjava.com/2013/02/spring-security-form-based-login-example.html
Spring Security
Spring Security documentation


                             <<previous<<             || index  ||         >>next>>


1 comment: