Social Media

Auto-generating Spring Security Tutorial – Default JDBC Realms

The previous tutorial showed how we can auto-generate of spring security using a memory realm. This tutorial expands on this to cover Default JDBC Realms using the source code from the parkrunPB application

Security Requirements

The site has the following links and security requirements –

http://localhost:8080/ Accessible to all
http://localhost:8080/webjars Static Resources – Accessible to all
http://localhost:8080/about.html Static page – Accessible to all
http://localhost:8080/login.html Accessible to all
http://localhost:8080/admin/ Admin User
http://localhost:8080/rest Accessible to all

We also have a requirement to use a users and roles with the structure –

USER PASSWORD ROLES
admin admin ADMIN

Getting Started

The first thing we need to do is uncomment spring security in the maven pom –

We can then compile and run the code –

The whole application is now locked down

Luckily we can login using the default username (user), and the password from the logs. Im my case –

Default JDBC Tables

We can now begin to create our SecurityConfiguration using Spring Security Generator

screen-shot-2016-11-06-at-21-33-53

We then get the generated source code –

Key Points

  • Using JDBC Realm(Default) – The default realm means Spring Security will use its default users.ddl
  • Same configuration as before

We can now access the site the same as the memory realm, but with user details stored in the database. The next post will look at using a custom JDBC table

About the Author Martin Farrell

My name is Martin Farrell. I have almost 20 years Java experience. I specialize inthe Spring Framework and JEE. I’ve consulted to a range of businesses, and have provide Java and Spring mentoring and training. You can learn more at About

follow me on:

Leave a Comment: