Social Media

Can Spring Security be auto-generated?

Can Spring Security be auto-generated? I’ve generally found Security requirements are easy to state, but hard to implement. So have been wondering if I can autogenerate my Spring Security configuration.

Security Requirements

Common security requirements are –

  • Access controls on files/directories based on roles, IP address
  • Validation of credentials from a authentication provider


The problem with coding yourself is –

  • Security is complex and you need to know what your doing – there is a lot of information in the Spring Security manual
  • Upgrades – Spring Security could upgrade and you could miss out on new features to improve your security
  • Bugs – you introduce a bug in your code

It would be easier if I could define my security requirements into a website and autogenerate my security configuration.


I’ve created a prototype of this idea at spring-security-generator, with the code released on github



I see this idea evolving to include –

  • Tutorial – soon to be released
  • REST API security
  • Automate creation of unit tests, login pages
  • Best practice – what are the best practice for configurations of spring security?
  • Storing security configuration

I’d be interested in peoples feedback on this project

About the Author Martin Farrell

My name is Martin Farrell. I have almost 20 years Java experience. I specialize inthe Spring Framework and JEE. I’ve consulted to a range of businesses, and have provide Java and Spring mentoring and training. You can learn more at About or on my consultancy website Glendevon Software

follow me on:

Leave a Comment: