Social Media

Category Archives for spring-security

Auto-generating Spring Security Tutorial – Default JDBC Realms

The previous tutorial showed how we can auto-generate of spring security using a memory realm. This tutorial expands on this to cover Default JDBC Realms using the source code from the parkrunPB application

Security Requirements

The site has the following links and security requirements –

http://localhost:8080/ Accessible to all
http://localhost:8080/webjars Static Resources – Accessible to all
http://localhost:8080/about.html Static page – Accessible to all
http://localhost:8080/login.html Accessible to all
http://localhost:8080/admin/ Admin User
http://localhost:8080/rest Accessible to all

We also have a requirement to use a users and roles with the structure –

admin admin ADMIN

Getting Started

The first thing we need to do is uncomment spring security in the maven pom –

We can then compile and run the code –

The whole application is now locked down

Luckily we can login using the default username (user), and the password from the logs. Im my case –

Default JDBC Tables

We can now begin to create our SecurityConfiguration using Spring Security Generator


We then get the generated source code –

Key Points

  • Using JDBC Realm(Default) – The default realm means Spring Security will use its default users.ddl
  • Same configuration as before

We can now access the site the same as the memory realm, but with user details stored in the database. The next post will look at using a custom JDBC table

1 3 4 5