First App
Let’s add Spring Security in the application.
1implementation("org.springframework.boot:spring-boot-starter-security")When the application starts, the auto-configuration mechanism detects the presence of spring-boot-starter-security in the classpath.
With no specific configuration, default rules are triggered:
-
All URLs are subject to authentication.
-
The user
useris created and their password is generated each time the application starts.
12025-10-07T15:03:52.808+02:00 WARN 39719 --- [spring-security-demo] [ restartedMain] .s.s.UserDetailsServiceAutoConfiguration :
2
3Using generated security password: 85a07cff-b78f-4372-8307-7c4a198d0b5d
4
5This generated password is for development use only. Your security configuration must be updated before running your application in production.
6
72025-10-07T15:03:52.815+02:00 INFO 39719 --- [spring-security-demo] [ restartedMain] r$InitializeUserDetailsManagerConfigurer : Global AuthenticationManager configured with UserDetailsService bean with name inMemoryUserDetailsManager
In the application.properties or application.yaml file, we can set the user name and password.
spring.security.user.name=sfalken
spring.security.user.password=joshua