The Java Programming Language

214 readers

6 users here now

Discussion of Java and java-related technologies. This includes things like:

J2EE/JakartaEE
Spring
Micronaut
Helidon
Quarkus

For assistance learning Java, please go to Learn Java

founded 1 year ago

MODERATORS

NuclearArmWrestling

Spring Security styles for enabling authentication (lemmy.eco.br)

submitted 10 months ago by [email protected] to c/java

3 comments fedilink hide all child comments

Hello there.

I'm writing a simple REST API using Spring Boot and I just added basic HTTP authentication in it. I'm currently using Spring Boot 3.1.5 and Spring Security 6.1.5.

There are different instructions on the web about how to correctly setup basic HTTP authentication for web requests, I believe they differ according to the Spring Security version.

It seems that latest guides use implementations of the UserDetails interface, which I found rather confusing, as it is not clear for me how exactly the framework uses that. Instead, I found much easier and clear to write my own class that inherits from AuthenticationProvider and override its authenticate() method to do all fancy things for me, including checking and setting user roles.

I'd like to ask you if there is any drawback working with AuthenticationProvider that I cannot see right now, instead of newest documentation, that doesn't seem to just use default AuthenticationProvider.

Thanks!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 10 months ago

Thanks for the reply. Yeah, I'll probably go that way once I get familiar with basic HTTP authentication in Spring.