Spring Boot Security Default Password

Question

i have a strange problem when i launch my spring application it used to print a default password to login in the browser but now ther isn't :

  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v1.5.3.RELEASE)

2017-06-26 17:04:32.024  INFO 28712 --- [           main] com.o2xp.ats.accountManager.App          : Starting App on frozzen-PC with PID 28712 (/home/frozzen/workspace/ATS/ats-parent/ats-impl/ats-accountManager/target/classes started by frozzen in /home/frozzen/workspace/ATS/ats-parent/ats-impl/ats-accountManager)
2017-06-26 17:04:32.030  INFO 28712 --- [           main] com.o2xp.ats.accountManager.App          : No active profile set, falling back to default profiles: default
2017-06-26 17:04:32.282  INFO 28712 --- [           main] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@45f45fa1: startup date [Mon Jun 26 17:04:32 CEST 2017]; root of context hierarchy
2017-06-26 17:04:35.685  INFO 28712 --- [           main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8080 (http)
2017-06-26 17:04:35.723  INFO 28712 --- [           main] o.apache.catalina.core.StandardService   : Starting service Tomcat
2017-06-26 17:04:35.724  INFO 28712 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet Engine: Apache Tomcat/8.5.14
2017-06-26 17:04:35.962  INFO 28712 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2017-06-26 17:04:35.962  INFO 28712 --- [ost-startStop-1] o.s.web.context.ContextLoader            : Root WebApplicationContext: initialization completed in 3688 ms
2017-06-26 17:04:36.361  INFO 28712 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'characterEncodingFilter' to: [/*]
2017-06-26 17:04:36.362  INFO 28712 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
2017-06-26 17:04:36.362  INFO 28712 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'httpPutFormContentFilter' to: [/*]
2017-06-26 17:04:36.362  INFO 28712 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'requestContextFilter' to: [/*]
2017-06-26 17:04:36.364  INFO 28712 --- [ost-startStop-1] .s.DelegatingFilterProxyRegistrationBean : Mapping filter: 'springSecurityFilterChain' to: [/*]
2017-06-26 17:04:36.365  INFO 28712 --- [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean  : Mapping servlet: 'dispatcherServlet' to [/]
2017-06-26 17:04:37.170  INFO 28712 --- [           main] j.LocalContainerEntityManagerFactoryBean : Building JPA container EntityManagerFactory for persistence unit 'default'
2017-06-26 17:04:37.195  INFO 28712 --- [           main] o.hibernate.jpa.internal.util.LogHelper  : HHH000204: Processing PersistenceUnitInfo [
    name: default
    ...]
2017-06-26 17:04:37.300  INFO 28712 --- [           main] org.hibernate.Version                    : HHH000412: Hibernate Core {5.0.12.Final}
2017-06-26 17:04:37.302  INFO 28712 --- [           main] org.hibernate.cfg.Environment            : HHH000206: hibernate.properties not found
2017-06-26 17:04:37.305  INFO 28712 --- [           main] org.hibernate.cfg.Environment            : HHH000021: Bytecode provider name : javassist
2017-06-26 17:04:37.373  INFO 28712 --- [           main] o.hibernate.annotations.common.Version   : HCANN000001: Hibernate Commons Annotations {5.0.1.Final}
2017-06-26 17:04:37.741  INFO 28712 --- [           main] org.hibernate.dialect.Dialect            : HHH000400: Using dialect: org.hibernate.dialect.H2Dialect
2017-06-26 17:04:38.642  INFO 28712 --- [           main] org.hibernate.tool.hbm2ddl.SchemaExport  : HHH000227: Running hbm2ddl schema export
2017-06-26 17:04:38.721  INFO 28712 --- [           main] org.hibernate.tool.hbm2ddl.SchemaExport  : HHH000230: Schema export complete
2017-06-26 17:04:38.767  INFO 28712 --- [           main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2017-06-26 17:04:39.857  INFO 28712 --- [           main] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@ff0e6d4, org.springframework.security.web.context.SecurityContextPersistenceFilter@1a785fd5, org.springframework.security.web.header.HeaderWriterFilter@1d1bf7bf, org.springframework.security.web.csrf.CsrfFilter@748904e8, org.springframework.security.web.authentication.logout.LogoutFilter@650a1aff, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@10bf1ec9, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@8f39224, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@7606bd03, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@362a561e, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@ad0bb4e, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@70d3cdbf, org.springframework.security.web.session.SessionManagementFilter@4d43a1b7, org.springframework.security.web.access.ExceptionTranslationFilter@919086, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@6b3f4bd8]
2017-06-26 17:04:40.221  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerAdapter : Looking for @ControllerAdvice: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@45f45fa1: startup date [Mon Jun 26 17:04:32 CEST 2017]; root of context hierarchy
2017-06-26 17:04:40.323  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/registration],methods=[POST]}" onto public java.lang.String com.o2xp.ats.accountManager.rest.controllers.ApplicantResource.registration(com.o2xp.ats.accountManager.to.ApplicantTO,org.springframework.validation.BindingResult,org.springframework.ui.Model)
2017-06-26 17:04:40.324  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/registration],methods=[GET]}" onto public java.lang.String com.o2xp.ats.accountManager.rest.controllers.ApplicantResource.registration(org.springframework.ui.Model)
2017-06-26 17:04:40.325  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/categories],methods=[GET]}" onto public java.util.List<com.o2xp.ats.accountManager.to.ApplicantTO> com.o2xp.ats.accountManager.rest.controllers.ApplicantResource.getAllApplicants()
2017-06-26 17:04:40.326  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/categories/{id}],methods=[GET]}" onto public org.springframework.http.ResponseEntity<com.o2xp.ats.accountManager.ti.ApplicantTI> com.o2xp.ats.accountManager.rest.controllers.ApplicantResource.getApplicantById(java.lang.Long)
2017-06-26 17:04:40.326  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/login],methods=[GET]}" onto public java.lang.String com.o2xp.ats.accountManager.rest.controllers.ApplicantResource.login(org.springframework.ui.Model,java.lang.String,java.lang.String)
2017-06-26 17:04:40.327  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/ || /welcome],methods=[GET]}" onto public java.lang.String com.o2xp.ats.accountManager.rest.controllers.ApplicantResource.welcome(org.springframework.ui.Model)
2017-06-26 17:04:40.327  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/categories/{id}],methods=[DELETE]}" onto public org.springframework.http.ResponseEntity<java.lang.Void> com.o2xp.ats.accountManager.rest.controllers.ApplicantResource.deleteApplicant(java.lang.Long)
2017-06-26 17:04:40.333  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error],produces=[text/html]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)
2017-06-26 17:04:40.334  INFO 28712 --- [           main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error]}" onto public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)
2017-06-26 17:04:40.380  INFO 28712 --- [           main] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/webjars/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-06-26 17:04:40.380  INFO 28712 --- [           main] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-06-26 17:04:40.445  INFO 28712 --- [           main] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/**/favicon.ico] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-06-26 17:04:40.821  INFO 28712 --- [           main] o.s.j.e.a.AnnotationMBeanExporter        : Registering beans for JMX exposure on startup
2017-06-26 17:04:40.894  INFO 28712 --- [           main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (http)
2017-06-26 17:04:40.901  INFO 28712 --- [           main] com.o2xp.ats.accountManager.App          : Started App in 9.52 seconds (JVM running for 10.076)

and here is my App :

package com.o2xp.ats.accountManager;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.domain.EntityScan;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

/**
 * Hello world!
 *
 */
@SpringBootApplication
@ComponentScan({ "com.o2xp.ats.common.domain", "com.o2xp.ats.common.services", "com.o2xp.ats.common.mapper",
        "com.o2xp.ats.accountManager.services", "com.o2xp.ats.accountManager.mapper",
        "com.o2xp.ats.accountManager.domain", "com.o2xp.ats.accountManager.rest.controllers",
        "com.o2xp.ats.accountManager.validator" })
@EnableJpaRepositories({ "com.o2xp.ats.common.repository", "com.o2xp.ats.accountManager.repository" })
@EntityScan({ "com.o2xp.ats.common.domain", "com.o2xp.ats.accountManager.domain" })
@EnableWebSecurity
public class App extends org.springframework.boot.web.support.SpringBootServletInitializer {

    private static final Logger log = LoggerFactory.getLogger(App.class);

    public static void main(String[] args) {
        SpringApplication.run(App.class);
    }

i've seen

If you fine-tune your logging configuration, ensure that the org.springframework.boot.autoconfigure.security category is set to log INFO messages, otherwise the default password will not be printed.

into the spring doc but don't know where is the file to modify.

i use the autoconfiguration of spring don't have this file adn yes i added spring security in my pom — FrozzenFinger, Jun 27 '17 at 06:13

score 0 · Answer 1 · answered Jun 26 '17 at 15:51

0

You need to add the key and logging level to application.properties. Have a look here

answered Jun 26 '17 at 15:51

comdotlinux

143
2
9

i don't have a file application.properties in my project – FrozzenFinger Jun 26 '17 at 15:58
you can simply create it in src/main/resources – comdotlinux Jun 26 '17 at 16:02
also add this line logging.level.org.springframework.web=INFO – cralfaro Jun 26 '17 at 16:07

score 0 · Accepted Answer · answered Jun 27 '17 at 05:37

0

Set logging level at application.properties. Take a look 26.4 Log Levels

logging.level.org.springframework.boot.autoconfigure.security=INFO

answered Jun 27 '17 at 05:37

Aung Myat Hein

4,018
1
36
42

i don't have this file in my project, so i tried to create one and put this line in it but it didn't worked – FrozzenFinger Jun 27 '17 at 06:15
can you explain how to do without losing my code please ? moreover i'm in an internship so i can't modify the structure of the project which use maven modules. – FrozzenFinger Jun 27 '17 at 06:20
Create application.properties at yourproject\src\main\resources. – Aung Myat Hein Jun 27 '17 at 06:24
i already tried this in the module where my App.java is but it didn't worked – FrozzenFinger Jun 27 '17 at 06:26
maybe you know how to disable the browser authentification but keep spring security. Maybe an exclusion in a dependency ? – FrozzenFinger Jun 27 '17 at 06:53
@EnableAutoConfiguration(exclude = { org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration.class, org.springframework.boot.actuate.autoconfigure.ManagementWebSecurityAutoConfiguration.class}) With older Spring-boot, the class was called ManagementSecurityAutoConfiguration See detail at https://stackoverflow.com/questions/23894010/spring-boot-security-disable-security – Aung Myat Hein Jun 27 '17 at 07:06
i have this error : Description: Field authenticationManager in com.o2xp.ats.accountManager.services.SecurityServiceImpl required a bean of type 'org.springframework.security.authentication.AuthenticationManager' that could not be found. Action: Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration. – FrozzenFinger Jun 27 '17 at 07:24
I FOUND ! just removed my authentificationManager in the securityServiceImpl thank you men :) – FrozzenFinger Jun 27 '17 at 07:28
I am also glad buddy :) – Aung Myat Hein Jun 27 '17 at 08:06

Spring Boot Security Default Password

2 Answers2