Spring boot default user and password is not working

Question

As mentioned in this question:

What is username and password when starting Spring Boot with Tomcat?

Default user name would be user and password will be printed on the termini if we use spring security.

pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>3.0.2</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.spring-projects</groupId>
    <artifactId>spring-security</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>spring-security</name>
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>17</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-devtools</artifactId>
            <scope>runtime</scope>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

</project>

Upon running the project, I got the below screen.

I tried to enter user as user name and 627719c9-c294-4d95-99af-96f2a92c8249 as password which was printed on the terminal.

I got the below screen, after clicking on Sign-In.

I also tried setting the default user name and password in the application.properties file, but it didn’t worked.

spring.security.user.name=rahul
spring.security.user.password=rahul

There is something else missing in your explanation since the Spring Security Sample using the default u/p is functional: https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/hello-security - perhaps try comparing your application to that sample. Also, consider bumping your logs with logging.level.org.springframework.security=TRACE to give you more details about why Spring Security is rejecting the credentials. Post what more the logs tell you. Finally, please consider posting a GitHub sample that reproduces the issue so folks can take a closer look. — jzheaux, Mar 06 '23 at 21:22

score 0 · Answer 1 · edited Feb 25 '23 at 20:20

0

There is a minimal configuration required. Try to declare a class with this configuration:

@Configuration
public class ProjectSecurityConfig {

    @Bean
    SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {

        /**
         *  Below is the custom security configurations
         */

        http
            .authorizeHttpRequests()
                .requestMatchers("/myAccount","/myBalance","/myLoans","/myCards").authenticated()  
                .requestMatchers("/notices","/contact").permitAll()
                .and()
            .formLogin()
                .and()
            .httpBasic();
        return http.build();
}

edited Feb 25 '23 at 20:20

dur

15,689
25
79
125

answered Feb 24 '23 at 21:46

Lucas Favaro Borsatto

114
1
3
11

I am using java 17 – Rahul Feb 25 '23 at 08:01
`@Configuration public class SecurityConfig { @Bean SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception { httpSecurity.authorizeHttpRequests().requestMatchers("/account").authenticated().requestMatchers("/users") .permitAll().and().formLogin().and().httpBasic(); return httpSecurity.build(); } } ` – Rahul Feb 25 '23 at 08:05
The above configuration is also not working – Rahul Feb 25 '23 at 08:06

score 0 · Answer 2 · edited Jun 19 '23 at 18:02

0

I was also facing the same issue on a freshly created spring boot project with spring security but then I tried with postman with Basic authentication and I was able to login with both default user/password and custom one from application.poperties.

Not sure why form-based login form one was not working but postman was.

edited Jun 19 '23 at 18:02

Arkady

1,178
14
35

answered Jun 10 '23 at 14:00

Rishi

1
1
2

Spring boot default user and password is not working

pom.xml

2 Answers2