Spring security default authorization example using spring boot

In this example, we will see Spring security authorization example spring boot. In this example, we are not going to use the database.

prerequisites –

  • JDK 1.8
  • Eclipse
  • maven
  • postman

Step 1 – open eclipse and create maven project, Don’t forget to check ‘Create a simple project (skip)’click on next.


Step 2 – Fill all details as below and click on finish.

Step 3 – open pom.xml  and replace the pom.xml with below code.


Note – In pom.xml we have defined javac.exe path in configuration tag. You need to change accordingly i.e where you have installed JDK.

Step 4 – Let maven download all necessary jar. Once it is done we will able to see maven dependency folder which contains different jar files. Let’s create a controller class, entity, and main class(also I have added  application.properties and defined port number because 8080 is busy with other servers).



Step 5- Define entity class i.e Book.java


Step 6 – Define controller class.


Step 7 – Define SpringSecurityBasicExample.java


Step 8 –  Define application.properties file.


Step 9 – Run the main class as a Java application, let deploy the server.


Step 10 – Open the browser and type the Rest URI http://localhost:9091/book/getbook

A pop up will appear which will ask for username and password.


By default, the username is user and password is default security password which you can find on the console(sample been shown below).


Step 11 – Enter the username and password, we will have our response.

We have set those dummy value in the Controller class is coming in response.

This was a very basic spring security example. Some points here need to understand.

  • Why we are getting pop up for username and password.
  • How we are getting the default security password.

Although we will not go into very depth, we are going to discuss some points here. If you noticed the pom.xml we have added a dependency for the spring security module.

This dependency tells spring only authorized user can access defined rest URI. So what will happen if remove this dependency from pom.xml?

Let’s modify the pom.xml(comment security module).

Now save the changes( if you expand Maven dependencies folder security related jar will not be there) and run the application. In the console, we don’t have a default security password.


Now if you hit this URI(http://localhost:9091/book/getbook)from postman or browser, that login page will not come. You can directly access that URI.

That’s all in this example, in a later article we will see Spring Security architecture in details.