Ebooks

Spring Boot Login Page tutorial

Spring Boot Login Page tutorial shows how to work with a default login page. Spring security secures all HTTP endpoints by default. A user has to login in a default HTTP form.

To enable Spring Boot security, we add spring-boot-starter-security to the dependencies.

Spring Boot Login Page example

The following example shows how to set up a simple login page in a Spring Boot application.

pom.xml
src
├───main
│   ├───java
│   │   └───com
│   │       └───zetcode
│   │           │   Application.java
│   │           └───controller
│   │                   MyController.java
│   └───resources
│           application.properties
└───test
    └───java

This is the project structure of the Spring Boot application.

pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
         http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.zetcode</groupId>
    <artifactId>springbootloginpage</artifactId>
    <version>1.0-SNAPSHOT</version>

    <packaging>jar</packaging>

    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <maven.compiler.source>11</maven.compiler.source>
        <maven.compiler.target>11</maven.compiler.target>
    </properties>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.1.5.RELEASE</version>
    </parent>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>
</project>

This is the Maven build file. We have starters for web and security.

resources/application.properties
spring.main.banner-mode=off
logging.pattern.console=%d{dd-MM-yyyy HH:mm:ss} %magenta([%thread]) %highlight(%-5level) %logger.%M - %msg%n

In the application.properties file, we turn off the Spring Boot banner and configure the console logging pattern.

com/zetcode/controller/MyController.java
package com.zetcode.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class MyController {

    @GetMapping("/")
    public String home() {

        return "This is home page";
    }
}

We have a simple home page.

We run the application and navigate to localhost:8080. We are redirected to the http://localhost:8080/login page.

...
17-06-2019 17:48:45 [main] INFO  org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration.getOrDeducePassword -

Using generated security password: df7ce50b-abae-43a1-abe1-0e17fd81a454
...

In the console, we can see a password generated for a default user called user. These credentials are provided to the authentication form.

Login form
Figure: Login form

Spring uses Bootstrap to define the UI.

spring.security.user.name = admin
spring.security.user.password = s$cret

With these two options, we can have a new user name and password. The autogenerated user is turned off with these settings.

In this tutorial, we have worked with a default login form. You might also be interested in the related tutorials: Spring Boot @Lazy tutorial, Java tutorial, or list Spring Boot tutorials.