{"id":69682,"date":"2017-10-16T10:00:21","date_gmt":"2017-10-16T07:00:21","guid":{"rendered":"https:\/\/www.javacodegeeks.com\/?p=69682"},"modified":"2017-10-16T09:31:18","modified_gmt":"2017-10-16T06:31:18","slug":"secure-spring-boot-rest-api-using-basic-authentication","status":"publish","type":"post","link":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html","title":{"rendered":"Secure Spring Boot REST API using Basic Authentication"},"content":{"rendered":"

This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using Spring Boot.<\/a> Then I have expanded the sample to
\nintegrate with Swagger <\/a>documentation. In this post, I am going to expand above sample with security aspect.<\/p>\n

What is API Security<\/b><\/p>\n

API Security is a wide area with many different definitions, meanings, and solutions. The main key terms in API security are Authorization, Authentication, Encryption, Federation, and Delegation. However, I am not going to talk about each of them here.<\/p>\n

What is Authentication<\/b><\/p>\n

Authentication is used to reliably determine the identity of an end user and give access to the resources based on the correctly identified user.<\/p>\n

What is Basic Authentication<\/b><\/p>\n

Basic Authentication is the simplest way to enforce access controling to resources. Here, the HTTP user agent provides the username and the password when making a request. The string containing the username and password separated by a colon is Base64 encoded before sending to the backend when authentication is required.<\/p>\n

How to Invoke Basic Auth Protected API<\/b><\/p>\n

Option 1: Send Authorization header. This value is base64 encoded username:password Ex: “Authorization: Basic Y2hhbmRhbmE6Y2hhbmRhbmE=”<\/p>\n

curl -X GET http:\/\/localhost:8080\/admin\/hello\/chandana -H 'authorization: Basic Y2hhbmRhbmE6Y2hhbmRhbmE='<\/pre>\n
Option 2: Using URL:<\/p>\n
curl -X GET -u username:password\u00a0 http:\/\/localhost:8080\/admin\/hello\/chandana<\/pre>\n
OK, we talked about basic stuff. So let’s move to see how to secure a REST API using Spring Security. You can download the initial sample code from my GitHub repo(Swagger Spring Boot Project source code)<\/p>\n
To enhance our previous sample with basic auth security, first I am going to add “spring-boot-starter-security” and “spring-boot-starter-tomcat” dependencies into the pom file.<\/p>\n
<!-- -->\r\n        <dependency>\r\n            <groupId>org.springframework.boot<\/groupId>\r\n            <artifactId>spring-boot-starter-security<\/artifactId>\r\n        <\/dependency>\r\n        <dependency>\r\n            <groupId>javax.servlet<\/groupId>\r\n            <artifactId>javax.servlet-api<\/artifactId>\r\n            <version>3.1.0<\/version>\r\n        <\/dependency><\/pre>\n
Next step is that our configuration class is annotated with @EnableWebSecurity annotation and configuration class is extended from the WebSecurityConfigurerAdapter. The EnableWebSecurity annotation will enable Spring-Security web security support.
 
<\/div> <\/div><\/p>\n
@Configuration\r\n@EnableSwagger2\r\n@EnableWebSecurity\r\npublic class ApplicationConfig extends WebSecurityConfigurerAdapter {<\/pre>\n
Overridden configure(HttpSecurity) method is used to define which URL paths should be secured and which should not be. In my example “\/” and “\/api” paths are not required any authentication and any other paths(ex:\u00a0 “admin”) should be authenticated with basic auth.<\/p>\n
@Override\r\nprotected void configure(HttpSecurity http) throws Exception {\r\n        http.csrf().disable();\r\n        http.authorizeRequests().antMatchers(\"\/\", \"\/api\/**\").permitAll()\r\n        .anyRequest().authenticated();\r\n        http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);\r\n}<\/pre>\n
In the configureGlobal(AuthenticationManagerBuilder) method, I have created an in-memory user store with a user called ‘chandana’. There I have added username, password, and userole for the in-memory user.<\/p>\n
@Autowired\r\n    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {\r\n        auth.inMemoryAuthentication().withUser(\"chandana\").password(\"chandana\").roles(\"USER\");\r\n    }<\/pre>\n
In Addition to that, you can see that I have added autowired BasicAuthenticationPoint, into my config class. Purpose of the BasicAuthenticationEntryPoint class is to set the “WWW-Authenticate” header to the response. So, web browsers will display a dialog to enter usename and password based on basic authentication mechanism(WWW-Authenticate header)<\/p>\n
Then you can run the sample using “mvn spring-boot:run”. When you are accessing “localhost:8080\/api\/hello\/chandana” basic authentication is not required to invoke the api. However, if you try to access the “localhost:8080\/admin\/hello\/chandana” it will be required to provide basic auth credentials to access the resource.<\/p>\n
AppConfig class:<\/p>\n
package com.chandana.helloworld.config;  \r\n import org.springframework.beans.factory.annotation.Autowired;  \r\n import org.springframework.context.annotation.Bean;  \r\n import org.springframework.context.annotation.Configuration;  \r\n import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;  \r\n import org.springframework.security.config.annotation.web.builders.HttpSecurity;  \r\n import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;  \r\n import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;  \r\n import springfox.documentation.builders.ApiInfoBuilder;  \r\n import springfox.documentation.builders.PathSelectors;  \r\n import springfox.documentation.builders.RequestHandlerSelectors;  \r\n import springfox.documentation.service.ApiInfo;  \r\n import springfox.documentation.service.Contact;  \r\n import springfox.documentation.spi.DocumentationType;  \r\n import springfox.documentation.spring.web.plugins.Docket;  \r\n import springfox.documentation.swagger2.annotations.EnableSwagger2;  \r\n @Configuration  \r\n @EnableSwagger2  \r\n @EnableWebSecurity  \r\n public class ApplicationConfig extends WebSecurityConfigurerAdapter {  \r\n   @Autowired  \r\n   private BasicAuthenticationPoint basicAuthenticationPoint;  \r\n   @Bean  \r\n   public Docket api() {  \r\n     return new Docket(DocumentationType.SWAGGER_2)  \r\n         .apiInfo(getApiInfo())  \r\n         .select()  \r\n         .apis(RequestHandlerSelectors.basePackage(\"com.chandana.helloworld.controllers\"))  \r\n         .paths(PathSelectors.any())  \r\n         .build();  \r\n   }  \r\n   @Override  \r\n   protected void configure(HttpSecurity http) throws Exception {  \r\n     http.csrf().disable();  \r\n     http.authorizeRequests().antMatchers(\"\/\", \"\/api\/**\").permitAll()  \r\n     .anyRequest().authenticated();  \r\n     http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);  \r\n   }  \r\n   private ApiInfo getApiInfo() {  \r\n     Contact contact = new Contact(\"Chandana Napagoda\", \"http:\/\/blog.napagoda.com\", \"cnapagoda@gmail.com\");  \r\n     return new ApiInfoBuilder()  \r\n         .title(\"Example Api Title\")  \r\n         .description(\"Example Api Definition\")  \r\n         .version(\"1.0.0\")  \r\n         .license(\"Apache 2.0\")  \r\n         .licenseUrl(\"http:\/\/www.apache.org\/licenses\/LICENSE-2.0\")  \r\n         .contact(contact)  \r\n         .build();  \r\n   }  \r\n   @Autowired  \r\n   public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {  \r\n     auth.inMemoryAuthentication().withUser(\"chandana\").password(\"chandana\").roles(\"USER\");  \r\n   }  \r\n }<\/pre>\n
BasicAuthenticationEntryPoint\u00a0 class:<\/p>\n
package com.chandana.helloworld.config;  \r\n import org.springframework.security.core.AuthenticationException;  \r\n import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;  \r\n import org.springframework.stereotype.Component;  \r\n import java.io.IOException;  \r\n import java.io.PrintWriter;  \r\n import javax.servlet.ServletException;  \r\n import javax.servlet.http.HttpServletRequest;  \r\n import javax.servlet.http.HttpServletResponse;  \r\n @Component  \r\n public class BasicAuthenticationPoint extends BasicAuthenticationEntryPoint {  \r\n   @Override  \r\n   public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authEx)  \r\n       throws IOException, ServletException {  \r\n     response.addHeader(\"WWW-Authenticate\", \"Basic realm=\" +getRealmName());  \r\n     response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);  \r\n     PrintWriter writer = response.getWriter();  \r\n     writer.println(\"HTTP Status 401 - \" + authEx.getMessage());  \r\n   }  \r\n   @Override  \r\n   public void afterPropertiesSet() throws Exception {  \r\n     setRealmName(\"Chandana\");  \r\n     super.afterPropertiesSet();  \r\n   }  \r\n }<\/pre>\n
You can download\u00a0Spring Boot Basic Auth Project<\/a> source code from my GitHub repo as well.<\/p>\n
\n\n\n\n
Published on Java Code Geeks with permission by Chandana Napagoda, partner at our JCG program<\/a>. See the original article here: Secure Spring Boot REST API using Basic Authentication<\/a><\/p>\n
Opinions expressed by Java Code Geeks contributors are their own.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using Spring Boot. Then I have expanded the sample to integrate with Swagger documentation. In this post, I am going to expand above sample with security aspect. What is API …<\/p>\n","protected":false},"author":140,"featured_media":240,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[30,854],"class_list":["post-69682","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-enterprise-java","tag-spring","tag-spring-boot"],"yoast_head":"\nSecure Spring Boot REST API using Basic Authentication - Java Code Geeks<\/title>\n<meta name=\"description\" content=\"This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Secure Spring Boot REST API using Basic Authentication - Java Code Geeks\" \/>\n<meta property=\"og:description\" content=\"This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html\" \/>\n<meta property=\"og:site_name\" content=\"Java Code Geeks\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/javacodegeeks\" \/>\n<meta property=\"article:published_time\" content=\"2017-10-16T07:00:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/spring-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"150\" \/>\n\t<meta property=\"og:image:height\" content=\"150\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chandana Napagoda\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@javacodegeeks\" \/>\n<meta name=\"twitter:site\" content=\"@javacodegeeks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chandana Napagoda\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html\"},\"author\":{\"name\":\"Chandana Napagoda\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/person\\\/e9e7d8566a00e5b94b46c214c9818195\"},\"headline\":\"Secure Spring Boot REST API using Basic Authentication\",\"datePublished\":\"2017-10-16T07:00:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html\"},\"wordCount\":533,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/spring-logo.jpg\",\"keywords\":[\"Spring\",\"Spring Boot\"],\"articleSection\":[\"Enterprise Java\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html\",\"name\":\"Secure Spring Boot REST API using Basic Authentication - Java Code Geeks\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/spring-logo.jpg\",\"datePublished\":\"2017-10-16T07:00:21+00:00\",\"description\":\"This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/spring-logo.jpg\",\"contentUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2012\\\/10\\\/spring-logo.jpg\",\"width\":150,\"height\":150,\"caption\":\"spring-interview-questions-answers\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/2017\\\/10\\\/secure-spring-boot-rest-api-using-basic-authentication.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.javacodegeeks.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Java\",\"item\":\"https:\\\/\\\/www.javacodegeeks.com\\\/category\\\/java\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Enterprise Java\",\"item\":\"https:\\\/\\\/www.javacodegeeks.com\\\/category\\\/java\\\/enterprise-java\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Secure Spring Boot REST API using Basic Authentication\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#website\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/\",\"name\":\"Java Code Geeks\",\"description\":\"Java Developers Resource Center\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#organization\"},\"alternateName\":\"JCG\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.javacodegeeks.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#organization\",\"name\":\"Exelixis Media P.C.\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/exelixis-logo.png\",\"contentUrl\":\"https:\\\/\\\/www.javacodegeeks.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/exelixis-logo.png\",\"width\":864,\"height\":246,\"caption\":\"Exelixis Media P.C.\"},\"image\":{\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/javacodegeeks\",\"https:\\\/\\\/x.com\\\/javacodegeeks\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.javacodegeeks.com\\\/#\\\/schema\\\/person\\\/e9e7d8566a00e5b94b46c214c9818195\",\"name\":\"Chandana Napagoda\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1d677363d39d454177f0e9595ded61d7f01226256cb031435e58a09569204bb1?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1d677363d39d454177f0e9595ded61d7f01226256cb031435e58a09569204bb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1d677363d39d454177f0e9595ded61d7f01226256cb031435e58a09569204bb1?s=96&d=mm&r=g\",\"caption\":\"Chandana Napagoda\"},\"sameAs\":[\"http:\\\/\\\/cnapagoda.blogspot.com\\\/\"],\"url\":\"https:\\\/\\\/www.javacodegeeks.com\\\/author\\\/chandana-napagoda\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Secure Spring Boot REST API using Basic Authentication - Java Code Geeks","description":"This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html","og_locale":"en_US","og_type":"article","og_title":"Secure Spring Boot REST API using Basic Authentication - Java Code Geeks","og_description":"This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using","og_url":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html","og_site_name":"Java Code Geeks","article_publisher":"https:\/\/www.facebook.com\/javacodegeeks","article_published_time":"2017-10-16T07:00:21+00:00","og_image":[{"width":150,"height":150,"url":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/spring-logo.jpg","type":"image\/jpeg"}],"author":"Chandana Napagoda","twitter_card":"summary_large_image","twitter_creator":"@javacodegeeks","twitter_site":"@javacodegeeks","twitter_misc":{"Written by":"Chandana Napagoda","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#article","isPartOf":{"@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html"},"author":{"name":"Chandana Napagoda","@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/person\/e9e7d8566a00e5b94b46c214c9818195"},"headline":"Secure Spring Boot REST API using Basic Authentication","datePublished":"2017-10-16T07:00:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html"},"wordCount":533,"commentCount":0,"publisher":{"@id":"https:\/\/www.javacodegeeks.com\/#organization"},"image":{"@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage"},"thumbnailUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/spring-logo.jpg","keywords":["Spring","Spring Boot"],"articleSection":["Enterprise Java"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html","url":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html","name":"Secure Spring Boot REST API using Basic Authentication - Java Code Geeks","isPartOf":{"@id":"https:\/\/www.javacodegeeks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage"},"image":{"@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage"},"thumbnailUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/spring-logo.jpg","datePublished":"2017-10-16T07:00:21+00:00","description":"This is the third post of my Spring Boot Blog post series. In the very first post, I talked about my experience with\u00a0creating RESTFul Services using","breadcrumb":{"@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#primaryimage","url":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/spring-logo.jpg","contentUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2012\/10\/spring-logo.jpg","width":150,"height":150,"caption":"spring-interview-questions-answers"},{"@type":"BreadcrumbList","@id":"https:\/\/www.javacodegeeks.com\/2017\/10\/secure-spring-boot-rest-api-using-basic-authentication.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.javacodegeeks.com\/"},{"@type":"ListItem","position":2,"name":"Java","item":"https:\/\/www.javacodegeeks.com\/category\/java"},{"@type":"ListItem","position":3,"name":"Enterprise Java","item":"https:\/\/www.javacodegeeks.com\/category\/java\/enterprise-java"},{"@type":"ListItem","position":4,"name":"Secure Spring Boot REST API using Basic Authentication"}]},{"@type":"WebSite","@id":"https:\/\/www.javacodegeeks.com\/#website","url":"https:\/\/www.javacodegeeks.com\/","name":"Java Code Geeks","description":"Java Developers Resource Center","publisher":{"@id":"https:\/\/www.javacodegeeks.com\/#organization"},"alternateName":"JCG","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.javacodegeeks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.javacodegeeks.com\/#organization","name":"Exelixis Media P.C.","url":"https:\/\/www.javacodegeeks.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","contentUrl":"https:\/\/www.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","width":864,"height":246,"caption":"Exelixis Media P.C."},"image":{"@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/javacodegeeks","https:\/\/x.com\/javacodegeeks"]},{"@type":"Person","@id":"https:\/\/www.javacodegeeks.com\/#\/schema\/person\/e9e7d8566a00e5b94b46c214c9818195","name":"Chandana Napagoda","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1d677363d39d454177f0e9595ded61d7f01226256cb031435e58a09569204bb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1d677363d39d454177f0e9595ded61d7f01226256cb031435e58a09569204bb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1d677363d39d454177f0e9595ded61d7f01226256cb031435e58a09569204bb1?s=96&d=mm&r=g","caption":"Chandana Napagoda"},"sameAs":["http:\/\/cnapagoda.blogspot.com\/"],"url":"https:\/\/www.javacodegeeks.com\/author\/chandana-napagoda"}]}},"_links":{"self":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/posts\/69682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/users\/140"}],"replies":[{"embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/comments?post=69682"}],"version-history":[{"count":0,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/posts\/69682\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/media\/240"}],"wp:attachment":[{"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/media?parent=69682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/categories?post=69682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.javacodegeeks.com\/wp-json\/wp\/v2\/tags?post=69682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}