spring-boot-basic-authentication

Simple Spring-Security basic authentication using method level security

Usage

Public access

Test the public endpoint without any authentication:

curl http://localhost:8080/public

Response:

Hello Public!

Private access

Test the private endpoint without authentication:

curl http://localhost:8080/private

You receive the following response, which indicates you are not authorized to access the resource:

HTTP Status 401 - Full authentication is required to access this resource

Test the private endpoint with ROLE_USER account authentication:

curl -u user:password http://localhost:8080/private

Response:

Hello Private!

Test the private endpoint with ROLE_ADMIN account authentication:

curl -u admin:password http://localhost:8080/private

Response:

Hello Private!

Test the private endpoint with wrong user authentication:

curl -u user:wrongpassword http://localhost:8080/private

You receive the following response, which indicates you are not authorized to access the resource:

HTTP Status 401 - Bad credentials

Admin access

Test the admin endpoint with ROLE_USER account authentication:

curl -u user:password http://localhost:8080/admin

Response:

{  
   "timestamp":1515542457567,
   "status":403,
   "error":"Forbidden",
   "exception":"org.springframework.security.access.AccessDeniedException",
   "message":"Dostęp zabroniony",
   "path":"/admin"
}

Test the admin endpoint with ROLE_ADMIN account authentication:

curl -u admin:password http://localhost:8080/admin

Response:

Hello Admin!