Despite the weird name, this is a very simple starter. configurable-single-user-spring-boot-starter brings back the single, configurable user that has been part of Spring Boot Starter Security until Spring Boot 2.0. Spring Boot Security 2.0 - introduced with Spring Boot 2.0 M4 - brought a completly revised auto-configuration. See Spring Boot 2.0.0 M4 release notes and the dedicated wiki page.
Spring Boot Security 2.0 has been simplified a lot as many people had problems adding their own configuration and customization to the "magic" the starter applied.
Now the following, simple rule applies:
If you want to configure custom security for your application, you will need to add a WebSecurityConfigurerAdapter that adds all the bits that you want to configure. In order to avoid ordering issues with the WebSecurityConfigurerAdapter, Spring Boot auto-configuration will back off completely.
Also, the configuration properties under
security.* are mostly gone, especially
security.user.* and the ability to configure one single user with a given password and a fixed set of roles. Spring Boot Security still provides a default user with an autogenerated, random passwort, though. If you want to change that, you'll have to provide a bean of one of those types:
This starter configures a
UserDetailsService for you if there Spring Security is on the project and there is no other bean of one of the above mentioned types.
The starter is usefull for
- Demo applications
- Applications that should be secured but only have one active userts.
Usage and configuration
Just include the starter in your pom.xml:
<dependency> <groupId>eu.michael-simons</groupId> <artifactId>configurable-single-user-spring-boot-starter</artifactId> <version>0.0.1-SNAPSHOT</version> </dependency>
Configure the starter with the following properties:
singleuser.name(Default user name)
singleuser.password(Password for the above user, if none given, the starter generates a random one)
singleuser.roles(A comma separated list of roles applicable for the user)
If you are migrating a single user application from Spring Boot 1.x to Spring Boot 2.x, replace
singleuser.roles(Mind the plural "s" in this starter!)