Very basic authentication filter. Suitable for Spring Boot REST services without servlet-engine configuration.
Filter parameters could provide credentials repository
- realm: Realm display name
- credentialsFile: Credentials file, a properties file with user=pass. Could be external file or resource file. Checked in that order
- one user-password: Use user and password parameters
No encription at all. Use with caution.
First look at README to add maven dependency.
Add servlet filter and configure it. This is a spring-boot sample:
@Bean
public FilterRegistrationBean<es.jdl.auth.BasicAuthenticationFilter> authFilter() {
FilterRegistrationBean<es.jdl.auth.BasicAuthenticationFilter> registrationBean
= new FilterRegistrationBean<>();
registrationBean.setFilter(new es.jdl.auth.BasicAuthenticationFilter());
registrationBean.addInitParameter("realm", "myapp");
registrationBean.addInitParameter("user", "sampleuser");
registrationBean.addInitParameter("password", "easypassword");
registrationBean.addUrlPatterns("/rest/*");
return registrationBean;
}
Basic Authentication specification: https://tools.ietf.org/html/rfc7617
Based in code found at: https://gist.github.com/neolitec/8953607
Tested using mockito: