Spring Boot Security- Change default username and password parameter
This tutorial will help you to change the default username and password parameter used in Spring Boot Security login form and add our custom username and password parameter in the login form. In our previous example, we have discussed how to change the default login page.
Note: By default, Spring Security uses the username and password parameter of the name attribute for user name and password fields respectively.
User name: <input type="text" name="username"> Password: <input type="password" name="password">
To add your custom user name and password parameter, you need to call usernameParameter(String usernameParameter)
and passwordParameter(String passwordParameter)
methods of FormLoginConfigurer
class in your security configuration file.
usernameParameter(String usernameParameter)
method look for the username when performing authentication.
passwordParameter(String passwordParameter)
method look for the password when performing authentication.
package org.websparrow.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests().antMatchers("/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.usernameParameter("userId")
.passwordParameter("pwd")
.permitAll();
}
}
And the user name and password parameter of login form will look like:
User name: <input type="text" name="userId">
Password: <input type="password" name="pwd">
References
- Spring Boot Security- How to change default login page
- Spring Security- How to change default username and password
- Getting Started with Spring Security
- Class FormLoginConfigurer