Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Testing spring security with Postman

Tags:

I have configured a form-base authentication using Spring security. It works fine when I log in using the login form in my web application.

It also works with cURL:

curl --data "j_username=myname&j_password=mypassword" http://localhost:8080/test/j_spring_security_check --verbose 

However, I cannot make it works using Postman:

enter image description here

What is missing? I need to be authenticated in order to test other services.

like image 900
Ivan Avatar asked May 28 '15 09:05

Ivan


People also ask

How do you test a spring boot security postman?

With the extension enabled (by clicking the satellite icon within the Postman App), you just need to log in using the login form of your web and then you can start using services that require authentication in Postman.

How do I check Spring Security?

The first way to check for user roles in Java is to use the @PreAuthorize annotation provided by Spring Security. This annotation can be applied to a class or method, and it accepts a single string value that represents a SpEL expression. Before we can use this annotation, we must first enable global method security.


2 Answers

Finally I managed making Postman aware of authentication by using the Postman Interceptor chrome extension

With the extension enabled (by clicking the satellite icon within the Postman App), you just need to log in using the login form of your web and then you can start using services that require authentication in Postman.

like image 61
Ivan Avatar answered Sep 18 '22 01:09

Ivan


You can achieve authentication/authorization in postman through various authorization types given in postman dropdown under Authorization tab.

Below is the step to use Basic Auth which by default spring security provides.

In spring security you can customize your credentials in application.properties file as given below.

spring.security.user.name=yer spring.security.user.password=galem

Postman Spring security Basic Auth Form

like image 33
Yergalem Avatar answered Sep 18 '22 01:09

Yergalem