Login and Registration Example Project with Spring Security
If you're already a student of Learn Spring Security, you can get started diving deeper into registration with Module 2
If you're not yet a student, you can get access to the course here: https://bit.ly/github-lss
Relevant Articles:
- Spring Security Registration Tutorial
- The Registration Process With Spring Security
- Registration – Activate a New Account by Email
- Registration with Spring Security – Password Encoding
- Spring Security – Roles and Privileges
- Prevent Brute Force Authentication Attempts with Spring Security
- Spring Security – Reset Your Password
- Spring Security Registration – Resend Verification Email
- The Registration API becomes RESTful
- Registration – Password Strength and Rules
- Updating your Password
- Two Factor Auth with Spring Security
- Registration with Spring – Integrate reCAPTCHA
- Purging Expired Tokens Generated By The Registration
- Custom Login Page for Returning User
- Allow Authentication from Accepted Locations Only with Spring Security
- Spring Security – Auto Login User After Registration
- Keep Track of Logged In Users with Spring Security
- Login For a Spring Web App – Error Handling and Localization
- Notify User of Login From New Device or Location
- Preventing Username Enumeration Attacks with Spring Security
Build and Deploy the Project
mvn clean install
This is a Spring Boot project, so you can deploy it by simply using the main class: Application.java
Once deployed, you can access the app at:
Set up MySQL
By default, the project is configured to use the embedded H2 database. If you want to use the MySQL instead, you need to uncomment relevant section in the application.properties and create the db user as shown below:
mysql -u root -p
> CREATE USER 'tutorialuser'@'localhost' IDENTIFIED BY 'tutorialmy5ql';
> GRANT ALL PRIVILEGES ON *.* TO 'tutorialuser'@'localhost';
> FLUSH PRIVILEGES;
Set up Email
You need to configure the email by providing your own username and password in application.properties You also need to use your own host, you can use Amazon or Google for example.
AuthenticationSuccessHandler configuration for Custom Login Page article
If you want to activate the configuration for the article Custom Login Page for Returning User, then you need to comment the @Component("myAuthenticationSuccessHandler") annotation in the MySimpleUrlAuthenticationSuccessHandler and uncomment the same in MyCustomLoginAuthenticationSuccessHandler.
Feature toggle for Geo IP Lib
The geolocation checks do not work for the IP addresses 127.0.0.1 and 0.0.0.0,
which can be a problem when running the application locally or in a test environment.
To enable/disable the check on the geolocation, set the property geo.ip.lib.enabled
to true/false; this is false by default.