For the latest stable version, please use Spring Security 6.4.0! |
Testing HTTP Basic Authentication
While it has always been possible to authenticate with HTTP Basic, it was a bit tedious to remember the header name, format, and encode the values.
Now this can be done using Spring Security’s httpBasic
RequestPostProcessor
.
For example, the snippet below:
-
Java
-
Kotlin
mvc
.perform(get("/").with(httpBasic("user","password")))
mvc.get("/") {
with(httpBasic("user","password"))
}
will attempt to use HTTP Basic to authenticate a user with the username "user" and the password "password" by ensuring the following header is populated on the HTTP Request:
Authorization: Basic dXNlcjpwYXNzd29yZA==