Adding new users in Spring Security

Question

I have basic spring security set up in my Spring / Java EE web app. I can restrict access to certain pages and force login (with roles etc.). There needs to be a form where ne

Answer 1

You have to combine all of the answers on this page.

• Teja is correct, there is not facilitated way to add a user on the fly.
• Axtavt is also correct. You need some sort of data access/service layer to update your users table. In other words, you need to create the view like any other page with some kind of super user access.
• Michal and ax give good advice that you probably need to encode your password before saving it. The digest should match whatever you're using when you retrieve credentials.

Here's an example config using JDBC:

This is using a custom query to obtain users. Spring Security expects a users table with username, password, and authority column names respectively, so do what you need to do to return those. You need to provide the data source.

If you created a page for adding users under the admin/ context, it would be authenticated according to this config.

Add a bean for your UserDao and/or UserService and/or AuthenticationService and pass it to your Users controller...