Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Java Adding Authentication

Ayush Bahuguna
Ayush Bahuguna
95 Points

Always getting 401

Hi,

I followed the tutorial, but I am getting 401 with correct credentials, but I am not receiving any error response.

This is my WebSecurityConfiguration:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
  @Autowired
  DetailsService detailsService;

  @Override
  protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(detailsService)
        .passwordEncoder(User.encoder);
  }

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    System.out.println("We are here");
    http.authorizeRequests()
        .anyRequest().authenticated()
        .and()
        .httpBasic()
        .and()
        .csrf().disable();
  }
}

And this is my DetailsService:

@Component
public class DetailsService implements UserDetailsService {

  @Autowired
  private UserRepository userRepository;

  @Override
  public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    User user = userRepository.findByEmail(username);
    if (user == null) {
      throw new UsernameNotFoundException("User with email " + username + " was not found");
    }
    return new org.springframework.security.core.userdetails.User(
        user.getEmail(),
        user.getPassword(),
        AuthorityUtils.createAuthorityList(user.getRoles())
    );
  }
}

I should point this out that, I am using email instead of username, but I don't think that it should cause any error since my user repository has a findByEmail method.

I had the same issue, and the problem was the h2 database, which will store the data in memory. When we try to retrieve the encoder to validate it won't be able to match with the stored password. In the WebSecurityConfiguration use this instead, I hope it helps:

    @Override
     public void configure(AutheticationManagerBuilder auth) throws Exception {
       auth.inMemoryAuthentication().passwordEncoder(NoOpPasswordEnconder.getInstace())
               .withUser("test").password("1234").roles("ADMIN");
      }
Connor Luckett
Connor Luckett
492 Points

Had the same problem. It appears Daniel Alves is correct. Followed his advice and used an in-memory "dummy". Migrated over to a MySQL instance, and everything works perfectly now. Thanks, Daniel!

3 Answers

Marvin Deutz
Marvin Deutz
8,349 Points

Same problem here. Would appreciate help!

Bernhard Eiling
Bernhard Eiling
109 Points

You should check the order of parameters when creating the test Users. I had password and lastName mixed up.

vikas Rai
vikas Rai
9,703 Points

Same issue.....Can please someone assist here.....