Chapter 2. Enable Basic authentication


Enable Basic authentication for your Quarkus project and allow users to authenticate with a username and password.

2.1. Prerequisites

The following procedure outlines how you can enable Basic authentication for your application by using the elytron-security-properties-file extension.

2.2. Procedure

  1. In the application.properties file, set the quarkus.http.auth.basic property to true.

    quarkus.http.auth.basic=true
  2. Optional: In a non-production environment only and purely for testing Quarkus Security in your applications:

    1. To enable authentication for the embedded realm, set the quarkus.security.users.embedded.enabled property to true.

      quarkus.security.users.embedded.enabled=true
    2. You can also configure the required user credentials, user name, secret, and roles. For example:

      quarkus.http.auth.basic=true
      quarkus.security.users.embedded.enabled=true
      quarkus.security.users.embedded.plain-text=true
      quarkus.security.users.embedded.users.alice=alice 1
      quarkus.security.users.embedded.users.bob=bob 2
      quarkus.security.users.embedded.roles.alice=admin 3
      quarkus.security.users.embedded.roles.bob=user 4
      1 3
      The user, alice, has alice as their password and admin as their role.
      2 4
      The user, bob, has bob as their password and user as their role.

      For information about other methods that you can use to configure the required user credentials, see the Configuring User Information section of the Quarkus "Security Testing" guide.

      Important

      Configuring user names, secrets, and roles in the application.properties file is appropriate only for testing scenarios. For securing a production application, it is crucial to use a database to store this information.

2.3. Next steps

For a more detailed walk-through that shows you how to configure Basic authentication together with Jakarta Persistence for storing user credentials in a database, see the Getting started with Security by using Basic authentication and Jakarta Persistence guide.

2.4. References

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.