Enable Basic authentication
Enable Basic authentication for your Quarkus project and allow users to authenticate with a username and password.
Prerequisites
-
You have installed at least one extension that provides an
IdentityProvider
based on username and password, such as Elytron JDBC.
Procedure
-
Enable Basic authentication by setting the
quarkus.http.auth.basic
property totrue
.quarkus.http.auth.basic=true
-
For testing purposes, you can configure the required user credentials, user name, secret, and roles, in the
application.properties
file. For example:quarkus.http.auth.basic=true quarkus.security.users.embedded.plain-text=true quarkus.security.users.embedded.users.alice=alice (1) quarkus.security.users.embedded.users.bob=bob (2) quarkus.security.users.embedded.roles.alice=admin (1) quarkus.security.users.embedded.roles.bob=user (2)
1 The user, alice
, hasalice
as their password andadmin
as their role.2 The user, bob
, hasbob
as their password anduser
as their role.For information about other methods that you can use to configure the required user credentials, see the Configuring User Information section of the Quarkus "Security Testing" guide.
Configuring user names, secrets, and roles in the
application.properties
file is only suitable for testing scenarios. If you are securing a production application, always use a database to store this information.
Next steps
For a more detailed walk-through that shows you how to configure Basic authentication together with Jakarta Persistence for storing user credentials in a database, see the Secure a Quarkus application with Basic authentication and Jakarta Persistence guide.