Spring Boot Database Admin does not implement authentication and/or authorization mechanisms. However, you can use a standard Spring security configuration in order to limit access to the web UI or specific parts of it.
-All Spring Boot Database Admin routes start with the value of dbadmin.baseUrl property, and all write operations (edit, create, delete) are implemented as POST calls.
All Spring Boot Database Admin routes start with the value of dbadmin.baseUrl property, and all write operations (edit, create, delete) are implemented as POST calls. The following code provides an example security configuration (assuming Spring Boot Database Admin runs at /admin):
+@Bean
+public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ return http.authorizeHttpRequests(auth -> {
+ // POST methods (create, edit and delete) require ADMIN role
+ auth.requestMatchers(HttpMethod.POST, "/admin/**").hasAuthority("ADMIN")
+ // Read-only Spring Boot Database Admin routes require authentication (any role)
+ .requestMatchers("/admin/**").authenticated()
+ // The other routes are not protected (adapt to your needs)
+ .requestMatchers("/**").permitAll();
+ })
+ .formLogin(l -> l.loginPage("/login").permitAll())
+ .build();
+}
+
+
diff --git a/src/main/resources/templates/about.html b/src/main/resources/templates/help.html
similarity index 100%
rename from src/main/resources/templates/about.html
rename to src/main/resources/templates/help.html