Spring Boot H2 console login giving "Bad credentials" despite using the username and password from application.properties

Question

When I go into http://localhost:8080/h2-console and then type in sa for username and test for password, I get the above image.

My application.properties is like below

spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
spring.datasource.url=jdbc:h2:mem:testdb
spring.datasource.driverClassName=org.h2.Driver
spring.datasource.username=sa
spring.datasource.password=test
spring.h2.console.enabled=true
spring.h2.console.path=/h2-console
spring.jpa.hibernate.ddl-auto=create-drop
spring.jpa.show-sql=true
logging.level.org.hibernate.SQL=DEBUG
logging.level.org.hibernate.orm.jdbc.bind=trace
spring.jackson.mapper.default-view-inclusion=true

and my build.grade is like below

plugins {
    id 'java'
    id 'org.springframework.boot' version '3.0.5'
    id 'io.spring.dependency-management' version '1.1.0'
}

group = 'com.example'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = '17'

repositories {
    mavenCentral()
}

dependencies {
    implementation 'org.springframework.boot:spring-boot-starter-cache'
    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
    implementation 'org.springframework.boot:spring-boot-starter-security'
    implementation 'org.springframework.boot:spring-boot-starter-web'
    developmentOnly 'org.springframework.boot:spring-boot-devtools'
    implementation 'com.h2database:h2'
    testImplementation 'org.springframework.boot:spring-boot-starter-test'
    testImplementation 'org.springframework.security:spring-security-test'
    implementation 'com.google.code.gson:gson:2.8.6'
}

tasks.named('test') {
    useJUnitPlatform()
}

I've not added any code regarding Spring Security. Would I have set up something incorrectly?

score 2 · Answer 1 · answered Mar 27 '23 at 12:34

2

this is not h2 console login page but spring-security default login page.

Default username is user You will find the default password printed to console at start time.

Alternatively you can set spring-security username and password with:

spring.security.user.name=user 
spring.security.user.password=password

answered Mar 27 '23 at 12:34

J Asgarov

2,526
1
8
18

Ahh i see. That worked, but now it wouldn't let me get past the h2-console login probably because of spring security. I tried removing spring-security from build.gradle to test, but it seems like spring-security is still applied despite removing it from build.gradle – itsmarziparzi Mar 27 '23 at 12:47
https://stackoverflow.com/questions/43794721/spring-boot-h2-console-throws-403-with-spring-security-1-5-2 – J Asgarov Mar 27 '23 at 13:11
I understand that there's a way to fix spring security to allow h2-console. But is there not an easy way to just un-apply spring-security all together? – itsmarziparzi Mar 27 '23 at 15:52
yes, remove the spring-security dependency :) Also https://stackoverflow.com/questions/23894010/spring-boot-security-disable-security – J Asgarov Mar 28 '23 at 07:59
hmm but for some reason, even after i remove spring-security from build.gradle, the h2-console still continues to be blocked. However, if I remake the same project without adding spring-security as dependency from the start while using the same code, the h2-console works fine. Wouldn't this mean that spring-security was not removed even after I removed the dependency? – itsmarziparzi Mar 28 '23 at 13:28
run `gradle clean build` after removing it to actually remove the jar from classpath – J Asgarov Mar 29 '23 at 07:12

Spring Boot H2 console login giving "Bad credentials" despite using the username and password from application.properties

1 Answers1