API Spring boot auto redirect to login page

I'm trying to integrate spring security with spring boot restful API. my project's code as follows:

web security configurations are

public class SecurityConfig extends WebSecurityConfigurerAdapter {

    private BCryptPasswordEncoder bCryptPasswordEncoder;

    protected void configure(HttpSecurity http) throws Exception {




public class UserRestApiController {

    UserService userService;

    @RequestMapping(value="/all", method=RequestMethod.GET)
    public ResponseEntity<Collection<Users>> getAll(){
        return new ResponseEntity<Collection<Users>>(userService.getAlluser(), HttpStatus.OK);

    @RequestMapping(value="/{id}", method=RequestMethod.GET)
    public ResponseEntity<Users> getUser(@PathVariable(value="id") int id){
        return new ResponseEntity<Users>(userService.getUser(id), HttpStatus.OK);

    @RequestMapping(value="/delete/{id}", method=RequestMethod.PUT)
    public String deleteUser(@PathVariable(value="id")int id){
        return "DELETED";

    @RequestMapping(value="/create", method=RequestMethod.POST)
    public ResponseEntity<String> addUser(@Valid @RequestBody Users user){
        return new ResponseEntity<String>(userService.addUser(user), HttpStatus.OK);

    @RequestMapping(value="/update", method=RequestMethod.PUT)
    public ResponseEntity<Object> updateUser(@Valid @RequestBody Users user){
        return new ResponseEntity<Object>(userService.updateUser(user), HttpStatus.OK);


public class UserService {

    private UserRepository userRepository;

    private PasswordEncoder passwordEncoder;

    public Collection<Users> getAlluser() {
        return userRepository.findAll();

    public Users getUser(int id) {
        return userRepository.getOne(id);

    public void deleteUser(int id) {

    public Users updateUser(Users user) {
        //Users u = userRepository.getOne(user.getId());
        Users userUpdate = null;
        if(userRepository.findById(user.getId()) != null) {
             userUpdate = userRepository.save(user);
        return userUpdate;

    public String addUser(Users user) {
        Users tmpUser = userRepository.findByUsername(user.getUsername());
        if(tmpUser == null) {
            return "CREATED";
        } else {
            return "EXISTED";

I'm trying build restful API. and when I try access link like: http://localhost:8080/API/user/all

instead return json value, it redirect to login page(I don't config do that).

image login page: login page

Can you help me clear this case ?

1 answer

  • answered 2018-05-16 06:27 Ahmed Itani

    Unlike the Spring MVC, the REST service is not supposed to redirect the user to the login page because it is a resource, not a view resolver. Instead, the caller (web browser as an example) redirects the user to the login page when it receives HTTP code 401.