Configure User Authentication through Windows Active Directory Server in a Spring Boot Application

In this article we will try to authenticate a user to an external windows active directory domain server before granting him access to APIs.

Suppose you have a running windows AD server such
domain name —
IP Address —


  1. Add following dependencies to pom.xml file

2. Create a security configuration file

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
protected void configure(HttpSecurity http) throws Exception {
public AuthenticationProvider activeDirectoryLdapAuthenticationProvider() {

ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider =
new ActiveDirectoryLdapAuthenticationProvider( "", "ldap://");

// to parse AD failed credentails error message due to account - expiry,lock, credentialis - expiry,lock

return activeDirectoryLdapAuthenticationProvider;

protected void configure(AuthenticationManagerBuilder auth) throws Exception {

3. Create Controller class that supports two APIs -

  • /hello — return “Hello World”
  • /user — return json object of authenticated user details received from windows AD server.
public class MyController {

public String sayHello() {
return "hello world";
public Authentication getLoggedUserDeatil() {

Authentication auth = SecurityContextHolder.getContext().getAuthentication();
//get username
String username = auth.getName();
// concat list of authorities to single string seperated by comma
String authorityString = auth
// check if the user have authority -roleA
String role = "role_A";
boolean isCurrentUserInRole = auth
//return Authentication object
return auth;

Thats it.

If you try to access any of these api, you will be prompted with login form as shown below.

login form when trying to access API
API /hello output after authentication
API /user output after authentication

System Administrator and Full stack web developer.