Mocking is an essential part of unit testing, and the Mockito library makes it easy to write clean and intuitive unit tests for your Java code.
Get started with mocking and improve your application tests using our Mockito guide:
Handling concurrency in an application can be a tricky process with many potential pitfalls. A solid grasp of the fundamentals will go a long way to help minimize these issues.
Get started with understanding multi-threaded applications with our Java Concurrency guide:
Spring 5 added support for reactive programming with the Spring WebFlux module, which has been improved upon ever since. Get started with the Reactor project basics and reactive programming in Spring Boot:
Since its introduction in Java 8, the Stream API has become a staple of Java development. The basic operations like iterating, filtering, mapping sequences of elements are deceptively simple to use.
But these can also be overused and fall into some common pitfalls.
To get a better understanding on how Streams work and how to combine them with other language features, check out our guide to Java Streams:
Explore Spring Boot 3 and Spring 6 in-depth through building a full REST API with the framework:
Yes, Spring Security can be complex, from the more advanced functionality within the Core to the deep OAuth support in the framework.
I built the security material as two full courses - Core and OAuth, to get practical with these more complex scenarios. We explore when and how to use each feature and code through it on the backing project.
You can explore the course here:
Spring Data JPA is a great way to handle the complexity of JPA with the powerful simplicity of Spring Boot.
Get started with Spring Data JPA through the guided reference course:
Refactor Java code safely — and automatically — with OpenRewrite.
Refactoring big codebases by hand is slow, risky, and easy to put off. That’s where OpenRewrite comes in. The open-source framework for large-scale, automated code transformations helps teams modernize safely and consistently.
Each month, the creators and maintainers of OpenRewrite at Moderne run live, hands-on training sessions — one for newcomers and one for experienced users. You’ll see how recipes work, how to apply them across projects, and how to modernize code with confidence.
Join the next session, bring your questions, and learn how to automate the kind of work that usually eats your sprint time.
Distributed systems often come with complex challenges such as service-to-service communication, state management, asynchronous messaging, security, and more.
Dapr (Distributed Application Runtime) provides a set of APIs and building blocks to address these challenges, abstracting away infrastructure so we can focus on business logic.
In this tutorial, we'll focus on Dapr's pub/sub API for message brokering. Using its Spring Boot integration, we'll simplify the creation of a loosely coupled, portable, and easily testable pub/sub messaging system:
The Apache HTTP Client is a very robust library, suitable for both simple and advanced use cases when testing HTTP endpoints. Check out our guide covering basic request and response handling, as well as security, cookies, timeouts, and more:
1. Overview
In this short tutorial, we’ll take a look at basic authentication. We’ll see how it works and configure the Java HttpClient to use this kind of authentication.
2. Basic Authentication
Basic authentication is a simple authentication method. Clients can authenticate via username and password. These credentials are sent in the Authorization HTTP header in a specific format. It begins with the Basic keyword, followed by a base64-encoded value of username:password. The colon character is important here. The header should strictly follow this format.
For example, to authenticate with baeldung username and HttpClient password we must send this header:
Basic YmFlbGR1bmc6SHR0cENsaWVudA==We can verify it by using a base64 decoder and checking the decoded result.
3. Java HttpClient
Java 9 introduced a new HttpClient as an incubated module which was standardized in Java 11. We’ll use Java 11, so we can simply import it from the java.net.http package without any extra configuration or dependencies.
Let’s start by executing a simple GET request without any authentication for now:
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.GET()
.uri(new URI("https://postman-echo.com/get"))
.build();
HttpResponse<String> response = client.send(request, BodyHandlers.ofString());
logger.info("Status {}", response.statusCode());Firstly, we create an HttpClient, which can be used to execute HTTP requests. Secondly, we create an HttpRequest using the builder design pattern. The GET method sets the HTTP method of the request. The uri method sets the URL where we would like to send the request.
After that, we send the request using our client. The second parameter of the send method is a response body handler. This tells the client that we would like to treat the response body as a String.
Let’s run our application and check the logs. The output should look like this:
INFO com.baeldung.httpclient.basicauthentication.HttpClientBasicAuthentication - Status 200We see that the HTTP status is 200, meaning our request was successful. After this, let’s see how we can handle authentication.
4. Using HttpClient Authenticator
Before we configure authentication we need an URL to test it. Let’s use a Postman Echo endpoint that requires authentication. Firstly, change the previous URL to this and run the application again:
HttpRequest request = HttpRequest.newBuilder()
.GET()
.uri(new URI("https://postman-echo.com/basic-auth"))
.build();Let’s check the logs and look for the status code. This time we received HTTP status 401 “Unauthorized”. This response code means that the endpoint requires authentication but the client didn’t send any credentials.
Let’s change our client so that it sends the required authentication data. We can do this by configuring the HttpClient Builder and our client will use the credentials we set up. This endpoint accepts the username “postman” with the password “password”. Let’s add an authenticator to our client:
HttpClient client = HttpClient.newBuilder()
.authenticator(new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("postman", "password".toCharArray());
}
})
.build();
Let’s run the application again. Now the request is successful and we receive HTTP status 200.
5. Authenticate Using HTTP Headers
We can use another approach to access endpoints that require authentication. We learned from previous sections how the Authorization header is constructed, so we can set its value manually. Although this has to be done per request instead of setting it once via an authenticator.
Let’s remove the authenticator and see how we can set the request headers. We need to construct the header value using base64 encoding:
private static final String getBasicAuthenticationHeader(String username, String password) {
String valueToEncode = username + ":" + password;
return "Basic " + Base64.getEncoder().encodeToString(valueToEncode.getBytes());
}
Let’s set this value for the Authorization header and run the application:
HttpRequest request = HttpRequest.newBuilder()
.GET()
.uri(new URI("https://postman-echo.com/basic-auth"))
.header("Authorization", getBasicAuthenticationHeader("postman", "password"))
.build();Our request is successful which means that we constructed and set the header value correctly.
6. Conclusion
In this short tutorial, we saw what is basic authentication and how it works. We used the Java HttpClient with basic authentication by setting an authenticator for it. We used a different approach to authenticate by setting the HTTP header manually.
