diff --git a/spring-boot-samples/spring-boot-sample-web-secure/pom.xml b/spring-boot-samples/spring-boot-sample-web-secure/pom.xml
index 36bd4087194..61848bad487 100644
--- a/spring-boot-samples/spring-boot-sample-web-secure/pom.xml
+++ b/spring-boot-samples/spring-boot-sample-web-secure/pom.xml
@@ -23,10 +23,18 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-jdbc</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-thymeleaf</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>com.h2database</groupId>
+			<artifactId>h2</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>
 			<artifactId>httpclient</artifactId>
diff --git a/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/ui/secure/SampleWebSecureApplication.java b/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/ui/secure/SampleWebSecureApplication.java
index 410e68ce481..04aa77d1134 100644
--- a/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/ui/secure/SampleWebSecureApplication.java
+++ b/spring-boot-samples/spring-boot-sample-web-secure/src/main/java/sample/ui/secure/SampleWebSecureApplication.java
@@ -19,13 +19,19 @@ package sample.ui.secure;
 import java.util.Date;
 import java.util.Map;
 
+import javax.sql.DataSource;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.security.SecurityProperties;
 import org.springframework.boot.builder.SpringApplicationBuilder;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.DependsOn;
+import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.stereotype.Controller;
@@ -65,6 +71,12 @@ public class SampleWebSecureApplication extends WebMvcConfigurerAdapter {
 		return new ApplicationSecurity();
 	}
 
+	@Bean
+	@DependsOn("dataSourceAutoConfigurationInitializer")
+	public AuthenticationSecurity authenticationSecurity() {
+		return new AuthenticationSecurity();
+	}
+
 	@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
 	protected static class ApplicationSecurity extends WebSecurityConfigurerAdapter {
 
@@ -78,4 +90,20 @@ public class SampleWebSecureApplication extends WebMvcConfigurerAdapter {
 		}
 	}
 
+	@Order(Ordered.HIGHEST_PRECEDENCE + 10)
+	protected static class AuthenticationSecurity extends GlobalAuthenticationConfigurerAdapter {
+
+		@Autowired
+		private DataSource dataSource;
+
+		@Override
+		public void init(AuthenticationManagerBuilder auth) throws Exception {
+			// @formatter:off
+			auth.jdbcAuthentication().dataSource(dataSource).withUser("admin").password("admin")
+					.roles("ADMIN", "USER").and().withUser("user").password("user")
+					.roles("USER");
+			// @formatter:on
+		}
+	}
+
 }
diff --git a/spring-boot-samples/spring-boot-sample-web-secure/src/main/resources/schema.sql b/spring-boot-samples/spring-boot-sample-web-secure/src/main/resources/schema.sql
new file mode 100644
index 00000000000..cf6c5fdda60
--- /dev/null
+++ b/spring-boot-samples/spring-boot-sample-web-secure/src/main/resources/schema.sql
@@ -0,0 +1,10 @@
+create table users (
+  username varchar(256),
+  password varchar(256),
+  enabled boolean
+);
+
+create table authorities (
+  username varchar(256),
+  authority varchar(256)
+);
\ No newline at end of file
diff --git a/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/ui/secure/SampleSecureApplicationTests.java b/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/ui/secure/SampleSecureApplicationTests.java
index 758c506601f..d9c2c62cb55 100644
--- a/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/ui/secure/SampleSecureApplicationTests.java
+++ b/spring-boot-samples/spring-boot-sample-web-secure/src/test/java/sample/ui/secure/SampleSecureApplicationTests.java
@@ -88,7 +88,7 @@ public class SampleSecureApplicationTests {
 		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
 		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
 		form.set("username", "user");
-		form.set("password", "password");
+		form.set("password", "user");
 		ResponseEntity<String> entity = new TestRestTemplate().exchange(
 				"http://localhost:" + this.port + "/login", HttpMethod.POST,
 				new HttpEntity<MultiValueMap<String, String>>(form, headers),