Home » Tag Archives: Spring Security

Tag Archives: Spring Security

Spring Security and Custom Password Encoding

spring-interview-questions-answers

On a previous post we added password encoding to our spring security configuration using jdbc and md5 password encoding. However in case of custom UserDetailsServices we need to make some tweeks to our security configuration. We need to create a DaoAuthenticationProvider bean and set it to the AuthenticationManagerBuilder. Since we need a Custom UserDetailsService I will use use the Spring ...

Read More »

Spring Security and Password Encoding

spring-interview-questions-answers

On previous posts we dived into spring security. We implemented security backed by jdbc, security based on custom jdbc queries and security retrieving information from a nosql database. By being careful enough we will find out that passwords are in plain text. Although this serves well for example purposes in real environments, passwords are always encoded and stored encoded in ...

Read More »

Spring boot with Spring Security and NoSQL

nosql-logo

In the previous post we set up a spring security configuration by providing custom queries for user and authority retrieval from an sql database. Nowadays many modern applications utilize NoSQL databases. Spring security does not come with an out of the box solution for NoSQL databases. In those case we need to provide a solution by Implementing a Custom UserDetailsService. ...

Read More »

Spring boot with Spring Security and jdbc Part 2

spring-interview-questions-answers

On a previous post we implemented security based on the default table schemas that Spring Security issues requests. Considering users and roles, application developers use a schema that fits their needs. Spring gives us the ability to specify the queries needed in order to retrieve information such as username, password and roles. Our custom tables will be pretty different from ...

Read More »

Spring boot with Spring Security and jdbc

spring-security-logo

Spring security Is a wonderful framework saving lots of time and effort from the developers. Also It is flexible enough to customize and bring it down to your needs. Working with JDBC and Spring Security is pretty easy and many actions are automated. This would be a minimal showcase. The gradle file contains dependencies such as spring-security, spring-jdbc and h2 ...

Read More »

A Simple Web App with Spring Boot, Spring Security and Stormpath – in 15 Minutes

spring-interview-questions-answers

Building Identity Management, including authentication and authorization? Try Stormpath! Our REST API and robust Java SDK support can eliminate your security risk and can be implemented in minutes. Sign up, and never build auth again! UPDATE: We recently released a revision to our Stormpath Spring Security integration. You no longer have to inherit from a special Stormpath security configurer adapter. ...

Read More »

Validating JWT with Spring Boot and Spring Security

spring-interview-questions-answers

For my current project I will have a REST API set up with Spring Boot (most likely running with BoxFuse). To be able to use the API endpoint the application will check that the incoming request has a valid JWT token provided earlier (by an API service that I trust). To implement this functionality I want to make use of ...

Read More »

Stateless Spring Security Part 3: JWT + Social Authentication

spring-security-logo

This third and final part in my Stateless Spring Security series is about mixing previous post about JWT token based authentication with spring-social-security. This post directly builds upon it and focusses mostly on the changed parts. The idea is to substitude the username/password based login with “Login with Facebook” functionality based on OAuth 2, but still use the same token based authentication ...

Read More »

Stateless Spring Security Part 2: Stateless Authentication

spring-interview-questions-answers

This second part of the Stateless Spring Security series is about exploring means of authentication in a stateless way. If you missed the first part about CSRF you can find it here. So when talking about Authentication, its all about having the client identify itself to the server in a verifiable manner. Typically this start with the server providing the client with a ...

Read More »

Want to take your Java skills to the next level?

Grab our programming books for FREE!

Here are some of the eBooks you will get:

  • Spring Interview QnA
  • Multithreading & Concurrency QnA
  • JPA Minibook
  • JVM Troubleshooting Guide
  • Advanced Java
  • Java Interview QnA
  • Java Design Patterns