Home » Tag Archives: Spring Security

Tag Archives: Spring Security

Secure Your Java App with Spring Security, Thymeleaf, and Okta

spring-interview-questions-answers

Never Build Auth Again – Love building user management? With Okta, you can add social login, multi-factor authentication, and OpenID Connect support to your app in minutes. Create a free developer account today. When you’re building your java app, user management is a critical consideration. It’s common for apps and APIs to partition access to different parts of an application, ...

Read More »

Secure REST Service with OAuth2 Tokens

spring-interview-questions-answers

1. Introduction In this tutorial, we will check out how we can use Spring Security with OAuth to secure REST Service. In the demo application, the secured REST resources on the server are accessible with the path pattern (/api/**), such that the request URLs based on this path are mapped to different controller methods. This means that – Any REST ...

Read More »

Securing resources using Spring Security with OAuth

spring-interview-questions-answers

1. Introduction In this tutorial, we will check out how we can use Spring Security with OAuth to secure the admin resources on the server based on the path pattern (/api/**). Another path pattern (/oauth/token) we have configured which will help configured authorization server generate the access token. Note that we will be using Password Grant Type in this demo ...

Read More »

Understanding OAuth2 token authentication

java-interview-questions-answers

1. Introduction In this tutorial, we will be understanding OAuth2 Token Authentication, such that only authenticated users and applications get a valid access token which can be subsequently used to access authorized APIs (which are nothing but the protected resources in OAuth terms) on the server. With token based authentication, the users/applications get access to the protected resources for a certain ...

Read More »

Spring Security and Multiple Filter Chains

java-interview-questions-answers

Spring Security is an immensely useful technology. It allows you to secure your application without being too intrusive and allows to plug with many different authentication mechanisms. On the other hand it is not that easy to get into and one of those tools that I have to relearn each time I am touching it. In this post I’ll describe ...

Read More »

Spring Security and Custom Password Encoding

spring-interview-questions-answers

On a previous post we added password encoding to our spring security configuration using jdbc and md5 password encoding. However in case of custom UserDetailsServices we need to make some tweeks to our security configuration. We need to create a DaoAuthenticationProvider bean and set it to the AuthenticationManagerBuilder. Since we need a Custom UserDetailsService I will use use the Spring ...

Read More »

Spring Security and Password Encoding

spring-interview-questions-answers

On previous posts we dived into spring security. We implemented security backed by jdbc, security based on custom jdbc queries and security retrieving information from a nosql database. By being careful enough we will find out that passwords are in plain text. Although this serves well for example purposes in real environments, passwords are always encoded and stored encoded in ...

Read More »

Spring boot with Spring Security and NoSQL

In the previous post we set up a spring security configuration by providing custom queries for user and authority retrieval from an sql database. Nowadays many modern applications utilize NoSQL databases. Spring security does not come with an out of the box solution for NoSQL databases. In those case we need to provide a solution by Implementing a Custom UserDetailsService. ...

Read More »