Spring Security 5 – OAuth2 Login
1. Overview Spring Security 5 introduces a new OAuth2LoginConfigurer class that we can use for configuring an external Authorization Server. In this article, we’ll explore some of the […]
Month: July 2021
Using JWT with Spring Security OAuth
1. Overview In this tutorial, we’ll discuss how to get our Spring Security OAuth2 implementation to make use of JSON Web Tokens. We’re also continuing […]
Spring REST API + OAuth2 + Angular
1. Overview In this tutorial, we’ll secure a REST API with OAuth2 and consume it from a simple Angular client. The application we’re going to build […]
Prevent Cross-Site Scripting (XSS) in a Spring Application
1. Overview When building a Spring web application, it’s important to focus on security. Cross-site scripting (XSS) is one of the most critical attacks on web security. […]
Fixing 401s with CORS Preflights and Spring Security
1. Overview In this short tutorial, we’re going to learn how to solve the error “Response for preflight has invalid HTTP status code 401”, which […]
Find the Registered Spring Security Filters
1. Overview Spring Security is based on a chain of servlet filters. Each filter has a specific responsibility and depending on the configuration, filters are […]
Default Password Encoder in Spring Security 5
1. Overview In Spring Security 4, it was possible to store passwords in plain text using in-memory authentication. A major overhaul of the password management […]
Spring Boot Security Auto-Configuration
1. Overview In this tutorial, we’ll have a look at Spring Boot’s opinionated approach to security. Simply put, we’re going to focus on the default […]
Introduction to Spring Method Security
1. Introduction Simply put, Spring Security supports authorization semantics at the method level. Typically, we could secure our service layer by, for example, restricting which […]
Control the Session with Spring Security
1. Overview In this article, we’re going to illustrate how Spring Security allows us to control our HTTP Sessions. This control ranges from a session timeout […]
Spring Security – security none, filters none, access permitAll
1. Overview Spring Security provides several mechanisms to configure a request pattern as unsecured or allowing all access. Depending on each of these mechanisms – […]
Introduction to Spring Security Expressions
1. Introduction In this tutorial we’ll focus on Spring Security Expressions, and of course on practical examples with these expressions. Before looking at more complex […]
Retrieve User Information in Spring Security
1. Overview This article will show how to retrieve the user details in Spring Security. The currently authenticated user is available through a number of different […]
Spring Security with Maven
1. Overview In this article, we’ll explain how to setup Spring Security with Maven and go over specific use-cases of using Spring Security dependencies. You can find […]
Spring Security Login Page with React
1. Overview React is a component-based JavaScript library built by Facebook. With React, we can build complex web applications with ease. In this article, we’re going […]
Prevent Brute Force Authentication Attempts with Spring Security
1. Overview In this quick tutorial, we’ll implement a basic solution for preventing brute force authentication attempts using Spring Security. Simply put – we’ll keep a record of […]
Spring Security Custom AuthenticationFailureHandler
1. Overview In this quick tutorial, we’re going to illustrate how to customize Spring Security’sauthentication failures handling in a Spring Boot application. The goal is to […]
Extra Login Fields with Spring Security
1. Introduction In this article, we’ll implement a custom authentication scenario with Spring Security by adding an extra field to the standard login form. We’re going to focus […]
How to Manually Authenticate User with Spring Security
1. Overview In this quick article, we’ll focus on how to programmatically set an authenticated user in Spring Security and Spring MVC. 2. Spring Security […]
Spring Security Authentication Provider
1. Overview This tutorial will show how to set up an Authentication Provider in Spring Security to allow for additional flexibility compared to the standard scenario using […]
