Introduction The example Spring Boot Security form based authentication will show you how to use custom login form with Spring’s j_spring_security_check to authenticate a user. You may also look into form based authentication on Spring MVC framework. The similar example we will implement here but using Spring Boot framework. In the previous example we have…

Posted in Spring Boot Spring MVC Spring Security

Spring Boot Security – Form Based Authentication

Introduction Here you will see Spring Boot Security Example – Single Sign On using OAuth 2. Single Sign On or simply SSO is a property of access control of multiple related, yet independent, software systems, where a user logs in with a single set of credentials (username and password) to gain access. Here I will…

Posted in Spring Boot Spring Security

Spring Boot Security Example – Single Sign On Using OAuth 2

Introduction Here we will see example on securing HTTP endpoints in Spring Boot application. Like other sensitive URLs, you should take care to secure HTTP endpoints. If Spring Security is present, endpoints are secured by default using Spring Security’s content-negotiation strategy. If you wish to configure custom security for HTTP endpoints, for example, only allow…

Posted in Spring Boot Spring Security

Spring Boot Actuator – Securing HTTP Endpoints

Introduction Spring EnableEncryptableProperties with Jasypt shows an example how to avoid putting clear text password for database connection’s credentials in properties file. Jasypt means Java simplified encryption. Here I am going to use Spring Boot with Jasypt (Java simplified encryption). Here I am also going to use Spring Data JPA to perform the data layer…

Posted in Spring Boot Spring JPA Spring REST Spring Security

Spring EnableEncryptableProperties with Jasypt

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasPermission() example in Spring Security. The most useful annotation @PreAuthorize, which decides whether a method can actually be invoked or not based on user’s role and permission. hasRole() method returns true if the current principal has the specified role and hasPermission()…

Posted in REST Security Spring REST Spring Security

@PreAuthorize annotation – hasPermission example in Spring Security

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasRole() example in Spring Security. @PreAuthorize is the most useful annotation that decides whether a method can actually be invoked or not based on user’s role. hasRole() method returns true if the current principal has the specified role. By default if…

Posted in REST Security Spring REST Spring Security

@PreAuthorize annotation – hasRole example in Spring Security

Introduction Here we will see an example on Spring Security Pre-authentication. There are situations where you want to use Spring Security for authorization, but the user has already been reliably authenticated by some external system prior to accessing the application. In such situations where Spring Security Pre-authentication comes into picture we refer to these situations…

Posted in Spring REST Spring Security

Spring Security Pre-authentication Example

This tutorial will show you how to remember your credentials for a specific time period for auto-login without providing any login credentials into the login form. Remember-me or persistent-login authentication refers to web sites being able to remember the identity of a principal between sessions. This is typically accomplished by sending a cookie to the…

Posted in Spring Security

Spring Security Remember Me – Persistent Token Approach

This tutorial will show you how to remember your credentials for a specific time period for auto-login without providing any login credentials into the login form. Remember-me or persistent-login authentication refers to web sites being able to remember the identity of a principal between sessions. This is typically accomplished by sending a cookie to the…

Posted in Spring Security

Spring Security Form Based Login – Remember Me

In my previous tutorials, I have shown in-memory authentications Spring Security Form based Authentication – XML Configuration , Spring Security Form based Authentication – Annotations , Spring Security – JDBC Authentication but in this tutorial I will show you how to authenticate user using Spring JDBC UserDetailsService and Spring MVC web application to secure pages. I will…

Posted in Spring Security

Spring Security – JDBC Authentication using UserDetailsService

In my previous tutorials, I have shown in-memory authentications Spring Security Form based Authentication – XML Configuration , Spring Security Form based Authentication – Annotations but in this tutorial I will show you how to authenticate user using Spring JDBC and Spring MVC web application to secure pages. I will create spring mvc based web application…

Posted in Spring Security

Spring Security – JDBC Authentication

In my previous tutorial, I have shown Spring Security Form based Authentication – XML Configuration but in this tutorial I will show you annotations way to configure Spring Security with Spring MVC web application to secure pages. I will create spring mvc based web application and I will configure Spring Security to protect a page from…

Posted in Security Spring Security

Spring Security Form based Authentication – Annotations