Spring Boot OAuth2 SSO Example with AWS Cognito

Here in this example I am going to show you how to allow users for OAuth2 SSO (Single Sign On) using AWS (Amazon Web Services) Cognito. I had explained how to do OAuth2 Single Sign On using Spring Boot and GitHub account. Here I am going to use AWS Cognito. You can use any other providers, such as, Google, Facebook, etc. SSO is where a user logs in with single set of credentials (username/password) to gain access to multiple software systems. OAuth is a protocol with which a 3rd-party app…

Continue

How to generate and validate JWT using PHP without using third party API

Introduction In this tutorial we will see how to generate and validate JWT (JSON Web Token) using PHP programming language without using any third party library or plugin. I would not explain here what is JWT and why JWT is used but you can find wonderful documentation in its own website. This example of generating and validating JWT does not use any third party library and you may tweak the source code according to your needs. We will have expiry time for security reason to avoid indefinite validity of the…

Continue

Spring Security – Authentication and Role Based Authorization using JWT

Introduction In this post we will see an example on Spring Security authentication and role based authorization using JWT (JSON Web Token) on REST or RESTful services. I won’t explain here about JWT as there is already very good article on JWT. We will implement Spring Security’s UserDetailsService to load user from database. We will use Spring JDBC API to perform database operations for fetching or saving user and roles into database. We will use H2 in-memory database to build a quick Spring Boot application. We will also use MySQL…

Continue

Spring Boot Security Example – Single Sign On using OAuth 2

Introduction Here we will see Spring Boot Security Example – Single Sign On using OAuth 2. Single Sign On or simply SSO is a property of access control of multiple related, yet independent, software systems, where a user logs in with a single set of credentials (username and password) to gain access. Here we will use Spring Boot 2.14. We will let client access our App by granting access through Github OAuth 2 API. You can also use other OAuth 2 API, such as, Google, Facebook etc. Even you can…

Continue

@PreAuthorize annotation – hasPermission example in Spring Security

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasPermission() example in Spring Security. The most useful annotation @PreAuthorize, which decides whether a method can actually be invoked or not based on user’s role and permission. hasRole() method returns true if the current principal has the specified role and hasPermission() method returns true if the current user’s role has the specific permission such as READ, WRITE, UPDATE or DELETE. By default if the supplied role does not start with ROLE_, then it will be added.…

Continue

@PreAuthorize annotation – hasRole example in Spring Security

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasRole() example in Spring Security. @PreAuthorize is the most useful annotation that decides whether a method can actually be invoked or not based on user’s role. hasRole() method returns true if the current principal has the specified role. By default if the supplied role does not start with ROLE_ will be added. This can be customized by modifying the defaultRolePrefix on DefaultWebSecurityExpressionHandler. We will authenticate user using in-memory credentials as well as database credentials. We will…

Continue

How Siteminder works

Introduction In this tutorial I will discuss how SiteMinder works. This tutorial will give you technical insights of the working principle of SiteMinder system. The Web Application Firewall may integrate with SiteMinder to provide single sign-On and centralized management of web applications using the predefined security policies. It uniquely identifies a user before he/she is authenticated as named user, and manages user’s privileges to ensure that the user access only authorized applications or operations. In SiteMinder single sign-on (SSO), a user successfully authenticates through one agent and does not need…

Continue