PreAuthorize HasPermission Security Using Spring Boot Data JPA

Spring Security – has permission The ability of hasPermission() method in Spring Boot Security applications is to determine the accessibility of a particular user for the application. The permission of an access can be read, write, etc. So, a particular user has defined set of access permission by which a user can perform certain activities in the application. The most…

PreAuthorize HasRole Security Using Spring Boot Data JPA

Spring Security Has Role PreAuthorize hasRole Spring security will determine whether a user can invoke a method or not based on his/her role. hasRole() method returns true if the current principal has the specified role. By default if the supplied role does not start with ROLE_ will be added. This can be customized by modifying the defaultRolePrefix on DefaultWebSecurityExpressionHandler. In…

Angular Spring Boot Security JWT Authentication And Authorization

Introduction In this post you will see an example about Angular Spring Boot Security JWT (JSON Web Token) Authentication and role based Authorization for REST APIs or RESTful services. I won’t explain here about JWT as there is already very good article on JWT. I will implement Spring Security’s UserDetailsService to load user from database. I will use Spring Data JPA…

Spring Boot OAuth2 SSO Example with AWS Cognito

Here in this example I am going to show you how to allow users for OAuth2 SSO (Single Sign On) using AWS (Amazon Web Services) Cognito. I had explained how to do OAuth2 Single Sign On using Spring Boot and GitHub account. Here I am going to use AWS Cognito. You can use any other providers, such as, Google, Facebook,…

How To Generate And Validate JWT Using PHP Without Using Third Party API

Introduction In this tutorial you will see how to generate and validate JWT (JSON Web Token) using PHP programming language without using any third-party library or plugin. I would not explain here what is JWT and why JWT is used but you can find wonderful documentation in its own JWT Website. This example of generating and validating JWT does not…

Spring Security – Authentication and Role Based Authorization using JWT

Spring Security JWT Auth In this post you will see an example on Spring Security authentication and role based authorization using JWT (JSON Web Token) on REST or RESTful services. I won’t explain here about JWT as there is already very good article on JWT. I will implement Spring Security’s UserDetailsService to load user from database. I will use Spring…

Spring Boot Security Example – Single Sign On Using OAuth 2

Introduction Here you will see Spring Boot Security Example – Single Sign On using OAuth 2. Single Sign On or simply SSO is a property of access control of multiple related, yet independent, software systems, where a user logs in with a single set of credentials (username and password) to gain access. Here I will use Spring Boot 2.14/2.7.0. I…

@PreAuthorize annotation – hasPermission Example In Spring Security

Spring Security Has Permission In this tutorial I will show you an example on @PreAuthorize annotation – hasPermission() example in Spring Security. The most useful annotation @PreAuthorize, which decides whether a method can actually be invoked or not based on user’s role and permission. hasRole() method returns true if the current principal has the specified role and hasPermission() method returns…

@PreAuthorize Annotation – hasRole Example In Spring Security

Spring Security Has-Role In this tutorial I will show you an example on @PreAuthorize annotation – hasRole() example in Spring Security. @PreAuthorize is the most useful annotation that decides whether a method can actually be invoked or not based on user’s role. hasRole() method returns true if the current principal has the specified role. By default if the supplied role…

How Siteminder works

Introduction In this tutorial I will discuss how SiteMinder works as an SSO authentication system. This tutorial will give you technical insights of the working principle of SiteMinder system. The Web Application Firewall may integrate with SiteMinder to provide single sign-on and centralized management of web applications using the predefined security policies. It uniquely identifies a user before the user…