Introduction The ability of hasPermission() method in Spring Boot Security applications is to determine the accessibility of a particular user for the application. The permission of an access can be read, write, etc. So, a particular user has defined set of access permission by which a user can perform certain activities in the application. The most useful annotation @PreAuthorize, which…

Table of Contents Introduction Where is @PreAuthorize applicable? Prerequisites Project Setup MySQL Table Data Application Config Entity Classes Repository Interfaces Service Class REST Controller Class Security Config Spring Boot Main Class Testing Spring Security – PreAuthorize hasRole Source Code Introduction PreAuthorize hasRole Spring security will determine whether a user can invoke a method or not based on his/her role. hasRole()…

Introduction In this post you will see an example about Angular Spring Boot Security JWT (JSON Web Token) Authentication and role based Authorization for REST APIs or RESTful services. I won’t explain here about JWT as there is already very good article on JWT. I will implement Spring Security’s UserDetailsService to load user from database. I will use Spring Data JPA…

Here in this example I am going to show you how to allow users for OAuth2 SSO (Single Sign On) using AWS (Amazon Web Services) Cognito. I had explained how to do OAuth2 Single Sign On using Spring Boot and GitHub account. Here I am going to use AWS Cognito. You can use any other providers, such as, Google, Facebook,…

Introduction In this tutorial you will see how to generate and validate JWT (JSON Web Token) using PHP programming language without using any third-party library or plugin. I would not explain here what is JWT and why JWT is used but you can find wonderful documentation in its own JWT Website. This example of generating and validating JWT does not…

Introduction In this post we will see an example on Spring Security authentication and role based authorization using JWT (JSON Web Token) on REST or RESTful services. I won’t explain here about JWT as there is already very good article on JWT. We will implement Spring Security’s UserDetailsService to load user from database. We will use Spring JDBC API to…

Introduction Here you will see Spring Boot Security Example – Single Sign On using OAuth 2. Single Sign On or simply SSO is a property of access control of multiple related, yet independent, software systems, where a user logs in with a single set of credentials (username and password) to gain access. Here I will use Spring Boot 2.14/2.7.0. I…

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasPermission() example in Spring Security. The most useful annotation @PreAuthorize, which decides whether a method can actually be invoked or not based on user’s role and permission. hasRole() method returns true if the current principal has the specified role and hasPermission() method returns true if the…

Spring Security Has-Role In this tutorial I will show you an example on @PreAuthorize annotation – hasRole() example in Spring Security. @PreAuthorize is the most useful annotation that decides whether a method can actually be invoked or not based on user’s role. hasRole() method returns true if the current principal has the specified role. By default if the supplied role…

Introduction In this tutorial I will discuss how SiteMinder works as an SSO authentication system. This tutorial will give you technical insights of the working principle of SiteMinder system. The Web Application Firewall may integrate with SiteMinder to provide single sign-on and centralized management of web applications using the predefined security policies. It uniquely identifies a user before the user…