Spring Security

Spring Boot Security Example – Single Sign On using OAuth 2

Introduction Here we will see Spring Boot Security Example – Single Sign On using OAuth 2. Single Sign On or simply SSO is a property of access control of multiple related, yet independent, software systems, where a user logs in with a single set of credentials (username and password) to gain access. Here we will […]

Spring Boot Actuator – Securing HTTP Endpoints

Introduction Here we will see example on securing HTTP endpoints in Spring Boot application. Like other sensitive URLs, you should take care to secure HTTP endpoints. If Spring Security is present, endpoints are secured by default using Spring Security’s content-negotiation strategy. If you wish to configure custom security for HTTP endpoints, for example, only allow […]

Spring EnableEncryptableProperties with Jasypt

Spring EnableEncryptableProperties with Jasypt shows an example how to avoid putting clear text password for database connection credentials in properties file. Jasypt means Java simplified encryption. Here we are going to use Spring version 4 with Jasypt (Java simplified encryption). Here we are also going to use Spring Data JPA to perform the data layer […]

@PreAuthorize annotation – hasPermission example in Spring Security

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasPermission example in Spring Security. The most useful annotation @PreAuthorize, which decides whether a method can actually be invoked or not based on user’s role and permission. hasRole() method returns true if the current principal has the specified role and hasPermission() […]

@PreAuthorize annotation – hasRole example in Spring Security

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasRole example in Spring Security. @PreAuthorize is the most useful annotation that decides whether a method can actually be invoked or not based on user’s role. hasRole() method returns true if the current principal has the specified role. By default if […]

Spring Security Pre-authentication Example

Introduction Here we will see an example on Spring Security Pre-authentication. There are situations where you want to use Spring Security for authorization, but the user has already been reliably authenticated by some external system prior to accessing the application. In such situations where Spring Security Pre-authentication comes into picture we refer to these situations […]

Spring Security Remember Me – Persistent Token Approach

This tutorial will show you how to remember your credentials for a specific time period for auto-login without providing any login credentials into the login form. Remember-me or persistent-login authentication refers to web sites being able to remember the identity of a principal between sessions. This is typically accomplished by sending a cookie to the […]

Spring Security Form Based Login – Remember Me

This tutorial will show you how to remember your credentials for a specific time period for auto-login without providing any login credentials into the login form. Remember-me or persistent-login authentication refers to web sites being able to remember the identity of a principal between sessions. This is typically accomplished by sending a cookie to the […]

Spring Security – JDBC Authentication using UserDetailsService

In my previous tutorials, I have shown in-memory authentications Spring Security Form based Authentication – XML Configuration , Spring Security Form based Authentication – Annotations , Spring Security – JDBC Authentication but in this tutorial I will show you how to authenticate user using Spring JDBC UserDetailsService and Spring MVC web application to secure pages. I will […]

Spring Security – JDBC Authentication

In my previous tutorials, I have shown in-memory authentications Spring Security Form based Authentication – XML Configuration , Spring Security Form based Authentication – Annotations but in this tutorial I will show you how to authenticate user using Spring JDBC and Spring MVC web application to secure pages. I will create spring mvc based web application […]

Scroll to top