In this Spring Security tutorial, you will learn how to enable and use the Method Level Security with a @Secured annotation. @Secured is a Spring Security annotation used to specify that a method should be executed only if the authenticated user has the required roles or authorities. When you use this annotation, you can specify…
Read More Spring Security @Secured: Method-Level ProtectionIn this tutorial, I will show you how to add support for the H2 in-memory database to your Spring Boot project with Spring Security enabled. By the end of this tutorial, you will be able to watch a video demonstration of how to implement it. After following the steps below, your Spring Boot project will…
Read More Add H2 Database to Spring Boot with Spring Security: A GuideThis tutorial will teach you how to add Spring Security to your project and enable in-memory basic authentication. You will learn how to configure two different users with different Roles and Privileges. Both users’ roles and privileges will be stored in the memory of your Spring Boot application. If you use Spring Framework and OAuth,…
Read More Spring Security In-Memory AuthenticationIn this Spring Security tutorial, you will learn how to enable Basic Authentication for your Spring Boot project and configure the default username, password and user role. You will also learn how to secure a web service request URL so only authenticated users with a default username, password and role can access it. If you use…
Read More Spring Security Default Username, Password, RoleIn this blog post, you will learn a couple of ways you can disable Spring Security Configuration for your @WebMvcTest. Disable Security Filters for @AutoConfigureMockMvc One of the ways you can disable Spring Security filters in your tests, is to use the @AutoConfigureMockMvc annotation. @AutoConfigureMockMvc annotation can be applied to a test class to enable…
Read More Disable Spring Security Configuration for @WebMvcTestIn this tutorial, you will learn how to create a custom password encoder in a Spring Boot application that uses Spring Security. Table of contents Create a Spring Boot project and add database connection properties, Add a User model, Create a User repository, Implement a custom PasswordEncoder, Create a service class that implements UserDetailService, Add…
Read More Custom Password Encoder in Spring SecurityIn this short tutorial, you will learn how to configure the /logout functionality in your Spring Boot Web application that uses OAuth2 Social Login. To learn how to implement the OAuth2 Social login feature, please check the following tutorial: Spring Security OAuth 2 Social Login. Configure HttpSecurity Applications that use Spring Security and OAuth2 Social login…
Read More Spring Security OAuth 2 Social LogoutIn this tutorial, you will learn how to add a Social Login(OAuth 2) feature into your Spring MVC Web application. This will allow users to login to your application with their social network accounts like Facebook, Google, or other large services that support OAuth 2 like for example GitHub. Spring Security 5 offers very good…
Read More Spring Security OAuth 2 Social LoginIn this Spring Security tutorial, you will learn how to use the @PreAuthorize annotation to secure method invocation. You can use the @PreAuthorize annotation to secure either method in a Controller class or a method in a service layer class. There are other useful method-level security annotations like the ones below. It is useful to…
Read More Spring Security @PreAuthorize Annotation ExampleIn this Spring Boot tutorial, you will learn how to get the details of the currently authenticated principal user. There is more than one way to get currently authenticated user details and in this blog post, I am going to share with you a few. Most likely you already have Spring Security configured for your…
Read More Spring Security. Get Authenticated Principal Details.In this tutorial, I will share with you how to secure Spring Cloud Eureka dashboard with Spring Security. To learn how to build RESTful Microservices with Spring Cloud by watching step-by-step video lessons, please check this page: Spring Boot Microservices and Spring Cloud. Add Spring Security to Eureka To secure Eureka with Spring Security, we will…
Read More Secure Eureka Dashboard with Spring SecurityIn this Spring Boot tutorial, you will learn how to implement User Authentication(User Login) functionality for your RESTful Web Service application. There is also a step-by-step video demonstration on how to do User Authentication available here. The user authentication functionality we are going to implement in this tutorial will work the following way: A user…
Read More User Authentication – Spring Boot, Spring Security, JWTIf your project uses Spring Security and you have added Swagger/OpenAPI to it, there is a little additional configuration you need to do in order to make your /v3/api-docs and swagger-ui.html pages work. Enable Swagger URLs in Spring Security Project To enable Swagger URLs in a RESTful Web Services project built with Spring Boot and…
Read More Swagger/OpenAPI and Spring SecurityIn this tutorial, you will learn how to add Spring Security to your project so that we can use Spring Security to encrypt user passwords. I assume you already have a project created with Spring Boot, but in case you do not have one, check out my blog post on how to “Create a very…
Read More Encrypt User Password with Spring SecurityIn this tutorial, you will learn how to return a custom error message if the conditions of the Spring Method Security are not met. To learn more about method-level security annotations read: Spring Method-Level Security with @PreAuthorize, Spring Security @Secured: Method-Level Protection, @PostAuthorize Security Annotation Example. Controller class with Spring Method Security Annotation Let’s assume…
Read More Spring Method Security: Customize Error Message