In the previous blog post, we covered the basics of how to use Keycloak with Spring boot. In this blog post, we will explore Role-based Access Control to Rest API with Keycloak. So let’s get started! Imagine we have a microservice for a Research Journal Management System that can serve users with two types of…
Read More Role-Based Access Control to REST API with KeycloakThis tutorial will teach you how to use Keycloak to secure your Spring Boot Application. To find other tutorials, check the Keycloak tutorials page. What is Keycloak? According to Keycloak’s official website, It is an open-source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and…
Read More A Guide to use Keycloak with Spring BootIn this tutorial, I’ll guide you on how to use the new OAuth2 Authorization Server(v0.0.3) built by the Spring Team. Below are the new features that have been introduced in the newer version: Enforce one-time use for authorization code Introduce OAuth2 Tokens Add Refresh Token grant Implement Token Revocation Endpoint OAuth2 is an authorization method…
Read More The New OAuth2 Authorization ServerIn this tutorial, you will learn how to create a custom password encoder in a Spring Boot application that uses Spring Security. Table of contents Create a Spring Boot project and add database connection properties, Add a User model, Create a User repository, Implement a custom PasswordEncoder, Create a service class that implements UserDetailService, Add…
Read More Custom Password Encoder in Spring SecurityIn this short tutorial, you will learn how to configure the /logout functionality in your Spring Boot Web application that uses OAuth2 Social Login. To learn how to implement the OAuth2 Social login feature, please check the following tutorial: Spring Security OAuth 2 Social Login. Configure HttpSecurity Applications that use Spring Security and OAuth2 Social login…
Read More Spring Security OAuth 2 Social LogoutIn this tutorial, you will learn how to add a Social Login(OAuth 2) feature into your Spring MVC Web application. This will allow users to login to your application with their social network accounts like Facebook, Google, or other large services that support OAuth 2 like for example GitHub. Spring Security 5 offers very good…
Read More Spring Security OAuth 2 Social LoginIn this Spring Security tutorial, you will learn how to use the @PreAuthorize annotation to secure method invocation. You can use the @PreAuthorize annotation to secure either method in a Controller class or a method in a service layer class. There are other useful method-level security annotations like the ones below. It is useful to…
Read More Spring Security @PreAuthorize Annotation ExampleIn this tutorial, I will share with you how to secure Spring Cloud Eureka dashboard with Spring Security. To learn how to build RESTful Microservices with Spring Cloud by watching step-by-step video lessons, please check this page: Spring Boot Microservices and Spring Cloud. Add Spring Security to Eureka To secure Eureka with Spring Security, we will…
Read More Secure Eureka Dashboard with Spring SecurityIn this Spring Boot tutorial, you will learn how to implement User Authentication(User Login) functionality for your RESTful Web Service application. There is also a step-by-step video demonstration on how to do User Authentication available here. The user authentication functionality we are going to implement in this tutorial will work the following way: A user…
Read More User Authentication – Spring Boot, Spring Security, JWTIf your project uses Spring Security and you have added Swagger/OpenAPI to it, there is a little additional configuration you need to do in order to make your /v3/api-docs and swagger-ui.html pages work. Enable Swagger URLs in Spring Security Project To enable Swagger URLs in a RESTful Web Services project built with Spring Boot and…
Read More Swagger/OpenAPI and Spring SecurityIn this short tutorial, I am going to share with you how to enable CrossOrigin in a RESTful Web Service API built with Spring Boot that also has Spring Security enabled. Enable CrossOrigin for Specific Endpoint To enable cross-origin AJAX HTTP requests to a specific RESTful Web Service endpoint in our Rest Controller class we can use…
Read More CrossOrigin and CORS in RESTful Web Service