{"id":22311,"date":"2020-12-04T12:57:25","date_gmt":"2020-12-04T12:57:25","guid":{"rendered":"https:\/\/cnsfly.com\/vytcdc\/?p=22311"},"modified":"2024-09-26T11:28:15","modified_gmt":"2024-09-26T11:28:15","slug":"spring-security-authentication-and-authorization","status":"publish","type":"post","link":"https:\/\/cnsfly.com\/vytcdc\/spring-security-authentication-and-authorization\/","title":{"rendered":"Spring Security: Authentication and Authorization"},"content":{"rendered":"

Introduction<\/strong><\/h3>\n

You can use this guide to understand what Spring Security is and how its core features like authentication, authorization, or common exploit protection work.<\/p>\n

Sooner or later everyone needs to add security to his project and in the Spring ecosystem, you do that with the help of the Spring Security library.<\/p>\n

So you go along, add Spring Security to your Spring Boot (or plain Spring) project, and suddenly\u2026\u200b<\/p>\n

\u2022 you have auto-generated login-pages.
\n\u2022 \u200byou cannot execute POST requests anymore.
\n\u2022 your whole application is on lockdown and prompts you to enter a username and password.<\/p>\n

Having survived the subsequent mental breakdown, you might be interested in how all of this works.<\/p>\n

What is Spring Security and how does it work?<\/strong><\/p>\n

Spring Security is really just a bunch of servlet filters that help you add authentication and authorization to your web application.<\/p>\n

It also integrates well with frameworks like Spring Web MVC (or Spring Boot), as well as with standards like OAuth2. And it auto-generates login\/logout pages and protects against common exploits like CSRF.<\/p>\n

Web Application Security:<\/strong><\/p>\n

Before you become a Spring Security Guru, you need to understand three important concepts:
\n\u2022 Authentication
\n\u2022 Authorization
\n\u2022 Servlet Filters<\/p>\n

Download\u00a0the project here to learn and practice\u00a0Github<\/em>\u00a0link below :<\/p>\n

https:\/\/github.com\/showagon\/SpringSecurity-Role-Base<\/a><\/p>\n

Note: DB file also includes in the Github project itself.<\/p>\n","protected":false},"excerpt":{"rendered":"

Introduction You can use this guide to understand what Spring Security is and how its core features like authentication, authorization, or common exploit protection work. Sooner or later everyone needs<\/p>\n","protected":false},"author":1,"featured_media":22708,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[77],"tags":[25,26],"class_list":["post-22311","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-java","tag-design","tag-development"],"_links":{"self":[{"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/posts\/22311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/comments?post=22311"}],"version-history":[{"count":2,"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/posts\/22311\/revisions"}],"predecessor-version":[{"id":33853,"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/posts\/22311\/revisions\/33853"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/media\/22708"}],"wp:attachment":[{"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/media?parent=22311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/categories?post=22311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cnsfly.com\/vytcdc\/wp-json\/wp\/v2\/tags?post=22311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}