In this post, we will take a look at Role Based Access Control (RBAC) with Spring boot. Understanding RBAC In an RBAC model there are three key entities. They are, User or Subject – The actors of the system who perform operations. It can represent a physical person, an automated account, or even another application. Role –…
In the last post, We have seen how easy it is to set up an in-memory UserDetailsService and dynamically add users to the applications. However, we all know that the implementation is only good for demos and short-lived applications. Once these applications are stopped, All the information about the users is lost. This is why…
In this post, we will take a look at how the default in-memory UserDetailsService works in Spring Boot application. Default behaviour The default autoconfiguration provides an InMemoryUserDetailsManager that generates a single user for the application to support. We can override these user properties to an extent with changes to application.properties file. For instance, you can change the default username…
Let’s learn how to implement Basic authentication in a Spring MVC application with an example. Configure Basic Auth To set up basic authentication, you need to provide our own HttpSecurity configuration. Similar to providing custom login form, this setup also requires a custom WebSecurityConfigurerAdapter as shown below. This is the only change that you have to do. After…
In this post, We will take a look at providing a custom form login in a spring boot application. The default spring boot form login may not fit everyone’s need. For example, Some organization may want to put a logo on their login page. Some may find the default login forms less appealing. For some perfectionists,…
This article concentrates on the default form login implementation from Spring Boot and Spring Security. Let’s dive in to understand spring security with form-based username and password login. To start with, I have written a simple web application with an API that prints hello world. There is nothing special about this Controller. When we open…
What is Spring Security? It is a powerful and highly customizable authentication and access-control(RBAC) framework. It is the standard for securing Spring-based web applications. This framework focuses on providing both authentication and authorization to Java applications. Similar to other modules, You can easily extend the Spring Security module to meet custom requirements. Features Here are…
