Roles and Privileges in Spring Security

In this post, we will take a look at Role Based Access Control (RBAC) with Spring boot. Understanding RBAC In an RBAC model there are three key entities. They are, User or Subject – The actors of the system who perform operations. It can represent a physical person,an automated account, or even another application. Role – Authority … View This post

UserDetailsService : Loading UserDetails from database

In the last post, We have seen how easy it is to set up an in-memory UserDetailsService and dynamically add users to the applications. However, we all know that the implementation is only good for demos and short-lived applications. Once these applications are stopped, All the information about the users are lost. This is why most of … View This post

In-Memory UserDetailsService in Spring Security

In this post, we will take a look at how the default in-memory UserDetailsService works in Spring Boot application. Default behaviour The default autoconfiguration provides an InMemoryUserDetailsManager that generates a single user for the application to support. We can override these user properties to an extent with changes to application.properties file. For instance, you can change the default username … View This post

Basic Authentication in Spring Boot

Let’s learn how to implement Basic authentication in a Spring MVC application with an example. Configure Basic Auth To set up basic authentication, you need to provide our own HttpSecurity configuration. Similar to providing custom login form, this setup also requires a custom WebSecurityConfigurerAdapter as shown below. This is the only change that you have to do. After … View This post

Form Login with Spring Boot

This article concentrates on the default form login implementation from Spring Boot and Spring Security. Let’s dive in to understand spring security with form based username and password login. To start with, I have written a simple web application with an API that prints hello world. There is nothing special about this Controller. When we … View This post

Spring Boot Security for Secure web applications

Post Header

This post compiles a list of Spring Boot Security related topics with appropriate examples. You can learn about form-login, Securing an MVC application, password encoders, session management and other important security concepts. Login and Logout in Spring Boot How to implement form login Customizing Form Login with an Example How to implement Basic Authentication Spring … View This post