Thymeleaf Form POST Handling in Spring Boot

In this post, we will take a look how to handle form POST request submission from thymeleaf template in Spring boot and how to bind form elements to a Model object. Typical Form handling For applications that use Thymeleaf views, AJAX may be overkill. But form handling is not simple. At least in the context…

Spring Boot Hazelcast Cache – Guide

This is a complete guide for using Hazelcast as cache backend in your spring boot application with an example. What is Hazelcast? Hazelcast (Hazelcast-IMDG) is an in-memory data grid. The ideal use-case for Hazelcast-IMDG would be store and replicate cached content between applications. The grid itself is a collection of embedded instances of Hazelcast runtime. Many of…

Spring sessions in a Separate Database

Storing session details in Redis or database is usually a good idea. However, the default implementation of spring-session-jdbc uses the primary data source to store and retrieve data from the session related tables. This can be a problem when there is a large amount of session related operations to the database. To avoid these situations,…

Storing Spring Sessions in Database using JDBC

In this post, We will take a look at setting up Spring Boot Session module using database/JDBC as the backend. Introduction When running multiple instances of the same application, sharing the session data can be a good idea. In this post we will take a look at using a database as a session store for…

Redis as Session Store in Spring Boot

In this post, We will take a look at implementing Redis as a Session store in Spring Boot with an example. When running multiple instances behind a load balancer, maintaining sessions can be a problem. For example, let’s say instance-2 receives a login request and establishes a session for the user. However, the second request…

Customizing Spring Session Cookies

In this post, We will take a look at Customizing Spring Session Cookies with an example. Typical behaviour In session-based authentications like Form-Login and CAS(Central Authentication System), the session is established via cookies. This is done by sending a Set-Cookie header after a successful login similar to the one shown below. Once the browser reads this response…

Roles and Privileges in Spring Security

In this post, we will take a look at Role Based Access Control (RBAC) with Spring boot. Understanding RBAC In an RBAC model there are three key entities. They are, User or Subject – The actors of the system who perform operations. It can represent a physical person, an automated account, or even another application. Role –…

Password Encoder in Spring Security

In this post, We will take a look at password encoders in detail with an example. Traditionally, storing passwords were hard. The application will have to encode user passwords and store them in a database. But with password encoders provided by spring security, all of these can be done automatically. Password Encoders are beans that…

UserDetailsService : Loading UserDetails from database

In the last post, We have seen how easy it is to set up an in-memory UserDetailsService and dynamically add users to the applications. However, we all know that the implementation is only good for demos and short-lived applications. Once these applications are stopped, All the information about the users is lost. This is why…

In-Memory UserDetailsService in Spring Security

In this post, we will take a look at how the default in-memory UserDetailsService works in Spring Boot application. Default behaviour The default autoconfiguration provides an InMemoryUserDetailsManager that generates a single user for the application to support. We can override these user properties to an extent with changes to application.properties file. For instance, you can change the default username…