BestHub
Sign in
Backend Development 14 min read

Master JWT: Secure Token Authentication with Spring Boot, Angular & JJWT

This guide explains what JWT is, its structure, security best practices, and demonstrates a complete implementation using the JJWT Java library together with Spring Boot and Angular, including Maven setup, filter, controllers, and a front‑end example to authenticate users and enforce role‑based access.

Programmer DD
Programmer DD
Programmer DD
Master JWT: Secure Token Authentication with Spring Boot, Angular & JJWT

What is JWT?

JWTs are JSON Web Tokens, a compact, URL‑safe representation of a JSON object consisting of name/value pairs.

They allow transmitting information that can be trusted because they are signed and optionally encrypted, and they are Base64‑URL encoded.

JWT Structure

Header : contains metadata such as the signing algorithm.

Claims : the payload with the information you want to transmit.

Signature (JWS) : the digital signature generated using the algorithm specified in the header.

Header:
{
  "alg": "HS256",
  "typ": "JWT"
}
Claims:
{
  "sub": "1234567890",
  "name": "John Doe",
  "admin": true
}
Signature:
base64UrlEncode(Header) + "." + base64UrlEncode(Claims)

Example of an encrypted token:

Ensuring JWT Security

Always verify the signature before trusting any data. Reject tokens with the "none" algorithm. Keep the secret signing key confidential and never include sensitive data in the token payload. Use a nonce (jti), expiration (exp) and issued‑at (iat) claims to mitigate replay attacks.

JJWT Library

JJWT is a free, open‑source Java library (Apache 2.0) that simplifies creating and verifying JWTs on the JVM. It follows the JWT, JWS, JWE, JWK, and JWA RFC specifications and adds convenient extensions such as token compression and required claims.

Supported Algorithms

HS256, HS384, HS512

RS256, RS384, RS512

PS256, PS384, PS512

ES256, ES384, ES512

Sample Maven Configuration

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>com.nibado.example</groupId>
    <artifactId>jwt-angular-spring</artifactId>
    <version>0.0.2-SNAPSHOT</version>
    <properties>
        <maven.compiler.source>1.8</maven.compiler.source>
        <maven.compiler.target>1.8</maven.compiler.target>
        <commons.io.version>2.4</commons.io.version>
        <jjwt.version>0.6.0</jjwt.version>
        <junit.version>4.12</junit.version>
        <spring.boot.version>1.5.3.RELEASE</spring.boot.version>
    </properties>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <version>${spring.boot.version}</version>
                <executions>
                    <execution>
                        <goals>
                            <goal>repackage</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>
        </plugins>
    </build>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
            <version>${spring.boot.version}</version>
        </dependency>
        <dependency>
            <groupId>commons-io</groupId>
            <artifactId>commons-io</artifactId>
            <version>${commons.io.version}</version>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>${jjwt.version}</version>
        </dependency>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>${junit.version}</version>
        </dependency>
    </dependencies>
</project>

Key Java Classes

WebApplication.java – registers a JwtFilter for URLs under /api/* and starts the Spring Boot application.

JwtFilter.java – extracts the token from the Authorization header, validates the signature with the secret key, and stores the claims in the request.

UserController.java – provides a /user/login endpoint that authenticates a hard‑coded user map and returns a signed JWT containing the username and roles.

ApiController.java – demonstrates role‑based access by checking the roles claim from the token.

Front‑end Example (AngularJS)

The index.html page shows a simple login form. After a successful login the JWT is stored in the Authorization header for subsequent API calls. The app.js module defines a controller and a service that handle login, role checks, and logout.

Running the application displays the generated token and shows role‑based UI elements based on the JWT claims.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

securityAuthenticationAngularJSON Web Tokenjjwt
Programmer DD
Written by

Programmer DD

A tinkering programmer and author of "Spring Cloud Microservices in Action"

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment