BestHub
Sign in
Tag

Authorization

1 views collected around this technical thread.

Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Jun 6, 2025 · Backend Development

Secure Spring Boot 3 APIs: 5 Methods with Filters, Interceptors, AOP, OAuth2

This article presents five practical approaches to protect Spring Boot 3 API endpoints—including Filter, Interceptor, AOP combined with Filter, Spring Security, and OAuth2 integration—providing code examples, configuration steps, and screenshots to demonstrate authentication, authorization, and token handling for secure access control.

API securityAuthenticationAuthorization
0 likes · 11 min read
Secure Spring Boot 3 APIs: 5 Methods with Filters, Interceptors, AOP, OAuth2
Java Captain
Java Captain
Jun 3, 2025 · Information Security

Integrating Spring Security with Spring Boot for JWT Authentication and Authorization

This article demonstrates how to integrate Spring Security into a Spring Boot application, configure JWT‑based authentication, implement custom AES encryption, define user and role entities, set up service and controller layers, and configure security, filter, and CORS settings to achieve secure login and permission management.

AuthenticationAuthorizationJWT
0 likes · 19 min read
Integrating Spring Security with Spring Boot for JWT Authentication and Authorization
Raymond Ops
Raymond Ops
Apr 24, 2025 · Cloud Native

Mastering Istio Security: Complete Guide to Mutual TLS, Authentication, and Authorization

This article explains how Istio secures micro‑service architectures by providing strong identity, fine‑grained access policies, transparent TLS encryption, and comprehensive AAA (authentication, authorization, audit) mechanisms, covering high‑level architecture, certificate management, peer and request authentication, and authorization policy design.

AuthenticationAuthorizationIstio
0 likes · 23 min read
Mastering Istio Security: Complete Guide to Mutual TLS, Authentication, and Authorization
Code Ape Tech Column
Code Ape Tech Column
Apr 14, 2025 · Information Security

Understanding Common Access Control Models: ACL, DAC, MAC, ABAC, and RBAC

This article explains the five mainstream access control models—ACL, DAC, MAC, ABAC, and RBAC—detailing their principles, examples, advantages, drawbacks, and practical extensions such as role hierarchies, constraints, and real‑world system design considerations for user, role, and permission management.

ACLAccess ControlAuthorization
0 likes · 18 min read
Understanding Common Access Control Models: ACL, DAC, MAC, ABAC, and RBAC
Code Mala Tang
Code Mala Tang
Apr 5, 2025 · Information Security

Secure FastAPI APIs with JWT: Step‑by‑Step Authentication & Role‑Based Authorization

Learn how to implement stateless JWT authentication and role‑based authorization in FastAPI, covering token structure, installation of PyJWT, creating login and protected endpoints, custom dependencies, and testing via Swagger UI, while highlighting security benefits and best practices for robust backend APIs.

AuthenticationAuthorizationJWT
0 likes · 11 min read
Secure FastAPI APIs with JWT: Step‑by‑Step Authentication & Role‑Based Authorization
Top Architect
Top Architect
Mar 16, 2025 · Information Security

OAuth 2.0 Overview and Spring Boot Implementation Guide

This article introduces OAuth 2.0 concepts, roles, and grant types, then provides a step‑by‑step Spring Boot implementation with configuration classes, dependency setup, resource server configuration, test controller code, and demonstrates how to obtain and use access tokens, followed by a series of promotional offers.

AuthorizationOAuth2Security
0 likes · 14 min read
OAuth 2.0 Overview and Spring Boot Implementation Guide
Code Ape Tech Column
Code Ape Tech Column
Feb 4, 2025 · Backend Development

Sa-Token Java Permission Authentication Framework: Overview, Login, and Permission Implementation

This article introduces the lightweight Sa-Token Java authentication framework, explains why it is chosen over Spring Security and Shiro, details its login and permission APIs with code examples, shows how to configure it in Spring Boot and WebFlux projects, and lists its extensive feature set for secure backend development.

AuthenticationAuthorizationJava
0 likes · 23 min read
Sa-Token Java Permission Authentication Framework: Overview, Login, and Permission Implementation
Architecture Digest
Architecture Digest
Jan 22, 2025 · Information Security

Design and Evolution of Permission Management Models (RBAC)

This article explains why permission management is essential, describes various permission models from basic data‑view and edit rights to hierarchical menu and button controls, introduces role‑based access control (RBAC) and its extensions such as role inheritance, constraints, user groups, organizations and positions, and finally presents ideal RBAC table designs for large‑scale systems.

Access ControlAuthorizationPermission Management
0 likes · 14 min read
Design and Evolution of Permission Management Models (RBAC)
Code Ape Tech Column
Code Ape Tech Column
Jan 20, 2025 · Backend Development

Integrating Spring Cloud Gateway with OAuth2.0 for Unified Authentication and Authorization

This article demonstrates how to integrate Spring Cloud Gateway with OAuth2.0 to build a unified authentication and authorization solution for microservices, covering architecture design, service setup, JWT token handling, custom authentication and authorization managers, exception handling, and end‑to‑end testing.

AuthenticationAuthorizationMicroservices
0 likes · 10 min read
Integrating Spring Cloud Gateway with OAuth2.0 for Unified Authentication and Authorization
Top Architect
Top Architect
Dec 26, 2024 · Information Security

OAuth2.0 Overview and Spring Boot Implementation Guide

This article introduces OAuth2.0 concepts, outlines its roles and grant types, and provides a step‑by‑step Spring Boot implementation of an authorization server, resource server, and test client, followed by test results and promotional information.

AuthorizationJavaOAuth2
0 likes · 12 min read
OAuth2.0 Overview and Spring Boot Implementation Guide
Selected Java Interview Questions
Selected Java Interview Questions
Dec 25, 2024 · Backend Development

Integrating jCasbin Permission Management into Spring Boot Applications

This article explains how to replace Shiro with jCasbin for permission management in Spring Boot, covering Maven dependency setup, configuration files, Enforcer initialization, custom policy handling, and a simple servlet filter for runtime authorization checks.

AuthorizationJavaSpring Boot
0 likes · 10 min read
Integrating jCasbin Permission Management into Spring Boot Applications
Top Architect
Top Architect
Dec 22, 2024 · Information Security

Understanding OAuth2.0: Principles, Architecture, and Implementation

This article provides a comprehensive overview of OAuth2.0, explaining its core concepts, the roles of resource owner, client, authorization server, and resource server, illustrating the full authorization flow with diagrams, clarifying related terminology such as authentication, delegation, and roles, and finally noting additional promotional material.

AuthenticationAuthorizationOAuth2.0
0 likes · 14 min read
Understanding OAuth2.0: Principles, Architecture, and Implementation
Architect
Architect
Dec 6, 2024 · Backend Development

Microservice Permission Design and Implementation with Shiro in Spring Boot

This article presents a comprehensive guide to designing and implementing fine‑grained permission control for microservices using Apache Shiro, covering the architectural design, shared session handling with Redis, custom cache and session managers, realm implementation, and practical testing across user and video services.

AuthorizationJavaMicroservices
0 likes · 24 min read
Microservice Permission Design and Implementation with Shiro in Spring Boot
Java Architect Essentials
Java Architect Essentials
Nov 29, 2024 · Information Security

Combining JWT and Session for Secure User Authentication and Authorization

This article explains the complementary roles of JWT and server‑side Session in user authentication and authorization, outlines why Session is needed for added security and lifecycle management, and provides Java code examples demonstrating their integrated usage.

AuthenticationAuthorizationJWT
0 likes · 7 min read
Combining JWT and Session for Secure User Authentication and Authorization
37 Interactive Technology Team
37 Interactive Technology Team
Nov 27, 2024 · Cloud Native

Kubernetes RBAC Permission Authentication: Concepts, Components, and Production Scenarios

Kubernetes RBAC authenticates users and programs by verifying who can perform which verbs on which resources, using ServiceAccounts, Roles, RoleBindings, ClusterRoles and ClusterRoleBindings, and the article demonstrates these concepts through production scenarios such as a TCF framework pod communication setup and full‑admin access via token‑based kubeconfig.

AuthorizationKubernetesRBAC
0 likes · 8 min read
Kubernetes RBAC Permission Authentication: Concepts, Components, and Production Scenarios
37 Interactive Technology Team
37 Interactive Technology Team
Nov 11, 2024 · Information Security

Background, Definition, Structure, and Authentication Process of JWT (JSON Web Token)

JSON Web Token (JWT) is a compact, self‑contained, stateless token that encodes header, payload, and signature in Base64URL, enabling secure, signature‑verified authentication without server‑side session storage, simplifying scaling, supporting cross‑domain use, while offering advantages like lightweight extensibility and drawbacks such as revocation difficulty and secret‑key reliance.

AuthenticationAuthorizationJSON
0 likes · 16 min read
Background, Definition, Structure, and Authentication Process of JWT (JSON Web Token)
php中文网 Courses
php中文网 Courses
Aug 27, 2024 · Backend Development

Laravel Policy-Based Authorization: Creation, Registration, and Usage Guide

This article explains how Laravel's policy-based authorization works, covering policy creation, registration, usage in controllers and Blade, custom methods, response handling, guest user support, and testing, with full code examples for implementing secure and maintainable access control.

Access ControlAuthorizationGate
0 likes · 5 min read
Laravel Policy-Based Authorization: Creation, Registration, and Usage Guide
Top Architect
Top Architect
Aug 11, 2024 · Information Security

Deep Dive into Spring Security Architecture and Implementation Principles

This article provides an in‑depth analysis of Spring Security 6.x architecture, explaining its filter‑chain design, authentication and authorization mechanisms, key components such as DelegatingFilterProxy, FilterChainProxy, SecurityFilterChain, and offers code examples and practical guidance for developers.

AuthenticationAuthorizationJava
0 likes · 31 min read
Deep Dive into Spring Security Architecture and Implementation Principles
Architect's Guide
Architect's Guide
Jul 27, 2024 · Information Security

Understanding OAuth 2.0: Principles, Architecture, and Implementation

This article explains the OAuth 2.0 authorization framework, its core concepts, architecture, key roles, and implementation patterns for web, user‑agent, and native applications, helping readers grasp how delegated access works without sharing user credentials.

APIAuthenticationAuthorization
0 likes · 9 min read
Understanding OAuth 2.0: Principles, Architecture, and Implementation
Java Architecture Diary
Java Architecture Diary
Jul 24, 2024 · Backend Development

Dynamic Annotations and Return Object Protection in Spring Security 6.3

This article explains the new authorization features of Spring Boot 3.3 and Spring Security 6.3, including dynamic annotation parameters, return‑object protection for data security, and custom 403 error handling with code examples and practical guidance.

Access Denied HandlingAuthorizationDynamic Annotations
0 likes · 7 min read
Dynamic Annotations and Return Object Protection in Spring Security 6.3