Tagged articles

Authorization

233 articles · Page 3 of 3
Laravel Tech Community
Laravel Tech Community
Apr 25, 2020 · Backend Development

Laravel Auth Cheat Sheet

This cheat sheet provides a concise reference of Laravel's Auth facade methods for user authentication and session handling, as well as Gate-based authorization techniques, including ability definitions, permission checks, policy generation, and controller or middleware integration.

AuthorizationLaravelPHP
0 likes · 5 min read
Laravel Auth Cheat Sheet
Laravel Tech Community
Laravel Tech Community
Apr 14, 2020 · Backend Development

Laravel Authorization: Using Gates and Policies

This guide explains Laravel's built‑in authorization features, covering how to define and register Gates and Policies, how to check permissions via the Gate facade, middleware, controller helpers, Blade directives, and includes practical code examples for common CRUD actions.

AuthorizationLaravelPHP
0 likes · 15 min read
Laravel Authorization: Using Gates and Policies
Architecture Digest
Architecture Digest
Dec 29, 2019 · Information Security

Spring Security Guide: Authentication, Authorization, and Customizing Filter Chains

This guide introduces Spring Security fundamentals, explaining authentication and authorization concepts, the core interfaces such as AuthenticationManager and AccessDecisionManager, how to configure them with Spring Boot, customize filter chains, apply method‑level security, and handle thread‑bound security contexts for asynchronous processing.

AuthorizationJavaSpring Boot
0 likes · 18 min read
Spring Security Guide: Authentication, Authorization, and Customizing Filter Chains
Programmer DD
Programmer DD
Dec 19, 2019 · Information Security

Master Role-Based Access Control with Spring Security: Practical Guide

This article explains how to implement role‑based access control in Spring Security by embedding roles into UserDetails, configuring HttpSecurity with hasRole/hasAnyRole/hasAuthority, handling anonymous users, and using permitAll, providing code examples and detailed explanations for each approach.

AuthorizationBackend SecurityJava
0 likes · 7 min read
Master Role-Based Access Control with Spring Security: Practical Guide
Programmer DD
Programmer DD
Dec 7, 2019 · Information Security

Master Spring Security Exception Handling: From Authentication to Access Denied

This article explains the different exception types in Spring Security, how HTTP status codes map to authentication and authorization failures, and provides concrete implementations of AuthenticationEntryPoint and AccessDeniedHandler that return JSON responses, along with configuration tips for integrating them into a Spring Boot application.

AuthorizationJavaSpring Security
0 likes · 8 min read
Master Spring Security Exception Handling: From Authentication to Access Denied
Programmer DD
Programmer DD
Aug 26, 2019 · Cloud Native

Mastering Kubernetes RBAC: From Basics to Advanced Auditing Tools

This article explains Kubernetes RBAC fundamentals, demonstrates how to create roles, bindings, and service accounts, and introduces practical auditing commands and tools such as kubectl can‑i, who‑can, rakkess, rback, and RBAC‑View, helping you secure clusters with least‑privilege policies.

AuditingAuthorizationRBAC
0 likes · 12 min read
Mastering Kubernetes RBAC: From Basics to Advanced Auditing Tools
360 Quality & Efficiency
360 Quality & Efficiency
Aug 15, 2019 · Information Security

Understanding the OAuth Authorization Flow Using a WeChat Login Example

This article explains the OAuth authorization process, illustrating how a third‑party app like a WeChat‑based login requests user permission, obtains a code, exchanges it for an access token, and uses that token to access user data, while highlighting token expiration and business‑scenario applications.

Access TokenAuthorizationOAuth
0 likes · 4 min read
Understanding the OAuth Authorization Flow Using a WeChat Login Example
Programmer DD
Programmer DD
Aug 10, 2019 · Information Security

Secure Your Spring Boot App with Apache Shiro: Auth, Authz, and Redis

This article walks through integrating Apache Shiro into a Spring Boot project to handle authentication, authorization, session management, and caching, including custom realms, Redis-backed sessions, and cache managers, while providing detailed code examples and configuration guidance.

Apache ShiroAuthorizationJava Security
0 likes · 20 min read
Secure Your Spring Boot App with Apache Shiro: Auth, Authz, and Redis
macrozheng
macrozheng
May 15, 2019 · Information Security

Implement Login, Registration and JWT Authentication in Spring Boot

This tutorial walks through building a Spring Boot backend with user registration, login, JWT token generation, Swagger UI configuration, and method-level permission annotations, providing complete code examples and step‑by‑step instructions for secure authentication and authorization.

AuthorizationSpring BootSwagger
0 likes · 13 min read
Implement Login, Registration and JWT Authentication in Spring Boot
macrozheng
macrozheng
May 13, 2019 · Backend Development

How to Secure a Spring Boot API with Spring Security and JWT

This tutorial shows how to integrate Spring Security and JWT into a Spring Boot backend to implement user login and authorization, configure Swagger‑UI to automatically include the token, and provides all necessary code snippets, configuration files, and utility classes for a complete authentication solution.

AuthorizationJavaRedis
0 likes · 21 min read
How to Secure a Spring Boot API with Spring Security and JWT
Weimob Technology Center
Weimob Technology Center
Dec 28, 2018 · Mobile Development

12 Must‑Know Mini Program Tips to Avoid Common Pitfalls

Discover essential solutions for common WeChat Mini Program challenges—including plugin relative paths, generating QR codes, swiper current reset, template message limits, subpackage size rules, retrieving unionId, H5‑MiniProgram navigation, canvas overlay handling, image sharing ratios, authorization flows, and data binding constraints.

AuthorizationCanvasData Binding
0 likes · 7 min read
12 Must‑Know Mini Program Tips to Avoid Common Pitfalls
Tencent Cloud Developer
Tencent Cloud Developer
Dec 18, 2018 · Information Security

Designing a Relatively Secure Account System: Authentication, Authorization, and Auditing

Designing a relatively secure account system requires integrating strong multi-factor authentication, fine-grained authorization models like RBAC or ABAC, and continuous real-time and offline auditing to mitigate breaches, while recognizing that absolute security is impossible and ongoing vigilance is essential.

Access ControlAuthorizationaccount security
0 likes · 17 min read
Designing a Relatively Secure Account System: Authentication, Authorization, and Auditing
ITFLY8 Architecture Home
ITFLY8 Architecture Home
Dec 4, 2018 · Information Security

How to Secure Microservices: From SSO to JWT and OAuth2 Explained

This article explores the evolution of authentication and authorization from monolithic to microservice architectures, comparing traditional session-based methods with modern token solutions like JWT and OAuth2, and provides practical guidance on implementing secure, scalable access control across dozens of services.

AuthorizationJWTMicroservices
0 likes · 18 min read
How to Secure Microservices: From SSO to JWT and OAuth2 Explained
UC Tech Team
UC Tech Team
Nov 16, 2018 · Information Security

Understanding OAuth Authorization Flow and Grant Types

This article explains the OAuth protocol, its role in providing secure third‑party access to user resources, describes the overall authorization architecture, outlines the involved parties and step‑by‑step flow, and details the four main grant types along with token refresh mechanisms.

APIAccess TokenAuthorization
0 likes · 6 min read
Understanding OAuth Authorization Flow and Grant Types
Java Captain
Java Captain
Oct 14, 2018 · Information Security

Apache Shiro Java Security Framework Overview and Integration Guide

This article introduces Apache Shiro as a powerful Java security framework, explains its core components such as Subject, SecurityManager, Authenticator, Authorizer, Realm, SessionManager, CacheManager and Cryptography, and provides step‑by‑step integration instructions with Maven, XML configuration, custom realm code, controller logic and JSP tag usage.

Apache ShiroAuthorizationJava Security
0 likes · 10 min read
Apache Shiro Java Security Framework Overview and Integration Guide
Big Data and Microservices
Big Data and Microservices
Jul 23, 2018 · Information Security

Understanding Apache Shiro: Core Concepts and Architecture Explained

This article introduces Apache Shiro, a lightweight Java security framework, and explains its three core concepts—Subject, SecurityManager, and Realms—while detailing the full system architecture including authenticators, authorizers, session management, caching, and cryptography components.

Apache ShiroAuthorizationJava Security
0 likes · 5 min read
Understanding Apache Shiro: Core Concepts and Architecture Explained
Java Captain
Java Captain
Apr 27, 2018 · Information Security

Integrating Apache Shiro with Spring MVC: Detailed Example and Configuration Guide

This article provides a step‑by‑step tutorial on using Apache Shiro for authentication, authorization, session management and encryption in a Java web project, covering Maven dependencies, custom Realm implementation, Spring XML configuration, servlet filter setup, controller logic, JSP login page, demo screenshots and common pitfalls.

Apache ShiroAuthorizationJava Security
0 likes · 17 min read
Integrating Apache Shiro with Spring MVC: Detailed Example and Configuration Guide
21CTO
21CTO
Jan 11, 2018 · Information Security

What Is Permission? Uncovering the Core of Access Control

This article explains the fundamental nature of permissions as limited authorized access to protected resources, defines what constitutes a resource in software, outlines permission classifications by method and layer, describes the control model using receptor‑ligand analogy, and summarizes the three core components of a permission system.

Access ControlAuthorizationPermission Management
0 likes · 7 min read
What Is Permission? Uncovering the Core of Access Control
Programmer DD
Programmer DD
Jan 2, 2018 · Information Security

Understanding Spring Security Architecture: Authentication, Authorization, and Filter Chains

This guide provides a deep dive into Spring Security's architecture, explaining how authentication and authorization are separated, how the AuthenticationManager and AccessDecisionManager work, how web filter chains are organized, and how to apply method‑level security and thread‑local context handling in Java applications.

AuthorizationFilter ChainJava
0 likes · 17 min read
Understanding Spring Security Architecture: Authentication, Authorization, and Filter Chains
Architecture Digest
Architecture Digest
Jan 2, 2018 · Information Security

Understanding the Essence of Permissions: Resources, Access, and Authorization Models

This article explains the fundamental nature of permissions as limited licensed access to protected resources, defines what constitutes a resource in software, outlines resource identification and limitation, and describes permission classifications, control models, and authorization mechanisms such as role‑based access.

Access ControlAuthorizationResource Management
0 likes · 7 min read
Understanding the Essence of Permissions: Resources, Access, and Authorization Models
dbaplus Community
dbaplus Community
Sep 9, 2017 · Information Security

Why MongoDB Nodes Are Getting Hijacked and How to Secure Them

The article examines the widespread exposure of MongoDB instances on default ports, outlines how attackers hijack them, and provides concrete steps—including enabling authentication, configuring role‑based access, encrypting traffic, and limiting network exposure—to secure MongoDB deployments.

AuthorizationEncryptionMongoDB
0 likes · 7 min read
Why MongoDB Nodes Are Getting Hijacked and How to Secure Them
Architecture Digest
Architecture Digest
Sep 5, 2017 · Information Security

Security Authentication and Authorization Strategies for Microservice Architecture

This article examines the challenges of securing microservice architectures and compares various authentication and authorization approaches—including SSO, distributed sessions, client‑token schemes, JWT, and OAuth 2.0—to help developers choose suitable solutions for efficient and fine‑grained access control.

AuthorizationJWTMicroservices
0 likes · 15 min read
Security Authentication and Authorization Strategies for Microservice Architecture
Efficient Ops
Efficient Ops
Jan 24, 2016 · Information Security

From 1.0 to 3.0: The Evolution and Architecture of Jumpserver Bastion Host

This article chronicles the development milestones, architectural design, and practical lessons learned while building Jumpserver—from its humble 1.0 prototype to the feature‑rich 3.0 release—offering deep insights for developers and security engineers interested in open‑source bastion solutions.

AuthorizationJumpServeraudit
0 likes · 21 min read
From 1.0 to 3.0: The Evolution and Architecture of Jumpserver Bastion Host
Java High-Performance Architecture
Java High-Performance Architecture
Oct 29, 2015 · Information Security

How OAuth2 Secures Third‑Party Access: A Complete Guide

OAuth2 provides a secure, open standard that lets third‑party applications obtain limited user access without exposing passwords, using a token‑based flow involving resource owners, clients, resource servers, and authorization servers, illustrated through a step‑by‑step authorization process.

APIAccess TokenAuthorization
0 likes · 4 min read
How OAuth2 Secures Third‑Party Access: A Complete Guide
Architect
Architect
Oct 21, 2015 · Backend Development

Introduction to REST API Design and Security Practices

This article explains the fundamentals of REST APIs, outlines HTTP methods, recommends JSON payloads, and details authentication, authorization, URL filtering, encryption, rate limiting, error handling, and other security measures for building robust backend services.

AuthorizationBackend DevelopmentREST API
0 likes · 10 min read
Introduction to REST API Design and Security Practices