Tagged articles

Spring Security

208 articles · Page 1 of 3
IoT Full-Stack Technology
IoT Full-Stack Technology
Jun 15, 2026 · Backend Development

Quickly Secure Spring Boot APIs with RSA Encryption

This article walks through the fundamentals of RSA encryption, illustrates two communication scenarios, and provides a step‑by‑step guide to add RSA‑based request/response encryption to a Spring Boot project—including Maven setup, annotation usage, key configuration, front‑end JavaScript encryption, testing, and common pitfalls.

API EncryptionJSEncryptJava
0 likes · 11 min read
Quickly Secure Spring Boot APIs with RSA Encryption
Coder Trainee
Coder Trainee
May 31, 2026 · Information Security

Spring Security + OAuth2 Part 5: Managing Clients and Production‑Ready Extensions

This article shows how to move OAuth2 client credentials out of source code into a database, add dynamic registration, multi‑tenant isolation, encrypted secret storage, login‑failure throttling, audit logging, a management REST API, and provides testing steps and common pitfalls.

Client ManagementDatabase PersistenceMulti‑tenant
0 likes · 17 min read
Spring Security + OAuth2 Part 5: Managing Clients and Production‑Ready Extensions
Coder Trainee
Coder Trainee
May 30, 2026 · Information Security

Implementing Fine-Grained Permission Control with Spring Security and OAuth2 (Part 4)

This article walks through building a Spring Security resource server with OAuth2, enabling method‑level, object‑level and URL‑level permission checks using annotations like @PreAuthorize, @PostAuthorize, @PostFilter, and demonstrates configuration, utility helpers, controller examples, testing steps, best practices, and common pitfalls.

JWTJavaPermission control
0 likes · 17 min read
Implementing Fine-Grained Permission Control with Spring Security and OAuth2 (Part 4)
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
May 28, 2026 · Backend Development

5 Advanced Techniques to Preserve Context in Spring Boot Async Calls

In Spring Boot 3.5.0, asynchronous threads lose MDC, security, and request data because ThreadLocal is not shared; the article demonstrates five concrete solutions—including InheritableThreadLocal, thread joining, custom TaskDecorator, Spring Security delegating wrappers, and MDC propagation—each with code samples, pitfalls, and best‑practice warnings.

InheritableThreadLocalMDCSpring Boot
0 likes · 12 min read
5 Advanced Techniques to Preserve Context in Spring Boot Async Calls
Coder Trainee
Coder Trainee
May 28, 2026 · Information Security

Deep Dive into JWT with Spring Security OAuth2: Token Enhancement Techniques

This tutorial explains the JWT structure, shows how to add custom claims such as user ID, department and roles, implements token blacklisting for logout, handles refresh token logic, and provides step‑by‑step code and testing instructions for a Spring Security OAuth2 authentication system.

JWTRedisSpring Boot
0 likes · 16 min read
Deep Dive into JWT with Spring Security OAuth2: Token Enhancement Techniques
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
May 25, 2026 · Backend Development

7 Practical Ways to Secure Spring Boot APIs with Permission Control

This article walks through seven concrete implementations for controlling access to Spring Boot 3.5.0 controller endpoints—including Spring Security, Sa‑Token, custom annotation with AOP, interceptor, URL‑based filter, custom HandlerMapping, and a Spring Cloud Gateway filter—providing code samples, configuration details, and test results to help developers choose the right approach for API security.

AOPAPI SecurityPermission control
0 likes · 14 min read
7 Practical Ways to Secure Spring Boot APIs with Permission Control
Java Tech Workshop
Java Tech Workshop
Apr 25, 2026 · Information Security

Step‑by‑Step Guide to Integrating Spring Boot with OAuth2.0 Authorization and Resource Servers

This article walks through building a complete OAuth2.0 solution in Spring Boot, covering core concepts, a comparison of the four grant types, project initialization, detailed configuration of the authorization and resource servers, custom login pages, end‑to‑end testing, advanced optimizations, and security best‑practice recommendations.

JWTJavaSpring Boot
0 likes · 24 min read
Step‑by‑Step Guide to Integrating Spring Boot with OAuth2.0 Authorization and Resource Servers
Coder Trainee
Coder Trainee
Apr 16, 2026 · Backend Development

Building a Tech Blog from Scratch (Part 2): Implementing Login Authentication with Spring Security and JWT

This article walks through creating a complete login authentication system—including registration, login, token refresh, and permission control—by replacing Spring Security's default session handling with JWT, configuring backend filters and utilities, and integrating a Vue 3 + Pinia front‑end with automatic token renewal.

JWTSpring BootSpring Security
0 likes · 19 min read
Building a Tech Blog from Scratch (Part 2): Implementing Login Authentication with Spring Security and JWT
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Mar 10, 2026 · Backend Development

Implement Multi-Factor Authentication in Spring Boot 3 with One‑Time Tokens

This guide explains how to add MFA to a Spring Boot 3 application using password plus one‑time token authentication, covering the theory of MFA factors, required dependencies, API definitions, security configuration, token‑generation handling, custom login pages, and the complete verification flow with code snippets and screenshots.

JavaMFASpring Security
0 likes · 10 min read
Implement Multi-Factor Authentication in Spring Boot 3 with One‑Time Tokens
LuTiao Programming
LuTiao Programming
Feb 2, 2026 · Backend Development

2026 Spring Boot Stack Overhaul: 10 Essential Plugins to Adopt Early

The article outlines ten essential Spring Boot plugins—Actuator, Micrometer + Prometheus, OpenTelemetry, Spring Cloud Gateway, Resilience4j, Spring Security, Flyway/Liquibase, Testcontainers, Spring Native/AOT, and structured logging—explaining why each is required for secure, observable, cloud‑native, and cost‑efficient production systems in 2026.

AOTObservabilityResilience4j
0 likes · 9 min read
2026 Spring Boot Stack Overhaul: 10 Essential Plugins to Adopt Early
LuTiao Programming
LuTiao Programming
Jan 21, 2026 · Information Security

Stop Hand‑Coding Login Checks: One Spring Boot 4.0 Annotation Enables Full MFA

The article explains why relying solely on username‑password authentication is risky, introduces multi‑factor authentication (MFA) as the only effective solution, and shows how Spring Boot 4.0’s @EnableMultiFactorAuthentication annotation together with Spring Security 7 lets developers implement MFA with just an annotation, automatic factor tracking, smart redirects, and minimal configuration.

MFASpring BootSpring Security
0 likes · 11 min read
Stop Hand‑Coding Login Checks: One Spring Boot 4.0 Annotation Enables Full MFA
LuTiao Programming
LuTiao Programming
Jan 5, 2026 · Backend Development

8 Spring Boot Trends Shaping 2026: What You Must Adopt Now

The article outlines eight pivotal 2026 Spring Boot trends—from mandatory migration to Java 17 and Jakarta namespaces, GraalVM native images, reactive WebFlux, OpenAPI/GraphQL APIs, zero‑trust Spring Security 6, Spring Cloud governance, Actuator observability, to AI integration—explaining why each matters and how to prepare.

AI integrationGraalVMObservability
0 likes · 8 min read
8 Spring Boot Trends Shaping 2026: What You Must Adopt Now
Java Architecture Diary
Java Architecture Diary
Dec 29, 2025 · Information Security

Why Spring Authorization Server Merged into Spring Security 7.0 and How to Migrate

Spring Authorization Server has been integrated into Spring Security 7.0, ending its independent lifecycle; the article explains the three historical eras, the reasons for the merge, and provides concrete dependency and configuration changes—including Lambda DSL updates—to help developers migrate from SpringBoot3 to SpringBoot4 with minimal effort.

JavaSpring SecuritySpringBoot4
0 likes · 11 min read
Why Spring Authorization Server Merged into Spring Security 7.0 and How to Migrate
Selected Java Interview Questions
Selected Java Interview Questions
Oct 24, 2025 · Backend Development

How to Secure a Spring Boot Application with Spring Security and JWT

This step‑by‑step guide shows how to integrate Spring Security into a Spring Boot project, configure Maven dependencies, define User, Role and Permission entities, set up MyBatis mappers, implement JWT generation and validation, and build the service, controller, and configuration layers for a complete authentication system.

AuthorizationBackend DevelopmentJWT
0 likes · 28 min read
How to Secure a Spring Boot Application with Spring Security and JWT
Ray's Galactic Tech
Ray's Galactic Tech
Sep 20, 2025 · Backend Development

How to Upgrade Spring Boot 2.x to 3.x: Key Pitfalls, Jakarta EE Migration, and Best Practices

This guide explains the major changes when moving from Spring Boot 2.x to 3.x, covering JDK requirements, full Jakarta EE package renaming, third‑party library compatibility, Spring Security redesign, configuration adjustments, testing updates, new features, and step‑by‑step migration recommendations.

Spring Securitybackendspring-boot
0 likes · 10 min read
How to Upgrade Spring Boot 2.x to 3.x: Key Pitfalls, Jakarta EE Migration, and Best Practices
Java Captain
Java Captain
Aug 20, 2025 · Information Security

Build a Secure Spring Boot App in Minutes with Spring Security

This tutorial walks you through adding Spring Security to a Spring Boot project, from adding the starter dependency and creating a simple controller to observing the default login page, understanding the auto‑generated password mechanism, and customizing usernames and passwords for production use.

AuthorizationJavaSpring Boot
0 likes · 9 min read
Build a Secure Spring Boot App in Minutes with Spring Security
Java Architect Essentials
Java Architect Essentials
Jul 19, 2025 · Information Security

Why Spring Security’s Full‑Chain Protection Can Eradicate XSS and SQL Injection

This article explains how a comprehensive, full‑stack security approach using Spring Security—covering request sanitization, parameterized queries, and built‑in authentication, authorization, CSRF and session safeguards—can dramatically reduce XSS and SQL injection vulnerabilities to near zero.

Full-Stack ProtectionJavaParameterization
0 likes · 13 min read
Why Spring Security’s Full‑Chain Protection Can Eradicate XSS and SQL Injection
macrozheng
macrozheng
Jul 7, 2025 · Backend Development

Mastering RBAC with Spring Security and JWT: A Hands‑On Guide

This article walks through the fundamentals of role‑based access control (RBAC), explains RBAC model variants, demonstrates how to configure Spring Security with in‑memory, database, and JWT authentication, and shows JSON‑based login and password encryption techniques for secure backend development.

JWTRBACSpring Security
0 likes · 15 min read
Mastering RBAC with Spring Security and JWT: A Hands‑On Guide
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Jun 12, 2025 · Backend Development

Master Spring Boot 3 Interception: Filters, Security, Interceptors & AOP

This article explains the various interception mechanisms in Spring Boot 3—including Filters, Spring Security filters, MVC Interceptors, AOP, ControllerAdvice, Request/ResponseBodyAdvice, and REST Clients—provides execution flow diagrams, detailed code examples, and practical usage tips for building robust backend applications.

FiltersSpring BootSpring Security
0 likes · 14 min read
Master Spring Boot 3 Interception: Filters, Security, Interceptors & AOP
Java Captain
Java Captain
Jun 3, 2025 · Information Security

Integrating Spring Security with Spring Boot for JWT Authentication and Authorization

This article demonstrates how to integrate Spring Security into a Spring Boot application, configure JWT‑based authentication, implement custom AES encryption, define user and role entities, set up service and controller layers, and configure security, filter, and CORS settings to achieve secure login and permission management.

AuthorizationJWTJava
0 likes · 19 min read
Integrating Spring Security with Spring Boot for JWT Authentication and Authorization
Java Tech Enthusiast
Java Tech Enthusiast
May 19, 2025 · Information Security

Why Validation Matters: Java Bean Validation and Permission Checks

This article explains why both front‑end and back‑end data validation are essential for secure and user‑friendly web applications, introduces Java Bean Validation annotations, shows how to integrate them with Spring MVC, and compares common Java permission‑control frameworks such as Spring Security, Shiro and Sa‑Token.

Bean ValidationData ValidationJava
0 likes · 16 min read
Why Validation Matters: Java Bean Validation and Permission Checks
macrozheng
macrozheng
Feb 27, 2025 · Information Security

Master One-Time Token Login with Spring Security 6.4: A Step-by-Step Guide

This guide explains Spring Security 6.4’s one-time token login feature, covering its concept, authentication flow, core components, and step‑by‑step implementation with code samples, enabling developers to add secure magic‑link authentication to Spring Boot applications.

Backend SecurityMagic LinkSpring Boot
0 likes · 7 min read
Master One-Time Token Login with Spring Security 6.4: A Step-by-Step Guide
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Feb 4, 2025 · Backend Development

How to Add Domain-Based Verification to Spring Security Login in Spring Boot 3

This article announces a Spring Boot 3 case collection with 90 permanent examples, then walks through extending Spring Security login to include domain verification by defining a User entity, repository, custom filter, security configuration, Thymeleaf login page, controller, and test endpoint, complete with code snippets and screenshots.

Backend DevelopmentCustom AuthenticationDomain Login
0 likes · 11 min read
How to Add Domain-Based Verification to Spring Security Login in Spring Boot 3
Java Architecture Diary
Java Architecture Diary
Jan 17, 2025 · Information Security

Why Spring Security 7.0 Forces Lambda DSL and How to Migrate Your Configurations

Spring Security 7.0 drops the traditional chain‑style configuration in favor of a new Lambda DSL, offering clearer hierarchy, type safety, and IDE support; the article explains the breaking change, compares old and new syntax, provides migration examples, and shares tips for custom DSLs and WebFlux security.

Backend DevelopmentLambda DSLSecurity Configuration
0 likes · 9 min read
Why Spring Security 7.0 Forces Lambda DSL and How to Migrate Your Configurations
Top Architect
Top Architect
Nov 27, 2024 · Information Security

Understanding RBAC and Implementing Spring Security with JWT in Java

This article explains the concepts and models of Role‑Based Access Control (RBAC), demonstrates how to configure RBAC permissions in Spring Security, and provides step‑by‑step Java code for integrating JWT authentication, password encryption, and custom login filters for secure backend development.

Backend DevelopmentJWTJava
0 likes · 18 min read
Understanding RBAC and Implementing Spring Security with JWT in Java
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Nov 26, 2024 · Backend Development

Master One-Time Token Login in Spring Boot 3: A Step‑by‑Step Guide

This article explains how to implement One-Time Token (OTT) authentication in Spring Boot 3.4 using Spring Security, covering environment setup, required dependencies, security configuration, token generation handlers, custom storage options, custom login pages, and testing procedures with complete code examples.

Backend AuthenticationSpring BootSpring Security
0 likes · 9 min read
Master One-Time Token Login in Spring Boot 3: A Step‑by‑Step Guide
Top Architect
Top Architect
Nov 23, 2024 · Backend Development

RBAC Permission Analysis and Spring Security Tutorial with JWT Integration

This comprehensive tutorial explains RBAC concepts and models, demonstrates basic Spring Security setup, shows how to integrate JWT for stateless authentication, covers JSON‑based login, password encryption with BCrypt, and database‑backed authentication, providing full code examples for each step.

JWTJavaRBAC
0 likes · 16 min read
RBAC Permission Analysis and Spring Security Tutorial with JWT Integration
Top Architect
Top Architect
Aug 25, 2024 · Information Security

RBAC Permission Analysis and Spring Security Integration with JWT

This article explains the concepts of role‑based access control (RBAC), compares RBAC models, shows how to configure permissions and user groups, and provides step‑by‑step code examples for integrating Spring Security with JWT, JSON login, password encryption and database authentication in Java backend applications.

Access ControlBackend DevelopmentJWT
0 likes · 20 min read
RBAC Permission Analysis and Spring Security Integration with JWT
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Aug 23, 2024 · Backend Development

Master Spring Boot: Complete Roadmap for Enterprise Java Development

This guide walks you through why Java remains vital, explains what Spring Boot is, outlines its core features, and provides a detailed learning roadmap covering Java fundamentals, Spring core concepts, web development, AOP, microservices, databases, security, DevOps tools, and deployment strategies for building robust enterprise applications.

Backend DevelopmentMicroservicesSpring Boot
0 likes · 16 min read
Master Spring Boot: Complete Roadmap for Enterprise Java Development
Su San Talks Tech
Su San Talks Tech
Aug 19, 2024 · Information Security

Mastering RBAC with Spring Security and JWT: A Complete Guide

This tutorial walks through RBAC fundamentals, model classifications (RBAC0‑3), permission and user‑group concepts, then demonstrates practical Spring Security setups including in‑memory authentication, JWT integration, JSON‑based login, password encryption with BCrypt, and database‑backed authentication, providing complete code examples.

AuthorizationJWTJava
0 likes · 19 min read
Mastering RBAC with Spring Security and JWT: A Complete Guide
Top Architect
Top Architect
Aug 11, 2024 · Information Security

Deep Dive into Spring Security Architecture and Implementation Principles

This article provides an in‑depth analysis of Spring Security 6.x architecture, explaining its filter‑chain design, authentication and authorization mechanisms, key components such as DelegatingFilterProxy, FilterChainProxy, SecurityFilterChain, and offers code examples and practical guidance for developers.

AuthorizationJavaSpring Security
0 likes · 31 min read
Deep Dive into Spring Security Architecture and Implementation Principles
Top Architect
Top Architect
Jul 30, 2024 · Information Security

Understanding RBAC and Implementing Spring Security with JWT in Java

This article explains the concepts and models of Role‑Based Access Control (RBAC), demonstrates how to configure Spring Security for in‑memory and JWT‑based authentication, and provides complete Java code examples for permissions, user groups, password encryption, and custom login filters.

Access ControlJWTJava
0 likes · 18 min read
Understanding RBAC and Implementing Spring Security with JWT in Java
IT Architects Alliance
IT Architects Alliance
Jul 26, 2024 · Information Security

Unveiling Spring Security 6: Architecture, Filters, and Authentication Deep Dive

This article provides a comprehensive analysis of Spring Security 6's architecture, explaining how the framework uses a chain of servlet Filters, the DelegatingFilterProxy, and the SecurityFilterChain to implement authentication, authorization, and protection against common attacks, while also offering practical debugging tips and configuration guidance.

AuthorizationFilter ChainJava
0 likes · 32 min read
Unveiling Spring Security 6: Architecture, Filters, and Authentication Deep Dive
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Jul 7, 2024 · Backend Development

Master Spring Security Method-Level Authorization with @PreAuthorize

This tutorial walks through enabling Spring Security method-level protection in a Spring Boot 2.7.16 project, covering @EnableGlobalMethodSecurity, role and authority checks, custom PermissionEvaluator, parameter access, custom annotations, and bean‑based permission rules with practical code examples.

PermissionEvaluatorSpring Securitymethod-security
0 likes · 8 min read
Master Spring Security Method-Level Authorization with @PreAuthorize
Top Architect
Top Architect
Jul 5, 2024 · Information Security

Deep Dive into Spring Security Architecture: Authentication, Authorization, and Filter Chains

This article explains the core architecture of Spring Security 6.x, detailing how a chain of servlet Filters implements authentication and authorization, the role of DelegatingFilterProxy, SecurityFilterChain, and the extensible components such as AuthenticationManager, UserDetailsService, and PasswordEncoder.

AuthorizationJavaSpring Security
0 likes · 31 min read
Deep Dive into Spring Security Architecture: Authentication, Authorization, and Filter Chains
Architect
Architect
Jul 1, 2024 · Information Security

Spring Security 6.1 Deep Dive: Architecture, Filters, and Authentication Explained

This article provides a comprehensive analysis of Spring Security 6.1, covering its core architecture, the role of FilterChainProxy, detailed authentication and authorization flows, key interfaces such as SecurityFilterChain, AuthenticationManager, and practical code examples to help developers understand and debug the framework.

AuthorizationFilterChainJava
0 likes · 34 min read
Spring Security 6.1 Deep Dive: Architecture, Filters, and Authentication Explained
Selected Java Interview Questions
Selected Java Interview Questions
Jun 28, 2024 · Backend Development

Integrating JWT and Spring Security with a Custom SM4 PasswordEncoder in Spring Boot

This article demonstrates how to secure a Spring Boot 2.7.7 application using JWT, Spring Security, and a custom SM4‑based PasswordEncoder, covering dependency setup, security configuration, custom authentication components, token validation filter, and a login endpoint implementation.

Backend DevelopmentCustom PasswordEncoderJWT
0 likes · 14 min read
Integrating JWT and Spring Security with a Custom SM4 PasswordEncoder in Spring Boot
Top Architect
Top Architect
Jun 12, 2024 · Information Security

Understanding RBAC and Implementing Spring Security with JWT

This article explains the fundamentals of Role‑Based Access Control (RBAC), its model classifications, permission concepts, and user‑group usage, then demonstrates how to implement RBAC in a Spring Security application, including in‑memory authentication, JWT integration, JSON login, and password encryption techniques.

Access ControlJWTJava
0 likes · 17 min read
Understanding RBAC and Implementing Spring Security with JWT
Java High-Performance Architecture
Java High-Performance Architecture
Jun 4, 2024 · Backend Development

Master Spring Security & JWT for Seamless Single Sign-On (SSO)

This comprehensive guide walks you through the concepts of Single Sign-On, the mechanics of JWT, RSA asymmetric encryption, and step‑by‑step integration of Spring Security with JWT, providing full Maven project setup, configuration files, utility classes, custom filters, and testing instructions for a robust distributed authentication system.

Backend DevelopmentJWTJava
0 likes · 25 min read
Master Spring Security & JWT for Seamless Single Sign-On (SSO)
Architect's Guide
Architect's Guide
May 19, 2024 · Information Security

RBAC Permission Analysis and Spring Security Integration with JWT

This article explains the fundamentals of role‑based access control (RBAC), its model variants, and user‑group usage, then demonstrates how to configure Spring Security with in‑memory authentication, integrate JWT for stateless token‑based authentication, customize JSON login, and securely encrypt passwords using BCrypt.

Access ControlJWTJava
0 likes · 15 min read
RBAC Permission Analysis and Spring Security Integration with JWT
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
May 2, 2024 · Information Security

Master Spring Security: From Basic Auth to Custom Login Pages

This article walks through Spring Security fundamentals, covering authentication mechanisms, authorization configuration, dependency setup, custom user details with database integration, and how to replace the default login page with a custom one, all illustrated with code snippets and screenshots.

AuthorizationSpring BootSpring Security
0 likes · 8 min read
Master Spring Security: From Basic Auth to Custom Login Pages
macrozheng
macrozheng
Apr 25, 2024 · Backend Development

How to Upgrade the Mall Project to Spring Boot 3 & JDK 17 – Complete Guide

This article walks through upgrading the open‑source Mall e‑commerce system to Spring Boot 3 and JDK 17, covering dependency version updates, migration from SpringFox to SpringDoc, new Spring Data Elasticsearch usage, revised Spring Security configuration, Docker deployment tips, and essential code changes.

Backend DevelopmentElasticsearchJava
0 likes · 19 min read
How to Upgrade the Mall Project to Spring Boot 3 & JDK 17 – Complete Guide
Java Architect Essentials
Java Architect Essentials
Apr 10, 2024 · Information Security

Implementing JWT‑Based Authentication and RBAC with Spring Security in a Spring Boot Application

This article demonstrates how to integrate JWT token authentication and role‑based access control (RBAC) into a Spring Boot backend using Spring Security, covering model classification, dependency setup, user details implementation, token utilities, filters, configuration, and login handling with code examples.

Backend DevelopmentJavaRBAC
0 likes · 15 min read
Implementing JWT‑Based Authentication and RBAC with Spring Security in a Spring Boot Application
Architect
Architect
Mar 20, 2024 · Information Security

RBAC Permission Analysis and Spring Security JWT Integration Tutorial

This tutorial explains RBAC concepts and model classifications, demonstrates permission and user‑group management, and provides step‑by‑step guidance for implementing Spring Security with in‑memory authentication, JWT integration, JSON login, password encryption, and database authentication using Java code examples.

Access ControlJWTJava
0 likes · 18 min read
RBAC Permission Analysis and Spring Security JWT Integration Tutorial
Selected Java Interview Questions
Selected Java Interview Questions
Feb 25, 2024 · Information Security

Custom Authorization Annotations in Spring Security: Design, Implementation, and Usage

This article explores how to create and use custom authorization annotations in Spring Security to achieve more flexible, expressive, and maintainable permission checks, covering the basics of Spring Security, advantages of custom annotations, step‑by‑step implementation, and additional use‑case scenarios.

Backend SecurityJavaSpring Security
0 likes · 9 min read
Custom Authorization Annotations in Spring Security: Design, Implementation, and Usage
Programmer DD
Programmer DD
Feb 17, 2024 · Backend Development

How to Seamlessly Upgrade Spring Boot 2.x to 3.x: Step‑by‑Step Guide

This guide explains why upgrading from Spring Boot 2.x to 3.x is essential, outlines the required JDK 17 migration, Spring Boot version bump, configuration property changes, Jakarta EE transition, and updates to Spring Security, Kafka, RestTemplate, and OpenAPI integration, providing code examples for each step.

OpenAPISpring BootSpring Security
0 likes · 10 min read
How to Seamlessly Upgrade Spring Boot 2.x to 3.x: Step‑by‑Step Guide
Architect
Architect
Feb 13, 2024 · Information Security

Implementing API Key Authentication in Spring Security for REST APIs

This tutorial explains how to secure a Spring Boot REST API using API key authentication, covering the addition of Maven dependencies, creating a custom filter, extending AbstractAuthenticationToken, configuring the security filter chain, and testing the protected endpoint with curl commands.

API keyJavaREST API
0 likes · 8 min read
Implementing API Key Authentication in Spring Security for REST APIs
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Feb 2, 2024 · Backend Development

Master Spring Security 5.7+ Config: From WebSecurityConfigurerAdapter to SecurityFilterChain

This guide explains how Spring Security configuration changed after version 5.7, covering the shift from WebSecurityConfigurerAdapter to SecurityFilterChain beans, multiple filter chain setup, in‑memory user definitions, custom authorization decisions, and shared authentication components, with full code examples.

AuthorizationJavaSecurityFilterChain
0 likes · 7 min read
Master Spring Security 5.7+ Config: From WebSecurityConfigurerAdapter to SecurityFilterChain
Architect
Architect
Jan 17, 2024 · Backend Development

How to Build a Custom Spring Security Authentication Flow with Redis Token Management

This article walks through the complete process of implementing a custom login authentication in Spring Boot, including custom authentication filters, success/failure handlers, a token stored in Redis, role‑based URL security, and detailed configuration of Spring Security headers and session handling.

Custom AuthenticationJavaRedis
0 likes · 24 min read
How to Build a Custom Spring Security Authentication Flow with Redis Token Management
Programmer DD
Programmer DD
Jan 2, 2024 · Backend Development

How to Seamlessly Upgrade Spring Boot 2.x to 3.x – Step-by-Step Guide

This guide walks developers through upgrading from Spring Boot 2.x to 3.x, covering JDK 17 migration, pom.xml changes, configuration property updates, Jakarta EE transition, security reconfiguration, Kafka template adjustments, and OpenAPI integration, with code examples for each step.

JavaSpring BootSpring Security
0 likes · 9 min read
How to Seamlessly Upgrade Spring Boot 2.x to 3.x – Step-by-Step Guide
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Jan 2, 2024 · Information Security

Master Spring Security: Custom Configurations, Filters, and Advanced Features

An in‑depth Spring Security guide covering custom configurations, authentication providers, user‑details services, path‑based authorization, role hierarchies, exception handling, custom filters, multiple filter chains, method security, internationalization, and session management, complete with practical code examples for Spring Boot 2.7.

AuthorizationJavaSecurity Configuration
0 likes · 10 min read
Master Spring Security: Custom Configurations, Filters, and Advanced Features
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Nov 27, 2023 · Backend Development

Secure Spring Boot APIs with AOP and Spring Security: A Step‑by‑Step Guide

This article explains how to combine Spring AOP and Spring Security in a Spring Boot 2.7.12 application to implement permission verification, covering concepts, required dependencies, custom filters, annotations, aspect logic, global exception handling, test endpoints, JWT token handling, and extensions for SpEL‑based role checks.

AOPJWTPermission
0 likes · 11 min read
Secure Spring Boot APIs with AOP and Spring Security: A Step‑by‑Step Guide
Java High-Performance Architecture
Java High-Performance Architecture
Nov 21, 2023 · Information Security

Master Spring Security: Quick Start, JWT Authentication, and RBAC Authorization

This comprehensive guide walks you through setting up Spring Security in a Spring Boot project, configuring password encoding, implementing JWT-based authentication, building custom login and logout endpoints, managing user details with MyBatis Plus, and applying role‑based access control with custom permission handlers, all illustrated with complete code examples.

AuthorizationJWTJava
0 likes · 40 min read
Master Spring Security: Quick Start, JWT Authentication, and RBAC Authorization
Architecture Digest
Architecture Digest
Oct 25, 2023 · Information Security

RBAC Permission Analysis and Spring Security Implementation Guide (including JWT and JSON Login)

This article explains the fundamentals of Role‑Based Access Control (RBAC), its model variants, permission concepts, and user‑group usage, then demonstrates practical Spring Security setups ranging from simple in‑memory authentication to JWT integration, JSON‑based login, password encryption, and database‑backed authentication with full code examples.

Access ControlAuthorizationJWT
0 likes · 18 min read
RBAC Permission Analysis and Spring Security Implementation Guide (including JWT and JSON Login)
Top Architect
Top Architect
Oct 16, 2023 · Information Security

Understanding SSO and OAuth2.0: Concepts, Processes, and Differences

This article explains the fundamentals of Single Sign‑On (SSO) and OAuth2.0, compares their token‑based authentication mechanisms, details typical implementation flows such as CAS, and clarifies the distinctions among SSO, OAuth2, JWT, Spring Security and Shiro, while also noting related promotional content.

CASSSOSpring Security
0 likes · 9 min read
Understanding SSO and OAuth2.0: Concepts, Processes, and Differences
Su San Talks Tech
Su San Talks Tech
Aug 15, 2023 · Information Security

Master Spring Security & JWT: Build Secure Authentication in Spring Boot

This tutorial explains how to integrate Spring Security with JWT in a Spring Boot application, covering authentication and authorization concepts, filter chain principles, project setup, dependency configuration, security configuration classes, custom token filters, and the complete request‑authentication flow.

AuthorizationJWTJava
0 likes · 15 min read
Master Spring Security & JWT: Build Secure Authentication in Spring Boot
Code Ape Tech Column
Code Ape Tech Column
Aug 7, 2023 · Information Security

Understanding Spring Security Permission Annotations and Their Practical Use in a Microservice System

This article explains the eight built‑in Spring Security permission annotations, how to enable them with @EnableGlobalMethodSecurity, provides Java code examples for each annotation, and demonstrates their practical use in the Codeape Chronic Disease Cloud Management System for fine‑grained microservice authorization.

AuthorizationBackend DevelopmentJava
0 likes · 9 min read
Understanding Spring Security Permission Annotations and Their Practical Use in a Microservice System
Java Architecture Diary
Java Architecture Diary
Jul 25, 2023 · Backend Development

Fixing Spring Boot Startup Errors After CVE‑2023‑34035 Upgrade

When upgrading Spring Boot to patch CVE‑2023‑34034 and CVE‑2023‑34035, applications using Spring Security may encounter a startup error indicating ambiguous pattern detection, which can be resolved by upgrading to patched versions and adjusting requestMatchers to use MvcRequestMatcher or AntPathRequestMatcher as appropriate.

AuthorizationCVEJava
0 likes · 4 min read
Fixing Spring Boot Startup Errors After CVE‑2023‑34035 Upgrade
Architect's Guide
Architect's Guide
Jul 17, 2023 · Information Security

Implementing API Key Authentication in Spring Security for REST APIs

This tutorial explains how to secure a Spring Boot REST API using API‑key authentication by adding the necessary Maven dependency, creating a custom filter, extending AbstractAuthenticationToken, configuring Spring Security, implementing a controller, and testing the endpoint with and without the API key.

API keyJavaREST API
0 likes · 9 min read
Implementing API Key Authentication in Spring Security for REST APIs
Code Ape Tech Column
Code Ape Tech Column
Jul 7, 2023 · Backend Development

Integrating Redis with Spring Security OAuth2 for Distributed Unified Authentication in the Code Ape Chronic Disease Cloud Management System

This article explains how to replace JWT with a Redis‑backed Spring Security OAuth2 solution, detailing token storage, client types (WEB, PDA, PAD, patient app, mini‑program), password‑mode login requests, encryption of credentials, gateway filters, authentication converters, providers, token generation, persistence in Redis, and success handling, all illustrated with code snippets and diagrams.

Backend DevelopmentSpring Securityoauth2
0 likes · 19 min read
Integrating Redis with Spring Security OAuth2 for Distributed Unified Authentication in the Code Ape Chronic Disease Cloud Management System
Architect
Architect
Jul 2, 2023 · Information Security

Implementing API Key Authentication in Spring Security for REST APIs

This tutorial explains how to secure a Spring Boot REST API using API key authentication, covering the addition of Maven dependencies, creating a custom filter, extending authentication tokens, configuring the security filter chain, and testing the protected endpoint with curl.

API keyJavaREST API
0 likes · 9 min read
Implementing API Key Authentication in Spring Security for REST APIs
macrozheng
macrozheng
Jun 15, 2023 · Backend Development

How to Build a Reusable Backend Permission System with Spring Security

This article walks through the complete design and implementation of a reusable permission module for a Java e‑commerce backend, covering functional design, database schema, API contracts, and key technical points such as Spring Security, JWT authentication, and Redis‑based performance optimizations.

JWTPermissionSpring Security
0 likes · 8 min read
How to Build a Reusable Backend Permission System with Spring Security
Selected Java Interview Questions
Selected Java Interview Questions
May 25, 2023 · Information Security

Implementing Two-Factor Authentication in Spring Security with Google Authenticator, Authy, and Custom TOTP

This article explains how to add two‑factor authentication to a Spring Security‑based Java web application by integrating Google Authenticator, Authy, or a custom TOTP module, covering required dependencies, service implementations, security configuration, and testing procedures.

AuthyGoogle AuthenticatorJava
0 likes · 29 min read
Implementing Two-Factor Authentication in Spring Security with Google Authenticator, Authy, and Custom TOTP
Sanyou's Java Diary
Sanyou's Java Diary
May 15, 2023 · Information Security

Master OAuth2: From Theory to Hands‑On Implementation with Spring Security

This article explains OAuth2 fundamentals, key terminology, and authorization flows, then guides you through setting up database tables, Spring Boot dependencies, resource and authorization server configurations, multiple grant types, token refresh, permission checks, and common pitfalls, providing complete code snippets and diagrams for a practical implementation.

Authorization Code FlowBackend DevelopmentSpring Security
0 likes · 17 min read
Master OAuth2: From Theory to Hands‑On Implementation with Spring Security
Java High-Performance Architecture
Java High-Performance Architecture
Apr 5, 2023 · Backend Development

Master Spring Security: JWT, Custom Handlers, and Dynamic Permissions

This article provides a comprehensive guide to configuring Spring Security in a Java backend, covering Maven dependencies, global security settings, JWT token parsing, custom authentication providers, user details services, dynamic URL permission metadata, access decision management, and custom handlers for login, logout, and error responses, along with sample application.yml and database schema.

AuthorizationJWTJava
0 likes · 20 min read
Master Spring Security: JWT, Custom Handlers, and Dynamic Permissions
Top Architect
Top Architect
Apr 3, 2023 · Backend Development

Integrating WeChat Web Authorization Login with Spring Security (Username + WeChat)

This article demonstrates how to integrate account username and WeChat web‑authorization login into a Spring Security application by configuring custom authentication providers, filters, tokens, and handlers, allowing users to log in without a password while leveraging WeChat OpenID verification.

JavaSpring SecurityWeChat Login
0 likes · 17 min read
Integrating WeChat Web Authorization Login with Spring Security (Username + WeChat)
政采云技术
政采云技术
Mar 21, 2023 · Information Security

Deep Dive into Spring Security Authentication Process and Core Components

This article provides a comprehensive analysis of Spring Security's authentication mechanism, detailing the filter chain, core components such as SecurityContextHolder, AuthenticationManager, ProviderManager, and AuthenticationProvider, and illustrating the step‑by‑step flow of username‑password verification with extensive code examples.

AuthenticationManagerJavaProviderManager
0 likes · 18 min read
Deep Dive into Spring Security Authentication Process and Core Components
政采云技术
政采云技术
Mar 21, 2023 · Information Security

In‑Depth Analysis of Spring Security Authentication Process and Core Components

This article provides a comprehensive walkthrough of Spring Security’s authentication mechanism, detailing the filter chain, core security components, and the underlying source‑code flow—from UsernamePasswordAuthenticationFilter through AuthenticationManager, ProviderManager, and DaoAuthenticationProvider—illustrated with code examples and diagrams.

AuthorizationFilter ChainJava
0 likes · 20 min read
In‑Depth Analysis of Spring Security Authentication Process and Core Components
Java High-Performance Architecture
Java High-Performance Architecture
Jan 29, 2023 · Information Security

Master Spring Security: From Quick Start to Advanced JWT Authentication and RBAC

This comprehensive guide walks you through Spring Security fundamentals, setting up a Spring Boot project, configuring authentication with JWT and Redis, implementing RBAC permission management, customizing error handling, enabling CORS, and addressing CSRF, providing complete code examples and detailed explanations for secure backend development.

AuthorizationJWTRBAC
0 likes · 45 min read
Master Spring Security: From Quick Start to Advanced JWT Authentication and RBAC
Shepherd Advanced Notes
Shepherd Advanced Notes
Jan 12, 2023 · Information Security

How to Secure Backend APIs with Spring Security

This tutorial explains why backend API permission checks are essential in RBAC‑based systems, walks through configuring Spring Security for authentication and authorization, demonstrates URL‑level and annotation‑based access control, and discusses token‑driven role verification and caching strategies.

AnnotationAuthorizationBackend Security
0 likes · 14 min read
How to Secure Backend APIs with Spring Security
Java High-Performance Architecture
Java High-Performance Architecture
Dec 24, 2022 · Information Security

Master OAuth2 SSO with Spring Security and JWT: A Complete Step‑by‑Step Guide

This tutorial walks through building a single sign‑on (SSO) solution using OAuth2, Spring Security, and JWT in a Java Spring Boot backend, covering preparation, Maven dependencies, server and client configurations, custom login pages, token handling, logout strategies, project structure, and a full demo with source code.

JWTJavaSSO
0 likes · 25 min read
Master OAuth2 SSO with Spring Security and JWT: A Complete Step‑by‑Step Guide
Java High-Performance Architecture
Java High-Performance Architecture
Nov 23, 2022 · Information Security

Master Spring Security with JWT: Build a Secure Java Backend

This tutorial walks through setting up Spring Security with JWT in a Spring Boot project, covering environment configuration, Maven dependencies, custom authentication handlers, permission evaluation, JWT filtering, and testing, providing complete code examples and explanations for building a robust backend authentication system.

AuthorizationJWTJava
0 likes · 22 min read
Master Spring Security with JWT: Build a Secure Java Backend
Architect
Architect
Nov 19, 2022 · Information Security

Understanding SSO and OAuth2.0: Concepts, Differences, and Implementation

This article explains the principles of Single Sign-On (SSO) and OAuth2.0, compares their concepts, outlines typical SSO workflows using CAS, details OAuth2.0 authorization code flow, clarifies terminology differences, and discusses related security frameworks such as Spring Security and Shiro.

OAuth2.0SSOSpring Security
0 likes · 9 min read
Understanding SSO and OAuth2.0: Concepts, Differences, and Implementation
Selected Java Interview Questions
Selected Java Interview Questions
Oct 29, 2022 · Information Security

Comprehensive Guide to Spring Security: Setup, Authentication, Authorization, and Advanced Configurations

This article provides a detailed tutorial on Spring Security, covering its core concepts, project setup, authentication flow, custom user details service, password encoding, login handling, role-based access control, CSRF protection, and integration with Thymeleaf, complete with code examples.

AuthorizationJavaSpring Security
0 likes · 14 min read
Comprehensive Guide to Spring Security: Setup, Authentication, Authorization, and Advanced Configurations
Java Architect Essentials
Java Architect Essentials
Oct 20, 2022 · Information Security

RBAC Permission Analysis and Spring Security Implementation with JWT and JSON Login

This article explains the fundamentals of Role‑Based Access Control (RBAC), its model variants, permission concepts, and user‑group usage, then demonstrates practical Spring Security setups including basic configuration, JWT integration, JSON‑based login, password encryption, and database authentication with complete code examples.

JSON LoginJWTPassword Encryption
0 likes · 17 min read
RBAC Permission Analysis and Spring Security Implementation with JWT and JSON Login
Java Architect Essentials
Java Architect Essentials
Oct 8, 2022 · Backend Development

Spring Boot Security Permission Management Tutorial with Role and Menu Implementation

This article provides a step‑by‑step guide to building a Spring Boot permission management system using Spring Security, Spring Data JPA, Thymeleaf and Bootstrap, covering database design, entity classes, Maven setup, security configuration, dynamic menu loading, front‑end rendering and testing with full source code examples.

Permission ManagementRole-Based Access ControlSpring Boot
0 likes · 19 min read
Spring Boot Security Permission Management Tutorial with Role and Menu Implementation
IT Architects Alliance
IT Architects Alliance
Oct 7, 2022 · Information Security

Mastering RBAC and JWT with Spring Security: A Step‑by‑Step Guide

This comprehensive tutorial explains RBAC concepts, model classifications, and permission handling, then walks through implementing Spring Security with in‑memory authentication, JWT integration, custom JSON login filters, password encryption, and database‑backed authentication, providing complete code examples and configuration details.

AuthorizationJWTJava
0 likes · 18 min read
Mastering RBAC and JWT with Spring Security: A Step‑by‑Step Guide
Top Architect
Top Architect
Oct 6, 2022 · Information Security

RBAC Permission Analysis and Spring Security Implementation Guide

This article provides a comprehensive tutorial on role‑based access control (RBAC) concepts, model classifications, permission definitions, user‑group usage, and step‑by‑step implementations of Spring Security, JWT integration, JSON login, password encryption, and database authentication with extensive code examples.

Access ControlBackend DevelopmentJWT
0 likes · 18 min read
RBAC Permission Analysis and Spring Security Implementation Guide
Top Architect
Top Architect
Sep 30, 2022 · Backend Development

Implementing JWT Blacklist with RedisTokenStore in Spring Security OAuth2

This article explains why JWT is not ideal for logout and token renewal, recommends using a Redis‑backed token store, and provides three Redis‑based blacklist implementations with detailed Java code snippets for extending JwtTokenStore, custom converters, and global filters in Spring Security OAuth2.

JWTJavaRedis
0 likes · 12 min read
Implementing JWT Blacklist with RedisTokenStore in Spring Security OAuth2