How to Isolate Session and JWT Users in Spring Security: Strategies and Pitfalls

This article explains how to separate backend admin users using stateful Session authentication from front‑end app users using stateless JWT in a Spring Security‑based system, covering path‑interception strategies, session key isolation, custom UserDetailsService implementations, and complete configuration examples for an Id Server authorization server.

Path InterceptionSession vs JWTUserDetailsService

0 likes · 10 min read

How to Isolate Session and JWT Users in Spring Security: Strategies and Pitfalls

Top Architect

Jan 18, 2022 · Information Security

Comprehensive Spring Security Guide: Authentication, Authorization, Custom Configurations, and CSRF Protection

This article provides an in‑depth tutorial on Spring Security, covering its core concepts, authentication flow, project setup, dependency imports, custom UserDetailsService, password encoding, login handling, role‑based access control, CSRF protection, and integration with Thymeleaf, complete with practical code examples.

AuthenticationAuthorizationCSRF

0 likes · 16 min read

Comprehensive Spring Security Guide: Authentication, Authorization, Custom Configurations, and CSRF Protection

Programmer DD

Nov 9, 2019 · Information Security

Master Spring Security: Custom UserDetailsService and In‑Memory User Management

This guide walks through integrating Spring Security with Spring Boot, explains the UserDetailsServiceAutoConfiguration, demonstrates how to customize UserDetailsManager using in‑memory storage, and shows how to extend it for database‑backed user management, providing complete code examples and practical insights.

Custom UserDetailsManagerInMemoryUserDetailsManagerSpring Boot

0 likes · 13 min read

Master Spring Security: Custom UserDetailsService and In‑Memory User Management