Spring Boot 3 + Spring Security + JWT Authentication and Authorisation | RBAC | Rest API Example
Вставка
- Опубліковано 3 лис 2023
- Spring Boot 3 + Spring Security + JWT Authentication and Authorisation | RBAC | Rest API Example
This video demonstrates how to protect your Spring boot Application as well as APIs via Spring Security to perform JWT authentication and authorization in a Spring Boot 3.
You'll discover how simple it is to use JSON Web Tokens to secure your application and safeguard your endpoints. We'll go through some security rules for our application and configure Spring Security to use JWT. In the end, we'll verify our configuration by creating a basic API and sending authorised requests via Postman.
This tutorial will provide you with the necessary tools to secure your Spring Boot application with JWT authentication and authorization, regardless of your level of experience as a developer.
Spring Initialzr:
start.spring.io/#!type=maven-...
JWT IO:
jwt.io/
Recommendation:
Spring Security:
• UPDATED: Spring Securi...
PLEASE SUPPORT THE CHANNEL:
Donate from $5
Link: paypal.me/cypcodestudios?coun...
Thank you very much for watching. Please do Like and Subscribe - Наука та технологія
Guys please do like and subscribe as 80% of views are not subscribed yet, subscribing is free as well as sharing, liking and commenting to motivate us to keep going. Thank you very much for watching
Nice
Hi , your videos are incredibly helpful, can you make a video for the deprecated "JdbcTokenStore" or share a link for the replacement of the same.I have read the spring security 6 guide but was unable to find anything regarding it. It will be really helpful . Thanks
Hey I am new in Spring. Can you tell me why the jwt.secret stored in application.properties file?? Is it safe to store the secret in properties file. Thankyou!!
As it was for a tutorial it is okay, but for real world applications do not store secret key in application.properties, it is not secure
But I am talking from a enterprise project or a companies pov
For your own projects you can store it anywhere you want
hardly wait for it with sourch code
Hi @Rabiullslam-lx1uc thank you for checking out the video, please see Git repo: github.com/cypcodestudio/rbacspring
hii I am getting header as null what to do for that
Hi @prathyusha3031 please make sure your Authorisation Type is Bearer Token and you have passed in the token that you received back when you were logging in. Once that is set it should be able to pickup your token and Authenticate correctly
Where can I find the repo?
Hi @user-ps5hz6hb5i thank you for checking out the video, please see Git repo: github.com/cypcodestudio/rbacspring
nice explanations. Please wold you mind sharing the source code?
Hi @luciensikapa6543 thank you for checking out the video, please see Git repo: github.com/cypcodestudio/rbacspring
Awesome,can you please source code it would be very helpful
Hi @sujitkumar2196 thank you for checking out the video, please see Git repo: github.com/cypcodestudio/rbacspring
this example completely ignores Spring Security architecture both for authentication and authorization. would not recommend it
Please share repository
Thank you for checking out the video, please see Git repo: github.com/cypcodestudio/rbacspring
Nice video, but I am getting {
"sub": "admin",
"role": [],
"iss": "rbacspring",
"exp": 1701690111,
"iat": 1701672111
} .. Role is empty.. but I loggedin as Admin. pls give the suggestion.
Hi @user-er9pc2or6b thatnk you very much for watching the video and for your question. That tells me that spring knows that you are a valid user but on your JWT creation you’re not adding the GrantedAuthorities please confirm where you’re adding that and we can address your issue
I was also getting the same issue but after debugging further, i found while creating user or registering user that time it's trying to fetch roles from ROLE table but ROLE table is empty. So 1st we have to add Roles in ROLE table then we are good to go.
I think think concept missed by @cypcode.