Best tutorial on Spring security and JWT. No one can convince me otherwise. Every concept has been broken down to it's simplest form and explained step by step which makes it easier to understand. Kudos to you, Navin.
when creating a jwt token, you are setting the expiration as 60*60*30 milliseconds, we can set it as 1000*60*30 if we want the expiration as 30 min after 'iat'. Great tutorial to learn spring boot.
Thank you very much for this video! I am trying to use JWT tokens in my Spring app which is something I haven't done before and when I was searching how to do it I didn't understand what was happening at all. Then I found this video and it's been super helpful! You've also managed to keep me quite focused despite how long the video is, which is impressive 😂
Thank you, Navin sir, for your efforts to make our lives easy using Spring Boot and Spring Security. This video helped a lot. For any question related to Spring, Telusko is one stop for all. I request you to create a tutorial on creating our own OAuth server. THANK YOU!
I have now conquered my fear of spring security through this your video. Thank you very much. It indeed a great tutorial on Spring Security. ❤❤❤❤❤ Much love sir
Hey Telusko I've been learning Spring for about one year and I've been stuck in Security for about a month. Your video really helped me putting the pieces together and actually understand how everything works (: I come from reading a few books about spring security and this tutorial helped me like you have no idea
Navin sir, you make all videos very easy to approach. I was very scared of Spring and don't know much. But I was able to understand basics of Spring Security from first 1 hour that I have watched. Thank you! Hoping to finish the rest and try it out for my app.
This is very good. Difference I found between other videos is the content. Sir gives content in very detail and clears all the concepts and I really found it very helpful. Thank you so much Navin Sir.❤❤❤
Thanks so much for this great piece of work. In my view, the best explanation of Spring Security, token generation and validation; as well as the concept of authentication for the delivery of secured Restful services.
Hello Telusko, First off all thank you for making tech videos it always helpful and because of this video i learn lot. One more thing you ask for the kill port which is in use by service so i am pasting some steps here, you are best teacher but may be it will be helpful for others you are very intelligent.🤩 Thank you for making videos on tech lang. Here are the commands COMMAND TO KILL PID USING PORT:- 1. Run the CMD as administrator and i) find out the port services running. ii) perform following commands. >netstat -a -n -o | find "portnumber" 2. to kill PID >taskkill /PID pidNumber /F
Hi Navin Sir, Once again great explanations, great learning, thank you for that. . This was really overwhelming topic, but as you said, we have to do these configuration only once, that was relief. :) From here should we start learning about microservices, or should we stop and create some projects, play around with spring/hibernate and spring security?
This is very gr8 video, thanks, the video would shine more if you can add all the blocks involved like filters, auth manager, dao, jst auth provider. pls make an video on authorization as well. Thanks Navin🎉🎉
If we use oauth2 authorization server starter dependency, it gives JwtEncoder and JwtDecoder making the encoding and decoding the JWT token very easy. But, doing manual way gives more understanding of the process.
The validateToken method compares the username from token and the one from userDetails. They will always be the same. if the user is found in the database, these two will always be the same. The userDetails object is coming from the same username you extracted earlier. So what is this validateToken really doing. Especially the first part of the condition?
I was scared of this topic thanks for making such an informative video Just finished the last part and for some reason even after adding the second oauth client github. I don't see it on the UI, although I was trying to do this on my own little project.
Sir, can you make a video on tips on how to read documentations? I was trying to read the spring security documentation but it is very confusing unlike how you teaches it. It will be a great help if you will, thank you in advance!
Honest truth: Documentation is where those knowledge are taken but it requires some level of understanding and expertise. Not meant for an absolute beginner
At 1:53:00, some may encounter a cyclic dependency error at startup. To avoid this, define a single instance of BCryptPasswordEncoder as a @Bean in a configuration class, ensuring the same instance is injected in both places
Sir thanks for the great video. After the end of the tutorial I tried to login and manager part becomes unnecessary. How can we go with basic auth for login?
2:58:00 I have one question: If anyone can hold of the username and the algorithm used by this service to generate key then they can easily spoof the JWT token by generating their own right? I thought when user logged in first time, the password is also used in the process of key generation to make the key unique but it is not the case here !
It sounds nice and understandable, but you missed the refresh token, which is really important for both JWT token security and user experience. Without a refresh token, users would need to log in more frequently, leading to a less seamless experience. Additionally, the refresh token helps maintain security by allowing for token renewal without requiring the user to re-authenticate constantly.
great video but one doubt: if for verifying token we are using db (making db call) then there is no point of using token. we can directly send username and password in every req and everytime we get that user from db and verify like we are doing for validating token.
hi navin i ma new to configures the security project to existing project and with front as well coul please upload video how to configure with front end
Only video which can explain spring security clearly. Nobody else explained like you
yes
I liked this video so much that I literally turned off my adblocker to watch the ads and support you
@Telusko
Use this to kill process on port
3:01:43
lsof -i tcp:
kill -9
Best tutorial on Spring security and JWT. No one can convince me otherwise. Every concept has been broken down to it's simplest form and explained step by step which makes it easier to understand. Kudos to you, Navin.
I don't know why when I see this man I'm getting more confidence in software development. Keep it up man! You made our day
He is Master and consistent , first keep u " keep it up "
This is hands down the best spring security tutorial out there guys.
Only video which can explain spring security clearly. Nobody else explained like you, iam following you sir since 2017
when creating a jwt token, you are setting the expiration as 60*60*30 milliseconds, we can set it as 1000*60*30 if we want the expiration as 30 min after 'iat'.
Great tutorial to learn spring boot.
Thank you very much for this video! I am trying to use JWT tokens in my Spring app which is something I haven't done before and when I was searching how to do it I didn't understand what was happening at all. Then I found this video and it's been super helpful! You've also managed to keep me quite focused despite how long the video is, which is impressive 😂
Thank you, Navin sir, for your efforts to make our lives easy using Spring Boot and Spring Security. This video helped a lot. For any question related to Spring, Telusko is one stop for all. I request you to create a tutorial on creating our own OAuth server.
THANK YOU!
I have now conquered my fear of spring security through this your video. Thank you very much. It indeed a great tutorial on Spring Security.
❤❤❤❤❤ Much love sir
Best tutorial for security. i have gone throgh many tutorial of other creators but this one is insane. Thanks for your effort Telusco
the best Spring security Tutorial in the whole youtube , big thanks to you .
No doubt this is the best jwt in springboot tutorial. shared to my friends!
How a good lecture you gave. Thank you very much for all the work you're doing and contribution to the online community.
Greetings from Germany :)
Hey Telusko I've been learning Spring for about one year and I've been stuck in Security for about a month. Your video really helped me putting the pieces together and actually understand how everything works (: I come from reading a few books about spring security and this tutorial helped me like you have no idea
Happy to hear that you were able to understand the concepts, and thanks for the appreciation!
Sir, the best video for spring security ...you explained every bit that i was using with half information. Thank you
Thank you,I just finished the video. It really helped me overcome my fear of authentication methods.
youre literally a legend. whenever im searching for a topic i always check your channel first! thank you for the amazing content!!
Navin sir, you make all videos very easy to approach. I was very scared of Spring and don't know much. But I was able to understand basics of Spring Security from first 1 hour that I have watched. Thank you! Hoping to finish the rest and try it out for my app.
Sir, please teach us payment gateway integration using Spring Boot. Please🙏
Bro use your own mind
There are hundreds of tutorials out there
You can easily integrate by following any tutorial Or documentation
Read books they are great recommendation :- Manning publications
Telusko to the World. One of the best tech channels here
Hats off, perfect explanation for the new Spring Security 6
You are a great teacher .Thank you so much for explaining so clearly
I love the way you explain things. Even the difficult parts are easy to understand
This is very good. Difference I found between other videos is the content. Sir gives content in very detail and clears all the concepts and I really found it very helpful. Thank you so much Navin Sir.❤❤❤
Thank you so much Sir.... You are always there to support the Java devs. Love you so much ❤❤❤
I am from Bangladesh. You are a great man. Thank you so much.
Concept is totally Cleared... Love you sir for such tremendous effort. ❤❤❤ I am benefited a lot from this oneliner marathon video...
Thank you from Germany. I love your Spring Security Tutorial!!!
Simply! the best spring security course video
This video is amazing! You have very good teaching skills, the concepts you explain are very easy to understand. Thank you for your work!
Thank you sir! Now I can apply Spring Security to my personal project. Your tutorial is very easy to understand sir .🙏
Best Tutorial I've ever seen. Thank you :)
Sir you nailed it - Best Spring Security 6 Tutorial 🤩🤩
Thanks so much for this great piece of work. In my view, the best explanation of Spring Security, token generation and validation; as well as the concept of authentication for the delivery of secured Restful services.
At 1:30:08 you laughed and said create your own class in a sarcasm, i liked that.
Thank you so much sir for this much needed series🙏
Hello Telusko,
First off all thank you for making tech videos it always helpful and because of this video i learn lot.
One more thing you ask for the kill port which is in use by service so i am pasting some steps here, you are best teacher but may be it will be helpful for others you are very intelligent.🤩 Thank you for making videos on tech lang.
Here are the commands
COMMAND TO KILL PID USING PORT:-
1. Run the CMD as administrator and
i) find out the port services running.
ii) perform following commands.
>netstat -a -n -o | find "portnumber"
2. to kill PID
>taskkill /PID pidNumber /F
Happy Teacher's day sir ❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤❤
An excellent course. Thank you very much
Thank you so much sir!! You are great!! Hats off!! Great Video!!🙏🙏🙏🙏
Hi Navin Sir,
Once again great explanations, great learning, thank you for that.
.
This was really overwhelming topic, but as you said, we have to do these configuration only once, that was relief. :)
From here should we start learning about microservices, or should we stop and create some projects, play around with spring/hibernate and spring security?
Such a good content and tells each and every point very clearly thanks sir❤❤❤
your explanation is so easy to understand. thank you.
Thank you so much for the nice explanation...follower since 2019
Very useful! I'm expecting other programming related too!
You may want to check Python
This is very gr8 video, thanks, the video would shine more if you can add all the blocks involved like filters, auth manager, dao, jst auth provider.
pls make an video on authorization as well.
Thanks Navin🎉🎉
TELUSKO IS THE MAN!!!
I buyed udemy course of telusko...feels like UA-cam content is much better...there it's feel like you were in hurry 😂
Good job Navin.
Thank you for sharing this great knowledge sir🙏
Well on time, I was looking for this all day long
Hi sir, you're absolutely genious❤
sir, you did it very good. kindly make a more detail video/series of spring security other features if possible. thank you
If we use oauth2 authorization server starter dependency, it gives JwtEncoder and JwtDecoder making the encoding and decoding the JWT token very easy. But, doing manual way gives more understanding of the process.
Great work with nice explanation !
The validateToken method compares the username from token and the one from userDetails. They will always be the same. if the user is found in the database, these two will always be the same. The userDetails object is coming from the same username you extracted earlier. So what is this validateToken really doing. Especially the first part of the condition?
Need one video on Hibernate and ORM theory.🙏
Thank you man, you are my hero!
Great tutorial! Awesome
Wow, great video thank you so much for your effort
I was scared of this topic thanks for making such an informative video
Just finished the last part and for some reason even after adding the second oauth client github. I don't see it on the UI, although I was trying to do this on my own little project.
bro do a video on security on microservices , for different architecture , best practise etc ....
Sir, can you make a video on tips on how to read documentations? I was trying to read the spring security documentation but it is very confusing unlike how you teaches it. It will be a great help if you will, thank you in advance!
Honest truth: Documentation is where those knowledge are taken but it requires some level of understanding and expertise. Not meant for an absolute beginner
Happy teachers day sir 🎉😊
At 1:53:00, some may encounter a cyclic dependency error at startup. To avoid this, define a single instance of BCryptPasswordEncoder as a @Bean in a configuration class, ensuring the same instance is injected in both places
thanks for this tutorial!
Can you make video on frontend (react) demonstrating the use of JWT?
JUST I N TIME TUTORIAL! Thanks!
Sir thanks for the great video.
After the end of the tutorial I tried to login and manager part becomes unnecessary.
How can we go with basic auth for login?
44:45 Best part
You are absolutely correct.
Thank you so much!!!
2:58:00 I have one question: If anyone can hold of the username and the algorithm used by this service to generate key then they can easily spoof the JWT token by generating their own right? I thought when user logged in first time, the password is also used in the process of key generation to make the key unique but it is not the case here !
Awesome!
Great job sir ❤🎉
It sounds nice and understandable, but you missed the refresh token, which is really important for both JWT token security and user experience. Without a refresh token, users would need to log in more frequently, leading to a less seamless experience. Additionally, the refresh token helps maintain security by allowing for token renewal without requiring the user to re-authenticate constantly.
Thanks
Thanks for upload this video its very useful. please upload using ldap if possible
Thanks for everything
FYI, 2:13:15... it doesn't work without jackson converter
Day 3 of asking please make a video with integrating keycloak
the csrf token is not working and it still says aunthorized when trying to get csrftoken
The best video
Sir aap ne hindi channel par java ki playlist start ki usko pura nahi kiya fir aap ne spring boot playlist start ki usko bhi pura nahi kiya....?
Day 2 of asking please make a video with integrating keycloak or oauth2
thanks
Thankyou so much ❤
good video. could you make a tutorial on refresh token? like the lifecycle, how to use it securely etc
you come here in the youtube that you are soo knowledable i know it already bhai tumhara kuch samjh nahi atta hai
great video but one doubt: if for verifying token we are using db (making db call) then there is no point of using token. we can directly send username and password in every req and everytime we get that user from db and verify like we are doing for validating token.
u r rock
Is this works if jwt generation in one microservice and validation in another
Sir i just passed my 12th and going to college this year which branch I choose aiml and aids sir which branch has better future?
It would be great if you can integrate Keycloak as well Navin sir. Hoping for it finger crossed.
in 2 hour i am trying to register still it is giving me exception like user not register
1:25:10 you're right sir, user is already taken, I tried that originally and it gave me a syntax error.
Sir,why all method endpoints will raise authentication error?
Thanks for sharing this JWT security video. It was really helpful. Can you please also help with "logout" code here.
Sir, please do video regarding spring data jpa pagination and spring validation
hi navin i ma new to configures the security project to existing project and with front as well
coul please upload video how to configure with front end