How to configure Spring Security Authorization - Java Brains

I really like you approach of theory interlayed with examples and especially how you are at first showing a kind of counterexample and then you correct it. It feels very natural and intuitive 👍

Please make some videos explaining Design Patterns. You are a really good teacher. I'm sure some of your audience have already made this request.

seriously what kind of skills you have , just amazed the way of your explanation crystal clear and in dept knowledge, Thank You so much

I really liked the way how you skipped the part of how to maintain role, How does server is going to identify which role the client belongs to should it be at a database level or Authorization server . You clearly bypassed it .
Please do make a video of that . We are waiting.

I love this channel. Best ever java learning source in youtube.
Ever.

finally found a lecture to help me understand and successfully build&add to a project. please keep on doing this thank you!!!!!

I ensure everybody , it is the best explanation of such hard topic , spring security by itself is very hard , listen him , he talk it about like 2 * 2; good work bro.

Have learned so much from your Spring Security playlist...I know it has deprecated but it has a lot of concepts to learn. Thank you!

very, very professional. extremely lucid. thanks for ALL of your content. top quality

Your tutorial is really interactive and helpful.

A series of tutorials like this is very helpful. Keep doing the great work.

Excellent! Thank you. I'd like to see how to configure JWT in Spring Security

The video was so helpful. Really understood all the things. Thank you very much!!!!

I fixed my issue facing for quite long time . Thank you.

I have been following your tutorials, you are just Awesome!!. The way you explain things makes me feel like concepts are as simple as that but these are not simple without your great explanation.

00:02 Learn to configure Spring Security authorization
01:53 Enabling different levels of access control for APIs in Spring Security
03:37 Use HTTP Security object to configure access restrictions for paths
05:18 Configuring path to permission mapping using method chaining in Spring Security HTTP security method
07:15 Configuring Spring Security to allow access based on user roles and specify login type
09:11 Configuring access to specific URLs in Spring Security
11:13 Configuring URL access restriction in Spring Security
13:01 Configuring higher privilege admin role.

You made me understand, what hours of reading websites didn't can.

thank u so much, how much u learn us that how much god help u for make ur life easy, bcz some people need guy is like to show, explain and learn , thank u so much sir ......

Big shoutout to you! Kudos.. Nice work man!!

Very very nice and step-by-step tutorial. Thank you...

Thank you so much,Doing great sequence of videos for better understanding from basics.

Good work !! Thanks for the tutorial.. Hi Others.. when we get ads let's not skip them.. I think it helps the channel..

#Salute! The way you explained spring security was an ease❤️

Spot on. Exactly what I wanted to understand. I have developed an admin application of an existing application and spring boot project is same for both applications. Just the UI is different. So I need to configure some mappings which should only be accessible by admin. This would help for sure. Thanks a lot.

Brilliant work Kaushik! Thank you so much!

Thank you! Please do a video on How to perform REST API - POST without disabling csrf in security config!

Finally learnt spring security clearly

Great information. Thanks. But I suggest you to demonstrate with postman

thank you for detailed explanation!! I would like to request for the content about MethodSecurity. Thanks in advances Sir!!

Thank you so much for clearing basics.

Thank you so much for fabulous lessons

Great tutorials. Thanks, your tutorial is super comprehensive

Thank so much. How about spring security + micro services + jwt. Please!!!!!!!!!!! Great!!!

Brilliant and Thank you so much. Fantastic and easy learning from u

you are awesome , I wanna thank you for teaching our.

Thanks a lot Kaushik can you please create few videos on Elastic Search ...

Great video! Thanks for sharing :)

Thank you for the simple and wonderful explanation and examples.

Tes vidéos sont géniales!! Un grand merci!

Super tutorial, thanks!

Even if this lesson is a bit outdated, it's still useful if paired with the official spring docs

i haven't seen the video yet , but i know that's good

great tutorial

Thank you for such an informative video.

Nice vid, thanks.

Your videos are very useful.

Hello Sir,Thanku So much For this video...Thanku so much It's very very helpfull

Hi kaushik
If you have time Please make a more videos on Spring security Outh2 and explain which one is most demanding right now in market .
Please make like microservices videos that are awesome.😍😍

Thanks for your awsonme tutorial, am watching your video in mars 2023 and the WebSecurityConfigurerAdapter is deprecated am woundring if you would make another videos with the same fantastic content

Thank you..Well explained..

Thank you so much for clarifying these concepts of Spring Security _/\_

What was the card you were referencing in the beginning for in memory authentication?

Thanks a lot ! Please make it with JWT and with Angular as front end, my security works in the back but not with Angular !

Thank you Sir. Please also share tutorials regarding cloud native applications development.

Thank you!! You are the best!!!

I wonder is there any reason to use the method chaining approach for restricting endpoints based on role rather than using the "@PreAuthorize" annotation on the controller mapping/method level ?

Thank you Kaushik 🙂

Complete series on angular integration with spring boot security plz Thanks.

good explanation

Thanks a lot. You are doing a wonderful job.Your way of explaining the concept is awesome.I have a question here why the default filter didn't came into picture this time. How does Spring security validate that.

Well explained

Excellent

For those who are having a problem with roles from a database, try adding ROLE_ to your users entries roles in the database

Thank you so much!

Great Video, I have a doubt. What is the difference of hasAnyRole and hasAnyAuthority methods?. Thanks!

Thanks alot

Notes for my ref :
Use /logout for log out
Similar to authenication by extending the websecurityconfigadapter having config(Http security)
http.authorizerequest().anymatcher("/user").hasanyrole("user")
. anymatcher ("/admin).hasanyrole("user","admin")
.anymatcher("/").permitall()
.and.formlogin();

Please make a video to explain different login systems, JWT, OAUTH, OAUTH2, key based etc.

Hey, is it possible to make another video with the updated features? Now the adapter is deprecated

@koushks, Why are you naming the class as HomeResource.java instead of HomeController.java?

Thanks sir..😊

How do you configure Spring Security Authorization not based on roles but on the result of a database query having a parameter in the URL? For example when we want to authorize /company/75/employee/26/ only if the employee 26 actually belongs to the company 75

What theme did you used ?

Thank you sir

Great video, please attach source code for each tutorial it would be priceless

simply awesome :)

Hello Kaushik,
It worth watching all of your video and thanks for providing such types of content.
A Request!
Could you please provide us a video(or suggest in the comment) for REST API configured with JWT but with below requirements:
1. User will login "auth/login" and in response get a JWT token with roles, privileges, etc.
2. If user is inactive for sometime let's say 20 minutes then we wanna invalidate the token.
3. if user want to logout "auth/logout" then token for that user should also be invalidated(revoke).
If it is possible with STATELESS or STATEFUL spring boot configuration for http security.
please suggest.

What is the theme you using ? It is so pleasant for the eyes :)

The following tutorial seems to have some deprecated Classes and methods as from Spring boot version 2.7 or newer, many things have been changed in case of Spring Security. Please update this course based on the new version. Although this tutorial has helped a lot.

Thanks Kaushik. I am a scriber of this channel and I watch all of your videos once published. I love them.
I feel that with black background and with green font it's a bit not very smooth watch.

In this case would it make a difference if /admin were after /user?

Could you explain about authority and how can I update them ?

Sir please take Design patterns classes..Where are we go ,design pattern follows.before i want die ,i hear ur voice with design patterns..thank you,,,🙏🙏🙏

simplified...woow!!!

Excellent! Thank you. Where I can obtain the code for this course. ?

WebSecurityConfigurerAdapter is depcrecated. Can you please do another one?

sir please make video for security in micro services

Hello, I wanted to ask if mvcMatcher is used in the same way as this antMatcher?

Does it work for post request also. For post & delete it didn't worked for me ?

Thank you !!

How to include authentication only on specific url in spring security ? So permitAll for all endpoints expect few urls

in the return statement y u r using parentheses??

im not seeing the "cards" pop up when you mention them, is anyone else having the same issue? :/

Great!

Can you show how to implement spring security using database username and password?

Hi Sir, want to restrict multiple login user in spring security,kindly help

Why can't I get the default login page despite adding spring security dependency

How would we grant permission to only specific http methods on a url ?

Hi , can we check the same login, logout and user functionality using postman. if yes where the username and password is given ? I think its not a basic auth. kindly suggest.

Instead of formLogin how to prompt with windows default plain web page credentials screen.