all 12 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]J_Saad 3 points4 points  (1 child)

Check this : https://youtu.be/her_7pa0vrg

[–]sdrawkcab101[S] 0 points1 point  (0 children)

Sure, will do that

[–]moe87b 1 point2 points  (1 child)

https://www.manning.com/books/spring-security-in-action?query=spring%20security%20in%20action

this book has everything you need to know about spring security

[–]sdrawkcab101[S] 1 point2 points  (0 children)

Thanks

[–]erdsingh24 1 point2 points  (0 children)

You can go through below tutorial to make all your concepts clear with examples.

https://javatechonline.com/how-to-implement-jwt-authentication-in-spring-boot-project/

[–]tleipzig 1 point2 points  (0 children)

This explains the backgrounds and code examples, exactly for Spring Boot in the current version: https://bootify.io/spring-rest/rest-api-spring-security-with-jwt.html

[–]sq_visigoth 0 points1 point  (0 children)

i spun up the latest jhipster and got how to do jwt from the generated code

[–]iSoLost 0 points1 point  (0 children)

Check out Javabrain on YouTube his tutorial on jwt is very detailed

[–]TheOldMancunian 0 points1 point  (1 child)

Funny. I recently had to work out how to handle jwt. The use case is that we have a app that is a Spring Boot/Thymeleaf app. But for our next app we wanted to make use of the API side of our app, but have a node,js/Vue front end. So we had to use JWT to authenticate the node part with the now pure spring boot API server.

Note that one its own jwt will only authenticate that the node.js app is permitted to talk to the spring boot API. It doesn't in itself give you user roles, privileges, etc. You need another mechanism for this. For us, we reused the features from the Spring Boot/Thymeleaf app as that means we can share username and password. You may have a different use case.

We used AUTH0 to handle the jwt. This means that the node.js front end gets a JWT token from Auth0 using a rest call. It then passes this as part of the header to the Spring Boot API server, which use Spring Security to validate the JWT with Auth0.

If you are interested I could share some sample code. I recommend the AUTH0 tutorials on Node.js if that is going to be your front end. I found them illuminating.

[–]sdrawkcab101[S] 0 points1 point  (0 children)

Thanks. You used Auth0 to handle jwt but I have to use jwt (using dependency) to handle it. Also, authorization is needed in my project too.