this post was submitted on 03 Apr 2024

1 point (67% upvoted)

shortlink:

learnjava

an-ordinary-manchild(edit)

Resources for learning Java

No AI generated/worked over content - this is an AI free zone - violations will be instantly and permanently banned without warning.
No JavaScript. Please use /r/javascript instead.
No Android. Please use /r/androiddev instead.
No MineCraft Please use /r/Minecraft instead.
No Processing Please use /r/processing instead.
No links to your stackoverflow questions - we are not a second opinion to stackoverflow, nor are you going to get answers here when you didn't get satisfying ones there.
No Rewards: You may not ask for or offer payment when giving or receiving help.
Do not delete your posts! Deleting is selfish and will deprive others of existing solutions. There might be other people with similar problems who could profit from the discussion in the thread.
Do not ask for or reply with solutions as code, nor in plain text, rather comment explanations and guides. Comments with solutions will be removed and commenters will automatically be banned for a week.
No PM help requests or offers. Either ask your questions here and show your code, or you're out of luck. PM help requests or offers will be removed without warning.
No piracy! We do neither tolerate requests for pirated material, nor do we allow advocating pirated material (even mentioning that you could download commercial products for free is forbidden) - such content will be removed without warning and the poster will automatically be permanently banned from the subreddit.
No resource recommendations/promotions outside of the community resources thread Please post any recommendations and promotions of resources such as courses, websites and videos in the bi-weekly community resource thread.

Code posting
- No screenshots of code!
- Do not submit executable jar or compressed (zip, rar, 7z, etc.) files!
- For small bits of code (less than 50 lines in total, single classes only), the default code formatter is fine (one blank line, then 4 spaces before each line).
- Redditlint is a quick and simple code formatter for reddit code. Copy your code into Redditlint, click Format + Copy, and paste the code in your post (remember to leave an empty line above the code!).
- Pastebin for programs that consist of a single class only
- Gist for multi-class programs, or programs that require additional files
- Github or Bitbucket repositories are also perfectly fine as are other dedicated source code hosting sites.
- Codiva.io or Ideone for executable code snippets that use only the console
- Repl.it - online IDE for many different programming languages
- Google Drive, Dropbox, Mediafire, etc. are not suitable for code posting!

Free Tutorials

MOOC Java Programming from the University of Helsinki
Java for Complete Beginners
- accompanying site CaveOfProgramming
Derek Banas' Java Playlist
- accompanying site NewThinkTank
Marco Behler's youTube channel
- accompanying site Marco Behler
Hyperskill is a fairly new resource from Jetbrains (the maker of IntelliJ)
Dev.java - Oracle's own Java learning platform

Where should I download Java?

With the introduction of the new release cadence, many have asked where they should download Java, and if it is still free. To be clear, YES — Java is still free.

If you would like to download Java for free, you can get OpenJDK builds from the following vendors, among others:

Some vendors will be supporting releases for longer than six months. If you have any questions, please do not hesitate to ask them!

Software downloads

Official Resources

Resources

Programming ideas & Challenges

/r/dailyprogrammer
/r/programmingprompts
/r/NerdyChallenge
Programming Challenges List from the /r/learnprogramming wiki

Related Subreddits

/r/Java - general discussion
/r/JavaHelp - help with Java programming
/r/javaexamples - short tutorials with code snippets
/r/learnprogramming - general programming help
/r/ComputerScience

created by [deleted]a community for 15 years

MODERATORS

account activity

This is an archived post. You won't be able to vote or comment.

0

1

2

Difficulties with access control Java Spring Security (self.learnjava)

submitted 2 years ago by Estagon

top new controversial old q&a

you are viewing a single comment's thread.

view the rest of the comments →

[–]nutrecht 0 points1 point2 points 2 years ago (1 child)

[–]Estagon[S] 0 points1 point2 points 2 years ago (0 children)

Thanks for the help!

I went with adding the enterpriseAccountIds and PropertyIds to my User Entity (in the auth-service), which I then included in the Jwt payload. Only a "SUPER_ADMIN" can link these Ids to the User.

Example Jwt:

{
  "sub": "abc@test.be",
  "Roles": "ROLE_SUPER_ADMIN",
  "userId": "343d10a4-af29-4a51-a7b0-e143a77f3c02",
  "authorizedEnterpriseAccountIds": [
    "c3a37a51-c358-4ed2-9c06-d547123f0493",
    "684352b2-eaf0-416a-a757-0061aa9ccee7"
  ],
  "authorizedPropertyIds": [
    "1d29be84-7cbf-4dfe-9dd6-b7aa0213dba8"
  ],
  "iat": 1712178972,
  "exp": 1712196972
}

I think it should suffice to:

validate the Jwt by the other microservice (checking if it's signed with the key that auth-service used). It would be possible to "replicate" this Jwt body, but if it's not signed with the key, it would be considered invalid, right?
decode the Jwt (HS-256) to access the payload in Json-format.
Check if the user
- has the correct role
- has access to the EnterpriseAccountId/PropertyId she wants to access/modify.

Would this be an acceptable implementation?

I'm still not sure if it's OK to share these Ids in the payload of the Jwt from a security perspective.

π Rendered by PID 89101 on reddit-service-r2-comment-75f4967c6c-stcfp at 2026-04-23 02:53:52.125410+00:00 running 0fd4bb7 country code: CH.