Spring Data with Spring Security 1. Overview Spring Security provides a good support for integration with Spring Data. While the former handles security aspects of our application, the latter provides convenient access to the database containing the application’s data. In this article, we’ll discuss how Spring Security can be integrated… Continue Reading spring-data-security

Authentication Against a REST Service with Spring Security REST Spring Security Authentication RestTemplate Table of Contents 1. Overview 2. The Goal 3. The Client 4. Testing the Authentication Service 5. Conclusion 1. Overview This article is focused on how to authenticate against a secure REST API that provides a RESTful… Continue Reading authentication-against-a-third-party-service

Keep Track of Logged In Users with Spring Security 1. Overview In this quick tutorial, we’re going to show an example of how we can track the currently logged in users in an application using Spring Security. For this purpose, we’re going to keep track of a list of logged… Continue Reading spring-security-track-logged-in-users

Quick Intro to Spring Cloud Configuration 1. Overview Spring Cloud Config is Spring’s client/server approach for storing and serving distributed configurations across multiple applications and environments. This configuration store is ideally versioned under Git version control and can be modified at application runtime. While it fits very well in Spring… Continue Reading spring-cloud-configuration

Notify User of Login From New Device or Location 1. Introduction In this tutorial, we’re going to demonstrate how we can verify if our users are logging in from a new device/location. We’re going to send them a login notification to let them know we’ve detected unfamiliar activity on their… Continue Reading spring-security-login-new-device-location

Spring HTTP/HTTPS Channel Security 1. Overview This tutorial shows how to use HTTPS to protect your application’s login page using Spring’s Channel Security feature. Using HTTPS for authentication is crucial to protect the integrity of sensitive data when in transport. The article builds on top of the Spring Security Login… Continue Reading spring-channel-security-https

A Custom Spring SecurityConfigurer 1. Overview The Spring Security Java configuration support provides us with a powerful fluent APIs – to define security mappings and rules for an application. In this quick article, we’ll see how we can take this one step forward and actually define a custom configurer; this… Continue Reading spring-security-custom-configurer

Fixing 401s with CORS Preflights and Spring Security 1. Overview In this short tutorial, we’re going to learn how to solve the error “Response for preflight has invalid HTTP status code 401”, which can occur in applications that support cross-origin communication and use Spring Security. First, we’ll see what cross-origin… Continue Reading spring-security-cors-preflight

Spring Security – Customize the 403 Forbidden/Access Denied Page 1. Introduction In this article, we will show how to customize the access denied page in a Spring Security project. This can be achieved either through the Spring Security configuration or web application configuration in the web.xml file. In the remaining… Continue Reading spring-security-custom-access-denied-page

Introduction to Java Config for Spring Security 1. Overview This article is an introduction to Java configuration for Spring Security which enables users to easily configure Spring Security without the use of XML. Java configuration was added to the Spring framework in Spring 3.1 and extended to Spring Security in… Continue Reading java-config-spring-security