Scribd
Upload
6 views10 pages

Spring Security OneNote

The document outlines how to secure a REST API using Spring Security, including dependencies needed for activation and default credentials. It discusses the ability to change the username and password, as well as how to secure specific URLs rather than applying security to all methods. Additionally, it mentions the use of JWT for security and provides relevant dependencies for implementation.

Uploaded by

tcs.boishali.gogoi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views10 pages

Spring Security OneNote

The document outlines how to secure a REST API using Spring Security, including dependencies needed for activation and default credentials. It discusses the ability to change the username and password, as well as how to secure specific URLs rather than applying security to all methods. Additionally, it mentions the use of JWT for security and provides relevant dependencies for implementation.

Uploaded by

tcs.boishali.gogoi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Spring Security

23 March 2025 09:00

What we have developed ?


API

How to secure Rest API using spring security


---------------------------------------------------------------

Note :

<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>

As soon as I put this dep in pom file spring security will be activated……

what is user name and password ?


If we haven't change anything then take pass from console and username is : user by default

can we change username and password ?


Yes we can

How to secure specific URL ?


When we add security-starter in pom.xml the it will apply security filter for all HTTP methods of our
application

Spring Security Page 1


How to solve this above issue ?
Because in reality we need to secure only some methods not all

eg:

/sing-up ---->security not req


/getBal ------> security req
/about-us -----> security not req
/transfer ------> security req

Spring Security Page 2


Spring Security Page 3
req
User load

Spring Security Page 4


Homework
1. logout krna

JWT ---> spring security

JWT

Spring Security Page 5


JWT

Spring Security Page 6


<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-api</artifactId>
<version>0.11.5</version>
</dependency>

Spring Security Page 7


</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<version>0.11.5</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<version>0.11.5</version>
</dependency>

Spring Security Page 8


eyJhbGciOiJIUzM4NCJ9.eyJzdWIiOiJhZG1pbiIsImlhdCI6MTc0MzA1MjM2MCwiZXh
wIjoxNzQzMDUyMzkwfQ.yE5yB7XEMikFSVTp4QxvT4bgRES2-
T9674PHmBFOuEYQOopsrj_ZzkfK0h0Nq0mT

Spring Security Page 9


Spring Security Page 10

You might also like