AuthenticationTag Archive

Spring Security – Run-As Authentication 1. Overview In this tutorial, we’ll illustrate how to use Run-As authentication in Spring Security with a simple scenario. The very high-level explanation about Run-As is as follows: a user can execute some piece of logic as another principal with different privileges. 2. The RunAsManager… Continue Reading spring-security-run-as-auth

Authentication Against a REST Service with Spring Security REST Spring Security Authentication RestTemplate Table of Contents 1. Overview 2. The Goal 3. The Client 4. Testing the Authentication Service 5. Conclusion 1. Overview This article is focused on how to authenticate against a secure REST API that provides a RESTful… Continue Reading authentication-against-a-third-party-service

Spring Security Logout 1. Overview This article is building on top of our Form Login tutorial and is going to focus on the how to configure Logout with Spring Security. Further reading: Spring Security: Authentication with a Database-backed UserDetailsService A quick guide to to create a custom database-backed UserDetailsService for… Continue Reading spring-security-logout

Spring Security Custom AuthenticationFailureHandler 1. Overview In this quick tutorial, we’re going to illustrate how to customize Spring Security’s authentication failures handling in a Spring Boot application. The goal is to authenticate users using a form login approach. For an introduction to Spring Security and Form Login in Spring Boot, please refer to this and this article, respectively.… Continue Reading spring-security-custom-authentication-failure-handler

Spring Security Digest Authentication 1. Overview This tutorial shows how to set up, configure and customize Digest Authentication with Spring. Similar to the previous article covering Basic Authentication, we’re going to built on top of the Spring MVC tutorial, and secure the application with the Digest Auth mechanism provided by… Continue Reading spring-security-digest-authentication

Redirect to Different Pages after Login with Spring Security 1. Overview A common requirement for a web application is to redirect different types of users to different pages after login. An example of this would be redirecting standard users to a /homepage.html page and admin users to a /console.html page… Continue Reading spring_redirect_after_login

Spring Security – Auto Login User After Registration 1. Overview In this quick tutorial, we’ll discuss how to auto-authenticate users immediately after the registration process – in a Spring Security implementation. Simply put, once the user finishes registering, they’re typically redirected to the login page and have to now re-type… Continue Reading spring-security-auto-login-user-after-registration

OAuth2 Remember Me with Refresh Token 1. Overview In this article, we will add a “Remember Me” functionality to an OAuth 2 secured application, by leveraging the OAuth 2 Refresh Token. This article is a continuation of our series on using OAuth 2 to secure a Spring REST API, which… Continue Reading spring-security-oauth2-remember-me

Simple Single Sign-On with Spring Security OAuth2 1. Overview In this tutorial, we’ll discuss how to implement SSO – Single Sign On – using Spring Security OAuth and Spring Boot. We’ll use three separate applications: An Authorization Server – which is the central authentication mechanism Two Client Applications: the applications… Continue Reading sso-spring-security-oauth2