Login For a Spring Web App – Error Handling and Localization 1. Overview In this article we’re going to illustrate how to implement a simple Login Page with Spring MVC for an application that’s handling the authentication with Spring Security in the backend. For the full details on how to… Continue Reading spring-security-login-error-handling-localization

Allow Authentication from Accepted Locations Only with Spring Security 1. Overview In this tutorial, we’ll focus on a very interesting security feature – securing the account of a user based on their location. Simply put, we’ll block any login from unusual or non-standard locations and allow the user to enable… Continue Reading spring-security-restrict-authentication-by-geography

Spring Security Basic Authentication 1. Overview This tutorial shows how to set up, configure and customize Basic Authentication with Spring. We’re going to built on top of the simple Spring MVC example, and secure the UI of the MVC application with the Basic Auth mechanism provided by Spring Security. 2.… Continue Reading spring-security-basic-authentication

Two Factor Auth with Spring Security 1. Overview In this tutorial, we’re going to implement Two Factor Authentication functionality with a Soft Token and Spring Security. We’re going to be adding the new functionality into an existing, simple login flow and use the Google Authenticator app to generate the tokens.… Continue Reading spring-security-two-factor-authentication-with-soft-token

Spring Security Login Page with React 1. Overview React is a component-based JavaScript library built by Facebook. With React, we can build complex web applications with ease. In this article, we’re going to make Spring Security work together with a React Login page. We’ll take advantage of the existing Spring Security… Continue Reading spring-security-login-react

CAS SSO With Spring Security 1. Overview In this article, we’re going to look at integrating the Central Authentication Service (CAS) with Spring Security. CAS is a Single Sign-On (SSO) service. Let’s say we have applications requiring user authentication. The most common method is to implement a security mechanism for… Continue Reading spring-security-cas-sso

Prevent Brute Force Authentication Attempts with Spring Security 1. Overview In this quick tutorial, we’ll implement a basic solution for preventing brute force authentication attempts using Spring Security. Simply put – we’ll keep a record of the number of failed attempts originating from a single IP address. If that particular… Continue Reading spring-security-block-brute-force-authentication-attempts

Logout in an OAuth Secured Application 1. Overview In this quick tutorial, we’re going to show how we can add logout functionality to an OAuth Spring Security application. We’ll, of course, use the OAuth application described in a previous article – Creating a REST API with OAuth2. 2. Remove the… Continue Reading logout-spring-security-oauth

X.509 Authentication in Spring Security 1. Overview In this article, we’ll focus on the main use cases for X.509 certificate authentication – verifying the identity of a communication peer when using the HTTPS (HTTP over SSL) protocol. Simply put – while a secure connection is established, the client verifies the… Continue Reading x-509-authentication-in-spring-security