We're a place where coders share, stay up-to-date and grow their careers.
JwtAuthenticationFilter
JwtAuthorizationFilter
hasRole("ADMIN")
"ROLE_ADMIN"
In my example, roles and user are defined in SecurityConfiguration (in-memory user).
SecurityConfiguration
JwtAuthenticationFilter
saves user data and roles into JWT when the user logs in.JwtAuthorizationFilter
parses the JWT during every HTTP request and load user data and roles from JWT into Spring's security context.hasRole("ADMIN")
reads roles from security context and allows request only if there is"ROLE_ADMIN"
.In my example, roles and user are defined in
SecurityConfiguration
(in-memory user).