DEV Community

Cover image for Spring Security: Authentication and Authorization In-Depth

Spring Security: Authentication and Authorization In-Depth

Marco Behler on April 07, 2020

You can use this guide to understand what Spring Security is and how its core features like authentication, authorization or common exploit protect...
Collapse
 
brunodrugowick profile image
Bruno Drugowick • Edited

I'm halfway through, will read everything for sure since I believe security is way too important for us developers to not understand how it works... but I felt the need to come here and congratulate you for this comprehensive, complete and "unicorn-worthy" content!

Not only the content is complete but it's so much well written that i didn't even notice the last forty minutes I spent reading this article and two others linked here.

Man, I envy your writing skills! =)

Collapse
 
marcobehler profile image
Marco Behler

Thank you very much for your kind words, Bruno!

Collapse
 
rapasoft profile image
Pavol Rajzak

That’s a really extensive guide, well done! I’ve had my fair share with almost everything that’s in this article, so I really appreciate you writing everything down! Nice job.

I will bookmark this and share it among my colleagues! :)

Collapse
 
marcobehler profile image
Marco Behler

Thanks!

Collapse
 
jackfr0st13 profile image
Deepak Choudhary

TLDR;
Kidding. Went through all of it only to find the one useful section missing 😂. Waiting for OAuth2 article now.

Great work on the in depth article here though. It's quite extensive and well writ.

Collapse
 
marcobehler profile image
Marco Behler

Everyone seems to be waiting for Oauth ...:D Will keep you posted.

Thanks!

Collapse
 
jackfr0st13 profile image
Deepak Choudhary

Wouldn't surprise me. A lot of companies are using to it.

Collapse
 
shostarsson profile image
Rémi Lavedrine

Didn't read everything, as it is too long for me.
But I bookmarked it.
I got through everything quickly and it just looks like a complete training about these topics.

Thank you for sharing that and to write all of it (I'm sure it takes you so much time).

Collapse
 
marcobehler profile image
Marco Behler

If you ever feel bored...feel free to get back to it :)

Collapse
 
ravindersian profile image
Ravinder Sian

I did a course on spring security and i felt lost after I was just copying code. I wanted to stop security completely. This article is amazing I understand completely and cannot wait to do a full project with front end.

Collapse
 
mateuszjarzyna profile image
Mateusz Jarzyna

In my opinion Spring Security is one of the most complicated Spring's module. So I'm happy that you wrote in depth article.
In my company we are using keycloak to simplify user management (integrations, reseting password, "remember me", etc), highly recomented.

Collapse
 
marcobehler profile image
Marco Behler

Yup, Keycloak is a pretty popular choice nowadays.

Collapse
 
vdelitz profile image
vdelitz

Hey, habe gerade deinen detaillierten Blog Post zu Spring Security und Authentication/Authorization gelesen. Echt sehr gut geschrieben und konnte eine Menge mitnehmen. Habe mich selbst in den letzten Monaten näher mit WebAuthn / Passkeys als Authentication-Möglichkeit beschäftigt - hast Du das mit Spring auch mal implementiert?

Collapse
 
ximbal profile image
EN • Edited

do you have any example repos for your code?

Great write up! Kudos!

Collapse
 
marcobehler profile image
Marco Behler

Sorry, there's no example code repo at the moment.

Collapse
 
alex_p profile image
alexpersegona

Someone sent me a link to the cyber symposium that's going on now. See it here: trunews.com/stream/mike-lindells-c.... What do you guys think about that?