Комментарии:
Important note: In the video, I provide the JWT secret as a constant variable in the Java class. As you might imagine, please don't do that in a real application!
It's not a good idea to check in passwords / secret keys in your code. You should get that from a setting / property file that's in a more secure location and not in your source code repository.
(Thanks to Olivier for pointing this out in the comments)
Full deprecated course , Not Recommended
ОтветитьHi Kaushik Sir, I've few query regarding the WebSecurityCongigurerAdapter. I'm not able to get the import for this class. I'm using Spring Boot version 3.1.3. What changes I need to make so that I can use the Database authentication . Please do reply. Others are also open to help me here.
ОтветитьExcellent !! Crystal Clear
ОтветитьHey, do you have any videos with the modern way of doing things (without WebSecurityConfigurerAdapter)? This video is pure gold and it would be tremendously useful if there was a video for whatever the new way is.
ОтветитьWebSecurityConfigurerAdapter is now deprecated. It would be great if you could update the playlists accordingly. Great playlist to learn WebSecurity but this thing will help a lot.
ОтветитьIt would be more better if you provide the GIT hub link for same code.
ОтветитьToo bad WebSecurityConfigurerAdapter is deprecated...
ОтветитьOne doubt, in JwtRequestFilter, in 42nd line we are checking if(username!=null && SecurityContextHolder.getContext().getAuthentication() == null) only then we are validating the token. But for the first time when the user will log in, SecurityContextHolder.getContext().setAuthentication() will be invoked and the user details will be put in SecurityContextHolder. So upon every subsequent request, the if condition will fail as SecurityContextHolder.getContext().getAuthentication() != null. Then how is the token validated?
ОтветитьHi, i am a fan of your teaching. However, i see couple of things you are using are right now depracated and cannot be used like WebSecurityConfigurerAdapter. Such class dont exist in spring boot 3. Can you please create a new playlist with new implementations
Ответитьcan I get the source code for this
ОтветитьFantastic...
ОтветитьJwtFilter can cause the authentication fails such as when token is expired or when the user is not found. How can i send back response based on the failure cause?
Ответитьcan I have a diagram flow for this understanding more easy.
ОтветитьThank you so much for this awesome tutorial.🙂
ОтветитьWhaooo. This is very helpful. Thank you Sir !! Very well explained !
ОтветитьCan you expand upon this example and implement refresh tokens?
ОтветитьThank you, Its Awesome.
Can you please help us with Bearer? What significant of Bearer in JWT token.
Can you please update the tutorial with with new version of spring boot security. AuthenticationManager bean has been updated.
Ответитьplease can we get a git repo for this project
Ответить