Spring boot 3 & Spring security 6 - Roles and Permissions Based Authorization Explained!
Рет қаралды 66,927
Күн бұрынBuy me a coffee: ko-fi.com/boualiali 🔐 Unlock the power of Spring Security and take your application's security to the next level! In this comprehensive tutorial, we dive deep into roles and permissions-based authorization using Spring Boot 3 and Spring Security 6. Whether you're a beginner or an experienced developer, this video has everything you need to level up your security game!
🎁 Spring Data JPA course: aliboucoding.com/p/the-full-g...
🎁 🚀 COUPON Code: EARLYBIRD20
Don't Forget to
===========================================
💯 Free courses here: aliboucoding.com/courses
💯 Subscribe to the youtube channel
💯 Join our Discord Community - / discord
💯 Join our Facebook Group - / 589612651142975
💯 Join our Instagram: / alibou_coding
00:00 Introduction to Spring Security
01:29 Understanding Roles and Permissions
03:50 Add Admin and Manager resources (Endpoints)
06:46 Create roles and permissions
16:38 Configuration-based Authorization using Request Matchers
22:08 Insert users at application startup
26:11 Test the configuration based Authorization
32:12 Annotation-based Authorization using @PreAuthorize
37:09 Test the annotation based Authorization
38:39 Choose the right authorization approach for your use case
42:29 Outro
By the end of this tutorial, you'll be able to:
✅ Implement role-based and permissions-based authorization in your Spring Boot applications.
✅ Choose the right authorization approach for your use case.
✅ Secure your application using annotations and configuration-based authorization.
✅ Create custom permission evaluators and leverage Spring Expression Language (SpEL) for complex security rules.
📚 Resources and Code Examples:
Spring Security Documentation: spring.io/projects/spring-sec...
Github Repository with Code Examples: github.com/ali-bouali/spring-...
Don't forget to 👍 like, 💬 comment, and 🔔 subscribe to stay updated with the latest content on Spring Boot and Java development!
🔎 Tags:
#SpringSecurity #SpringBoot #RolesAndPermissions #Authorization #Java #SpringFramework #WebDevelopment #Tutorial #microservices #microservicestutorial #springframework
#cicd #spring #learning #springboot #springtutorial #springsecurity #developpement #java #aliboucoding #alibou #springboot_3
@BoualiAli 11 ай бұрын
Join the Micro Services course waiting list and get and get an exclusive *EARLY-BIRD discount* aliboucoding.ck.page/d0f9317e13
@grarimohamed6450 Жыл бұрын
I have been waiting for this video for a long time. Thank you ❤
@BoualiAli Жыл бұрын
Happy to help
@maryamalsulaiman3321 Жыл бұрын
After watching a lot of videos, I can say you are the best one who explains it very smoothly and clearly 🤩 Thank you Alibou for your hard efforts 🙏
@BoualiAli Жыл бұрын
thank you so much for the nice comment. really appreciate that
@maryamalsulaiman3321 Жыл бұрын
@@BoualiAli Hi bouali, I have a question. I am currently working on a project that requires to store the roles and permissions in a database. In this case, how can we apply and use the stored permissions in the database to authorize the actions? 🤔
@AudiSeshaiahM Жыл бұрын
I also have the similar requirement. Guide me on how this was implemented if already done.
@KhalilChargui-jm1fj 5 ай бұрын
Thank you so much, you are making the life easier.
@marcellonazar Жыл бұрын
congratulations, your videos are much more informative than many courses, a hug from brazil
@BoualiAli Жыл бұрын
Thank you 🙏 Really appreciate that
@raxkhmanR Жыл бұрын
One of the best tutorials out there!!
@BoualiAli Жыл бұрын
Happy you liked it!
@luxekochannel 7 ай бұрын
Great video. U help me alot
@alexkouasseu6396 Жыл бұрын
Thanks for this video Ali. A master class as always ❤🔥❤🔥❤🔥
@BoualiAli Жыл бұрын
Happy to know that
@khalilbouali3480 10 ай бұрын
thanks a lot Ali ! This was very helpful
@BoualiAli 10 ай бұрын
Glad it helped!
@javlonbek811 Жыл бұрын
thank you so much Alibou I learned a lot you are the best
@BoualiAli Жыл бұрын
Happy to hear that!
@GROOVETECHSETS Жыл бұрын
Really apreciate it! Super well explained.
@BoualiAli Жыл бұрын
Happy you liked it
@genusleemapedze1177 Жыл бұрын
Jus occupied with some school work but once done I will follow. I love your content bro. God bless you
@BoualiAli Жыл бұрын
Really to have you with us. I will keep posting more and more content. A lot is coming in different areas not only spring
@bearsenseii 7 ай бұрын
THANK YOU SO MUCH I VE SEEN YOU !! U R GREAT
@BoualiAli 7 ай бұрын
You are so welcome!
@user-wg5yw8tw7s 7 ай бұрын
Great tutorial, thanks very much. I was just searched role and permission based security
@BoualiAli 7 ай бұрын
Glad it helped
@abu-dukhan Жыл бұрын
Maasha Allah, Wollah I'm just so so happy that I don't even know what to say. Thank you so much Alibou, this is exactly one of the things I wa thinking to add to my app and Boom 💥 here is it. Waiting for the Swagger docs 😁 Thank you so so much, JazaakAllahu khairan ❤
@BoualiAli Жыл бұрын
Swagger docs is published now 😁 Perfect timing
@swipped99 2 ай бұрын
Great tutorial as usual!
@BoualiAli 2 ай бұрын
glad you liked it!
@marius87chao Жыл бұрын
I LOVE YOU! THX for the video
@BoualiAli Жыл бұрын
Happy you liked it
@Igris004 25 күн бұрын
You have the outstanding tutorials, çok teşekkür ederim kardeşim
@user-jg5xy8yw6j 4 ай бұрын
This content is amazing Sr. Thanks.
@BoualiAli 3 ай бұрын
Glad you enjoy it!
@ukaszkiepas57 27 күн бұрын
thank you mate
@samuelstefancic8050 Жыл бұрын
T'es vraiment trop trop fort, c'est incroyable
@BoualiAli Жыл бұрын
Really happy you liked it
@monirzaman5366 2 ай бұрын
Learned lot of things. Thanks a lot
@BoualiAli 2 ай бұрын
Glad to hear that!
@burakturker804 9 ай бұрын
great video thank you so much
@BoualiAli 8 ай бұрын
Happy you liked it!
@mohamednaitmoussa2600 10 ай бұрын
another awesome helpful video 💪
@BoualiAli 10 ай бұрын
My pleasure!
@user-lv5zh2ob4m Жыл бұрын
Сподобалося відео! Дякую
@BoualiAli Жыл бұрын
My pleasure. thank you so much for you feedback (I use translations to understand it lol)
@anurag-sachan Жыл бұрын
Great Job Brother, Tried watching different videos to get better understanding, but yours was too good. Also, Your debugging part was impressive, consider making a video on it too.
@BoualiAli Жыл бұрын
Already published a video on debugging. Go check it in my channel
@BoualiAli Жыл бұрын
COUPON Code: *EARLYBIRD20* => Spring Data J PA course: aliboucoding.com/p/the-full-guide-to-master-spring-boot-data-jpa
@renike8894 11 ай бұрын
You're the best!
@BoualiAli 11 ай бұрын
Thank you
@Ram_Dev Жыл бұрын
You are the best man
@BoualiAli Жыл бұрын
Thank you my friend
@beka3304 5 ай бұрын
The best, Thanks
@BoualiAli 3 ай бұрын
Thank you too!
@t_oguz06 11 ай бұрын
better clearance and better understanding, thx
@BoualiAli 11 ай бұрын
Glad it helped
@sandun4983 15 күн бұрын
very good.
@ayyubxonrustamov700 10 ай бұрын
Thank you Alibou for amazing contents! Please make a video about "Auditing entities in Spring boot".
@BoualiAli 10 ай бұрын
Sure, great Idea
@chanchhaya Жыл бұрын
I love your video
@BoualiAli Жыл бұрын
Happy you liked it
@AleksandarT10 8 ай бұрын
Great video and explanation. Personally i prefer the PreAuthorize annotation on methods - to have a grainer control for the endpoints. But as Ali mentioned - it depends on what you want to achieve and how it works for you.
@BoualiAli 8 ай бұрын
Great point!
@shadownight3106 Жыл бұрын
like, brb later. Who is the man? You are the man
@BoualiAli Жыл бұрын
Thank youu
@abderrahmanebenbakka9981 Жыл бұрын
Thank you very much sir Ali ♥️, could you make us a video on the front-end using angular🙏.
@BoualiAli Жыл бұрын
Really happy you liked it Already working on it
@abdulmajidniazai6869 Жыл бұрын
Awesome video I really appreciate you , can make video how to create dynamic role and permission which admin user can change it anytime for any endpoint dynamically
@BoualiAli Жыл бұрын
Yes, soon
@SteveT-tg4eb 5 ай бұрын
what if the role needs to be dynamic meaning not only tied to ADMIN, MANAGER ? is there a good way to handle it?
@trevtechofficial Жыл бұрын
Great video, great content.Kindly next time we can make the roles and permissions configurable so that different actions can be assigned to different roles via an endpoint for scalability.
@BoualiAli Жыл бұрын
I will note that for the coming video
@trevtechofficial Жыл бұрын
@@BoualiAli I appreciate.Good stuff man.
@marianojm5675 Жыл бұрын
It would be great if you could make a video on how to debug. Your explanations and your code are the best. Thanks for making Spring understandable!!
@BoualiAli Жыл бұрын
I will create one ASAP
@Ikhideifidon 11 ай бұрын
I really need that
@BoualiAli 11 ай бұрын
@@Ikhideifidon the video is already published. Enable the notifications so you won’t miss any new video
@devozs Жыл бұрын
Great video, thanks for that and for the rest of your Spring tutorial. Would be great if you can combine this Roles and Permissions Based Authorization together with Oauth2 and show how the provider (i.e. google) goes together with user, roles and permissions entities.
@BoualiAli Жыл бұрын
I’m already preparing a video about keycloack that will cover all that
@devozs Жыл бұрын
@@BoualiAli thanks! keycloack sounds great, you mean it will also allow Oauth2?
@BoualiAli Жыл бұрын
@@devozs yes
@belerante4595 Жыл бұрын
@@BoualiAli man, I was searching a video like this, and I just read this comment! With the quality of your content the wait will be worth it!
@BoualiAli Жыл бұрын
@@belerante4595 you will absolutely like the content
@user-mo9du4bm5w 3 ай бұрын
Great video! Could you also make a small video on the intellij shortcuts to cut down our development time like the one you used to replace the word on multiple lines at a single time?
@BoualiAli 3 ай бұрын
I will create a short for that (reel)
@iyasuj1365 Жыл бұрын
Thanks for your videos, you provide AWESOME content in great depth. IF you can also do project based videos like e-commerce,learning management system, content management system so that we get a full scope to how to do projects,Thanks again
@BoualiAli Жыл бұрын
I'm already working on a new course.
@nikolaykutsev6467 Жыл бұрын
@@BoualiAli A simple User Management System will be perfect! :)
@ggriffaw Жыл бұрын
Thanks for the video. I am interested in a video about debugging.
@BoualiAli Жыл бұрын
WIP
@mirarima8877 Жыл бұрын
yeahh thank youu 🤓🤓🤓
@BoualiAli Жыл бұрын
My pleasure
@antonellopierri961 6 ай бұрын
Awesome
@BoualiAli 3 ай бұрын
Glad you think so!
@user-yq4pv1md3p 4 ай бұрын
Thank you for the video I think the main concept here is that a role is a container for permissions
@BoualiAli 3 ай бұрын
exact
@DimasEdyPrasetyo Жыл бұрын
Finally!!
@BoualiAli Жыл бұрын
Yess hahah
@ajaybiswal1 Ай бұрын
Nice Video. In the video u mentioned about earlier video about User. Can u pls provide the link for the same
@zurumogbonda3225 Жыл бұрын
Awesome as always.... Debugging Video please
@BoualiAli Жыл бұрын
Already published. Enable the notifications for next times
@mosestechtalk 10 ай бұрын
Thanks for this awesome tutorial, please when are you doing the tutorial on debugging as you said in the video using Intellij, thanks.
@BoualiAli 10 ай бұрын
Already published sometime ago. Enable the notifications, I'm always saying that so you don't miss any videos
@mosestechtalk 10 ай бұрын
@@BoualiAli Thanks much
@birenchetry5531 Жыл бұрын
Thank you for uploading such important educational video.. sir please upload Oauth 2.0 complete course, how can manage resource URL to Authorised for different particular user(role-base Authorization using OAuth2). And your all videos are deserving to get five star feedback.
@BoualiAli Жыл бұрын
coming soon
@programming97 5 ай бұрын
great
@badreddine4296 Жыл бұрын
Hey, first and foremost, I want to express my gratitude for your time and the incredible effort you put into creating quality content for us. Your tutorials have been immensely helpful in my learning journey. I am currently working on a project where I would like to incorporate JWT (JSON Web Tokens) into my Spring Boot/Angular application. After conducting extensive research on the subject, I couldn't find anything that clarifies the concept and its implementation better than your videos. If possible, I kindly request if you could expedite the creation of a tutorial that demonstrates the integration of JWT in both the backend (Spring Boot) and the frontend (Angular). I truly value your expertise, and having your guidance in this particular area would be invaluable to me. I understand if this request might be challenging or time-consuming, so please let me know if it is feasible within a reasonable timeframe. Lastly, I would like to mention how much I appreciate your channel and the valuable insights you consistently provide. Your tutorials have been instrumental in deepening my understanding of various concepts, and I truly admire your teaching style. Thank you once again for your dedication and contribution to the learning community.
@BoualiAli Жыл бұрын
I really appreciate your comment and how motivating it is. I'm already working on an angular course that should be released soon. I will cover almost everything in it
@badreddine4296 Жыл бұрын
@@BoualiAli thank u sir , we are impatiently waiting. Thanks for ur time once again
@MrJayenta Жыл бұрын
Thank Sir, Plz include with the jwt Exception too
@BoualiAli Жыл бұрын
Check the exception handling video. it wil help you
@kaustavgupta7484 Жыл бұрын
Great content. Please make a video on debug in intelliJ. Thanks
@BoualiAli Жыл бұрын
Sure I will
@kaustavgupta7484 Жыл бұрын
@@BoualiAli looking forward to it..😊😊
@cuervolu 6 ай бұрын
Hello, and thank you for the excellent course and quality content on your channel. I've been following the series for a while, making some adjustments to fit my directory structure and architecture, but nothing significant. However, I'm encountering a problem where, regardless of the role I use, I get a 403 error when accessing the DemoController. The roles and permissions code is identical (I made sure to copy and paste your code from the repository), yet the issue persists. The console output correctly identifies the user role and details, but the 403 forbidden error persists. Did I overlook something? Perhaps I missed a detail or misunderstood a part of the instructions. What steps can I take to debug this issue? Many thanks in advance. P.S.: I apologize if my English isn't perfect; it's not my native language.Hello,
@supun_sandaruwan 9 ай бұрын
Great tutorial, We need intellij debugging video with your secret tips ❤😍🔥
@BoualiAli 8 ай бұрын
Already done. Subscribe and enable the notification so you won't miss any new video
@supun_sandaruwan 8 ай бұрын
already done 🤩 thank you again ❤️
@muokinzangi3067 Ай бұрын
Great video. Have developed a video on Debugging on Intelij IDEA?
@BoualiAli Ай бұрын
yes
@user-kv6bl8ct9g 2 ай бұрын
What design pattern would you suggest to use to overlay this program?
@diabawii Жыл бұрын
Very nice and clear video. I also wanted to ask is it common in java that the permissions are hard coded and not stored in db for an example. I see many people doing this approach, but didn't come across any that used db to store user permissions.
@BoualiAli Жыл бұрын
Yes if you have already all the scopes predefined. Otherwise it can be stored into a database to make more dynamic and scalable. I will try to make a video explaining that
@diabawii Жыл бұрын
@@BoualiAli that would be amazing to see, hopefully we can see that video coming to light.
@firasbrinsi9231 Жыл бұрын
Would love to see user management and authentication with Keycloak
@BoualiAli Жыл бұрын
Already preparing the content
@abdulhannan7372 Жыл бұрын
It was a very helpful video. One thing I wanna ask is that if we have two different entities lets say buyer and seller which have there own controllers and repositories then how will we be managing their repositories in ApplicationConfig. Thanks and waiting for a reply
@BoualiAli Жыл бұрын
Can you please explain a bit more, I didn't get the topic
@paulakerejola24 10 ай бұрын
Hi Ali, Great tutorial. I was wondering, if I wanted to implement a situation where the manager can grant or revoke permissions to admins i.e have a table of permissions mapped to a user(admin) and the manager can add and remove permission to different resources from the admins permission list. How do I go about this instead of hardcoding the resources that all admins should be able to access. Thanks again for this lesson.
@BoualiAli 8 ай бұрын
You can store them in a database or use OAuth2 instead and it will handle everything for you
@ivanovsergiu8575 7 ай бұрын
Thank you, one of the best tutorial on Permissions and Roles I have ever seen. Please create a new tutorial about how to implement granularity and hierarchy of each role. Let's say I have list of 1000 companies from 100 countries, I would like an user responsible for updating ONLY companies from Germany, while other ONLY from USA, and UK . How would you do it? Would you create 100 Permissions? for each country?
@BoualiAli 3 ай бұрын
Glad you liked it!
@JayasuryaASurya Ай бұрын
What is the answer for the question ?
@Monsaw1 Жыл бұрын
Thanks so much, boss, I'm a bit skeptical about what and while we need to seperate authority i.e (admin:create, admin:delete etc.) , are you saying if i use (admin:create) on all the endpoint(methods), i will not be able to access the resources? Like. Thnaks
@BoualiAli Жыл бұрын
it always depends on you needs and business rules
@deeplife9654 4 ай бұрын
I am having a hard time to follow your video. Which order I should watch the video of Spring security series ?
@badreddine4296 Жыл бұрын
I hope this message finds you in good health. I would like to express my deep appreciation for discovering your channel, and I am truly grateful for the valuable content you provide. Your work has been immensely helpful to me. I do have a question that I would like to pose. As a novice in the field of Spring Security, I am wondering if it would be beneficial for me to watch your previous video titled "Spring Boot 3.0 - Secure your API with JWT Token [2023]" as a starting point. Is this video considered a foundational resource that would aid in better comprehension before proceeding further? Thank you for your continuous efforts, and I eagerly anticipate your response.
@BoualiAli Жыл бұрын
I really appreciate your comment and feedback and I'm always happy to help. the answer is yes, start with that video, the the logout video, after that the refresh token video and finally this one. I will post a video combining all the security tutorials I created so you can have a full one
@badreddine4296 Жыл бұрын
@@BoualiAli thank you for your answer , this is what I'm currently doing. thank you for your help again and for your time .
@divyanshsaini1077 8 ай бұрын
can we implement authorisation at the Gateway level? this will reduce changing a lot of code in the application in the downstream of Gateway.
@SuperHuman748 Ай бұрын
@Boulaali Ali ---- Can we handle roles or add new roles to system/app from db or file etc.. dynamically may be from UI etc. with our restarting application in Spring Boot. And also needs to apply these ne roles and permissions on ui pages as well with easy. Please consider PhpRad application where we Can define roles to existing pages from UI
@badreddine4296 Жыл бұрын
Hey, could you do a video about this jwt and add angular please.
@BoualiAli Жыл бұрын
Working on it
@ulascanthedev Жыл бұрын
Thank you so much for this great content! I have a question I would like to ask: I am developing a project in microservice architecture and I have 3 independent services in different repos. My system also has discovery server and API gateway in separate repos. I want to apply role-based auth to services with jwt. I implemented jwt to API Gateway, but I want to control these requests on a role-based basis, just like in the video. If I do the same implementation as you did in your video to the api gateway, can I achieve role-based auth using only @PreAuthorize("hasRole('ADMIN')") or @PreAuthorize("hasAuthority('admin:create')") annotations in the other 3 services? ?
@BoualiAli Жыл бұрын
Happy you liked it yes you can achieve this in the same way you described
@user-lk9lr8hg2n Жыл бұрын
hello alibu and congratulations for the perfect job. I build a rest api and i have an entity called event. I use command objects for response and i am wondering how i can implement the authorities because for example in a Get ~/event/ request if user is admin I need to return adminEventCommandObject if use is HR i need to return hREventCommandObject etc.
@BoualiAli Жыл бұрын
Can you please post in the discord server?
@HYR0720 11 ай бұрын
Hello~ thank you for sharing your tutorial! I appreciate it!. I just followed your code in spring security. I just have a problem which are not allowed different kind of users for login. I have no idea why.
@BoualiAli 11 ай бұрын
Can you explain a bit more please?
@3xperttt 3 ай бұрын
If you face this error -> Access denied and loop error issue, after creating get user request/update user. Watch Bouali's video titled 'How To Fix Infinite Recursion Loop in Spring Boot'. Thanks, Bouali.
@BoualiAli 3 ай бұрын
thanks for sharing
@paulobruno1267 Жыл бұрын
Can you explain to us how to make a many to many relationship (many users has many roles)?
@BoualiAli Жыл бұрын
Check the spring data jpa playlist
@safarboyalkhwarizmi Жыл бұрын
Right here I think there is a mistake that is you can get even refresh token with access token, I don't know maybe
@BoualiAli Жыл бұрын
Can you explain?
@Bstbln Жыл бұрын
Many thanks for this! Just one thing puzzles me, why do you include ADMIN_* permissions in hasAnyAuthority of requestMatchers(*, "/management"), wouldn't it work already if you just included MANAGER_*? I think you defined the admin role as containing all the manager permissions, wouldn't that be sufficient already?
@BoualiAli Жыл бұрын
thank you. I need to double check the code. I forgot honestly
@user-iy7fo8bg5f 8 ай бұрын
please make a video handle the security exceptions. cause the right resource pretty much missing on the internet
@BoualiAli 8 ай бұрын
Sure
@user-iy7fo8bg5f 8 ай бұрын
Allah bless you ❤@@BoualiAli
@debkr 7 ай бұрын
In this particular use case when I am already using role do I need add permissions anymore? Is it not redundant?
@BoualiAli 3 ай бұрын
check my github account
@86Saurabh1 8 ай бұрын
Great video as it explains Authorisation in more details. I am having an issue when I am trying to add a new role after the data has been loaded to MySQL DB. So if I create a new role "READ_ONLY" , and add that role during service call, I get 403 Error with message that "Data truncated for column 'role' at row 1". Now if I use "ddl-auto=create-drop", then it will work because this will always pre-populate the Role values from scratch but if I am using "ddl-auto=update", and add new Role like mentioned above, I will get the above error. Not sure if this is happening with MySQL only.
@86Saurabh1 8 ай бұрын
One walkthrough is to add a new value like "READ_ONLY" to the columns directly in the database. But that won't be good practice for Production DB.
@BoualiAli 8 ай бұрын
Check the data compatibility: type, length,...
@ferio2828 10 ай бұрын
DEBUG FOR INTELLIJ 🙏
@BoualiAli 10 ай бұрын
Already published
@MYYJOURNEYS Жыл бұрын
Please add video on debugging
@BoualiAli Жыл бұрын
Coming next week
@MYYJOURNEYS Жыл бұрын
Love you 😘
@vishnupr2539 Жыл бұрын
hey I have a small doubt , say I have admin with create and read only permission so how can i implement this coustomization of premission
@BoualiAli Жыл бұрын
Just create the role and assign the required permissions to it as explained
@rehamalmutairi184 3 ай бұрын
What the differences between role and permission? and can I use role only to meet the authorization requirement ?
@BoualiAli 3 ай бұрын
they are almost the same. Permission and more granular comparing to roles. Roles are global, meanwhile permissions are specific to user actions (who can do what) You can use only roles to meet the auth requirements
@kraigochieng6395 Жыл бұрын
You really sound like Amigoscode😅... in a nice way
@BoualiAli Жыл бұрын
You think so? 😂
@kraigochieng6395 Жыл бұрын
@@BoualiAli Yeah😅. Using phrases like 'Before we get into this...'
@BoualiAli Жыл бұрын
@@kraigochieng6395 😂😂 I never noticed that
@user-dn9gf7il9e 10 ай бұрын
very nice tutorial, but I have a doubt that how to give permissions dynamically like if a new user added to the system then how to give roles and permissions to that user? if any one know please let me know ):
@BoualiAli 10 ай бұрын
I will make a video for that too, soon
@campeone3 9 ай бұрын
hello Bouali, i want to ask how can i implement an option for deleting an account and that the user that created an account can delete his own account.
@BoualiAli 8 ай бұрын
you need to implement the logic to do that
@user-hz1eu9zb5q Жыл бұрын
Is the generated token for each roles changes every time?
@BoualiAli Жыл бұрын
yes
@user-er9pc2or6b 9 ай бұрын
Nice video, but How to use this service for multiple microservices. to provide authentication as per role.
@BoualiAli 8 ай бұрын
Implement it on the gateway
@dattatraybharde2902 8 ай бұрын
@@BoualiAli if possible pls make video on that..
@michealjohn5288 Жыл бұрын
pls create a video on how to debug on intelliji
@BoualiAli Жыл бұрын
Sure, I will
@anjanx44 11 ай бұрын
@BoualiAli How can I save and get the role, permission and resource from database?
@BoualiAli 11 ай бұрын
Just create entities for them and add the relations
@anjanx44 11 ай бұрын
@@BoualiAli checking, will update soon.
@utkarshgupta6091 11 ай бұрын
Is there a way to handle permissions in keycloak?
@BoualiAli 11 ай бұрын
Yes, check the keycloack video
@onaodowanaugustine5088 2 ай бұрын
I just found GOLD..........Thank you for this @BoualiAli
@Vinny254 Жыл бұрын
Authorize using azure ad ... Manage permissions in local database
@BoualiAli Жыл бұрын
I will try
@giaphu623 11 ай бұрын
Hello! I attempted to follow your instructions and had some success. However, when I tried to use the @PreAuthorize annotation in either the admin or management controller, I consistently received a 403 error (the previous requestMatchers worked fine)
@BoualiAli 11 ай бұрын
Did you add the annotation to enable the @PreAuthorize?
@giaphu623 11 ай бұрын
@BoualiAli, my bad. I forgot to enable the method. Thank you very much!
@user-zi4jy7gp4q Жыл бұрын
in 9:28 what is the shortcut that did u use ?
@BoualiAli Жыл бұрын
All the shortcuts that I use are displayed in the green popup
@emometalpunk Жыл бұрын
How can we utilize this microservice with Spring Cloud Gateway and share user details and user authorization among other microservices?
@BoualiAli Жыл бұрын
Nothing special, just implement it on the API Gateway level
@julesruzindana-rukundo6254 11 ай бұрын
Hello sir! is it possible to store files/folders (server) in a multiuser app so that only users with certain roles or only the owner can access it read/modify after. How to do this in springboot. A similar project would help me but I can't find any on github. Can you help me?
@BoualiAli 11 ай бұрын
Yes it is possible. You need to perform the check and secure the endpoint for the authorized users
Genuine Coder
Рет қаралды 34 М.
Spring I/O
Рет қаралды 15 М.
Java Techie
Рет қаралды 212 М.
Learn With Ifte
Рет қаралды 53 М.