Highly important guys.. at @01:14 be aware, the role field must be save with "ROLE_" prefix in the DB, (dont know the reason). I wasted alot of time because I entered the authorization role mapping value which is without the "ROLE_" prefix. thank for the tutorial sir, BIG LIKE!
@hemantjain87773 жыл бұрын
@Haim you are a life-saver. Spent like 1 hour to find out what was wrong.
@alessandrosantana96062 жыл бұрын
BIG THANKS MY MAN!
@swathikota Жыл бұрын
The hasRole and hasAnyRole methods used for authorizing requests accept parameters starting with "ROLE_". If you look at the java description for these methods, the parameters that are passed will be automatically appended with ROLE_ in the beginning. So definitely your database needs to have data starting with ROLE_ corresponding to role field or wherever you hard-code the authority value. This is my understanding.
@sarthakgupta290 Жыл бұрын
Your way of explaining complicated concepts in a simple manner is outstanding! Thank you so much!
@kuljeetkumar46575 жыл бұрын
This is what is required on KZbin. Kudos sir Bring full stack courses also. I bet 1 million is not far away then.🙌
@Sausty4 жыл бұрын
Fantastic tutorial, probably the clearest tutorial I've ever watched on a pretty complicated subject. Thank you very much!
@brhaneweldeslase12895 жыл бұрын
I am big fun of your teaching. I don't even want to go for other resources unless I don't find in Java Brains. I really appreciate your contribution to my life. You are such important to me."live long and God bless you."
@francogb5 жыл бұрын
Epic! Thank you! Please talk about integration with JWT
@SushilKumarBhaskar5 жыл бұрын
yes, eager to watch that integration with JWT,
@sujithg58735 жыл бұрын
Yess JWT 🙄🙄🙄🙄🙄
@reluscarlat71405 жыл бұрын
You can find well explained implementations of spring security with JWT in Laurentiu Spilca's spring security playlist: kzbin.info/www/bejne/sHKWpqusbbeAfJI There is pure gold information that really helped me to understand the basics of security for monolith applications and microservices applications. Hope it will help you! :)
@HanilKathuria4 жыл бұрын
Sir, you have made Spring Security so easy to understand. Thank you so much for your efforts😀
@manojkanna2222 жыл бұрын
I saw the whole spring security basic videos, everything till now was explained well. anyone can easily understand these spring security topics. Thank you for your time and effect
@monishad70406 ай бұрын
Clearest tutorial with minimum time. Easy to understand. Thank you for wonderful lectures sir.
@Sebriniel4 жыл бұрын
I've been struggling with Spring Security for days. Your tutorial made me able to install an authentication system on my app in two hours. THANKS!
@AnantaAkash.Podder9 ай бұрын
By Far the Best Explanation of Spring Data JPA with Spring Security...got many concept cleared out of this Tutorial
@damianw3454 жыл бұрын
wow, these are the best tutorials on Spring Security I have ever found on the Internet. Please keep up the good job :)
@SushilKumarBhaskar5 жыл бұрын
Yes Correct, read query many times for authentication/authorization, we might consider using LDAP. LDAP has fast read query.
@Java.Brains5 жыл бұрын
Well, authentication happens only once per session. Also, JPA could be supported by a caching mechanism so that an entity is not looked up more than once.
@midhunma88754 ай бұрын
Thanks, this is the clearest from scratch video i found so far..so difficult to explain yet you made it look easy
@TomosLeggett Жыл бұрын
I've watched almost every single video I could find on this subject and this was the clearest and most helpful and actually worked. Thank you for your help!
@tsegaighebremedhin55365 жыл бұрын
Great Job Koushik!!! I like your teaching style and JavaBrains has been my main source of learning SpringBoot and java related stuff lately!!
@priyankjoshi30183 жыл бұрын
Nice One Koushik, keep the good work up. With addition to all the information, would like to add, spring by default adds "ROLE_" to whatever the role we are trying to check for the user. Thats why Kaushik has inserted ROLE_USER in the roles column of the user table. Now why we are trying to access different urls, spring check the role using the class ExpressionUrlAuthorizationConfigurer which get called from the overriden method configured having HttpSecurity as parameter. Check the implementation for the method hasRole in the method chaining.
@bibekdas35924 жыл бұрын
You are doing a great service by sharing all these...no praise will ever be enough..👍👍👍
@umairkhan40854 жыл бұрын
if @Autowired UserDetailsServices in SecurityCnfiguration is showing error it is due to multiple implementations of that interface spring is confused which one to choose. solutiion :add @Primary annotation above MyUserDataService class that will give preference to your implementation
@hrvooje3 жыл бұрын
Or use @Qualifier("myUserDetailsService") @Autowired UserDetailsService userDetailsService;
@badripaudel773 жыл бұрын
Did anyone try , this project no longer works ? I cloned it and it doesn't work. Says forbidden (403).
@nitiKT Жыл бұрын
Sir, hatsoff to you.. you made learning spring security enjoyable for me.. being dyslexic I hated spring security..
@vurihur45332 жыл бұрын
SIR the whole day I've been trying to get this to work... then 10 minutes in this video and it works now. I really thank you a lot!!!
@jfaber10264 жыл бұрын
It's importante to note that you must add the prefix ROLE_ in MyUserDetails class otherwise it could return a 403 when trying to log in.
@srigunakrishnamoorthy16704 жыл бұрын
Thanks for this.. i have been facing this issue.. But , how can we get rid of this explicitly.
@sheelstera5 жыл бұрын
Great start to the weekend.. God bless.. Please cover JWT, OAuth and SAML
@Torayasu2 жыл бұрын
Clear and simple, managed to implement my own JPA authorization provider thanks to this video. Great Job !
@deeptiadmile99864 жыл бұрын
This security series is absolutely amazing !! All aspects for each type covered.. 😀👍
@mohitpatidar88803 жыл бұрын
You are doing fabulous work Sir...( Y) Hats off to you for giving so much content to the community for free.
@dinunclv7 ай бұрын
really good series of tutorials. Great Job! Since spring 6 some things have slightly changed, but you explain the core principles very well. Thanks!
@SushilKumarBhaskar5 жыл бұрын
Please🙏 upload LDAP supported Spring security ... Eager to watch
@s36494 жыл бұрын
kzbin.info/www/bejne/Y6inhnaenNuMnbc
@dineshshekhawat20214 жыл бұрын
17:20 Spring boot verison 2.3.1.RELEASE When creating a dummy UserDetailsService, you also need to comment out the spring-boot-starter-data-jpa in the pom.xml else the server application will fail to start.
@arunkumarjaiswal45624 жыл бұрын
Thanks bro , i was thinking the problem was in Mysql
@tabrezshaikh77054 жыл бұрын
I thought there was a problem in SQL server and I was going to remove the mysql driver dependency from the pom.xml Thanks for your help @Dinesh Shekhawat
@zephyrred33664 жыл бұрын
It's actually a problem with having 2 UserDetailsService beans. You have to qualify which to use.
@ВладиславР-ф2ъ3 жыл бұрын
@@zephyrred3366 so which to use?
@hetalpadia83812 жыл бұрын
@@zephyrred3366 @Qualifier doesnt work.It gives the same error
@AvazkhonNazirovАй бұрын
Best tutorial ever! It is definitely worth your time
@dhananitejendra315110 ай бұрын
By far the best tutorials on spring security. Thanks a lot
@sugoi52409 ай бұрын
your explanation is so good i wanna cry
@divtosz4 жыл бұрын
Thank you so much! You explain so clearly, much better than all the paid courses online! 😄
@awadijohan5 ай бұрын
really I'm so lucky to find your video that helped me well to understand and learn with simple method the authentication with spring security, really I appreciate your qualified explanation. big thanks from bottom of my heart ♥
@Mohamed-uf5jh4 жыл бұрын
Thanks sir, these are the best tutorials on Spring Security I have seen on the Internet
@AshenafiMaru-ul3rg Жыл бұрын
I never knew . . . Spring Boot Security is this easy . . . thanks to you brother!
@igorgvozdic27694 жыл бұрын
I have watched a ton of similar videos, but your videos are best by far!
@thornton4 жыл бұрын
Thank you so much! This unblocked me on a problem I was having with my Repository.
@Runa_Nura4 жыл бұрын
The best video for Security. easy to understand and all codes works fine. Plz Mr make more videos for spring.
@GreatAnubis Жыл бұрын
I've been looking for such tutorial. Great video. Thank you!
@shivaakrish2 жыл бұрын
This is one of the best tutorial i have seen in my entire life :D Thank you so much.
@DrunkenEngineer4 жыл бұрын
Thank you for uploading such video's. Really helps a lot in Interviews.
@barathkumar87404 жыл бұрын
I changed the Naming Strategy in properties as the one used in this tutorial is deprecated in Hibernate 5 spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
@kulashaker303 жыл бұрын
This fixes my issue as well.
@yazidelhachimi16283 жыл бұрын
The best tutorial i've seen on youtube !! Thanks man !
@Frederic_Chopin.3 жыл бұрын
If you are getting a 403 make sure that the role column in USER table = "ROLE_ADMIN"
@RDSRao4 жыл бұрын
Thank you once again, Kaushik for your time and teaching!
@ashiqmohamed66753 жыл бұрын
I tried the Exact same as you explained. But when I login with "/admin" {There was an unexpected error (type=Forbidden, status=403).} this error is comming. Please help
@liferayasif93824 жыл бұрын
Thank you so much, its always pleasant to watch your videos, crystal clear, in details and precise to point. Thank you so much for your tutorial.
@makarandahire21334 жыл бұрын
We are just passing the username for fetching the user details, how does the password is verified during authentication. As in all cases till now we are not verifying the password.
@nageshmath93765 жыл бұрын
Art of coding ,simple and quick
@mojammilkhan49733 жыл бұрын
Great tutorial!!!. btw for authorization, since we are using authorities in Userdetails, we should use hasAuhtority instead of hasRole. .antMatchers("/admin").hasAuthority("ADMIN") .antMatchers("/user").hasAnyAuthority("USER","ADMIN").
@gpr19833 жыл бұрын
Thanks, i was scratching my head with the 403. This helped.
@prakharsaxena46853 жыл бұрын
yes so true
@SirimallaDinesh2 жыл бұрын
Thanks
@AbhishekKumar-bl4hz2 жыл бұрын
@@gpr1983 same here.. Mojammil khan thankyou
@sanskarsharma1002 ай бұрын
Thanks i was stuck here for a long time
@arashaadd2 жыл бұрын
this man is the greatest of all time!!!
@akhilsamineni46284 жыл бұрын
Really AWESOME!! One of the best videos I watched.
@iljatarasovs44164 жыл бұрын
If u are getting 403 error. Change SQL insert example: insert into user (username, password, isactive, roles) values ('admin', 'admin', true, 'ROLE_ADMIN'); //or 'ROLE_USER' but not 'USER'
@ankitbangera72613 жыл бұрын
Thank you, It worked :)
@backtoGodhead03 жыл бұрын
Excellent, Thank you Kaushik, May God bless you!
@bendego28004 жыл бұрын
Thanks for coming back !!
@orhanyarar75524 жыл бұрын
thank you very much for putting this together. Your explanations are very clear, concise and to the point!
@yuhaoli24504 жыл бұрын
If your authorization not working properly after fetch user info from database, remember to name the roles in your DB like "ROLE_USER", "ROLE_AMDIN". Otherwise, your hasRole method will not work!!!!!
@itssandesh4 жыл бұрын
Thanks for help.Now my project is working
@mlprasad795 жыл бұрын
This is good stuff ! Now my weekend is productive as I learned something new from this ! Long live KK !
@rupeshsharma24533 жыл бұрын
A very informative video on spring security. Thanks a lot. Cheers
@drawlzlolwlz59533 жыл бұрын
Finished the tutorial! great job and explanation
@wildanekaputra912 Жыл бұрын
Sir, you deserve a noble.
@abukasozi2955 жыл бұрын
This is pure awesomeness thankyou very much. Amazing!!!!
@abhisheksengupta41595 жыл бұрын
Best video on spring security !! Thanks Kaushik :)
@vasileiosstamos59405 жыл бұрын
Spring Security + JWT Authentication would be superb!
@dimimurik39703 жыл бұрын
Very good tutorial, nice and clear explanations. Thanx a LOT!!
@mitalijena11814 жыл бұрын
I tried the JPA with MySQL but I am getting bad credentials. Could you please help me with this??
@jijuka784 жыл бұрын
Please emphasis that SecurityConfiguration has "ADMIN" while SimpleGrantedAuthority is ROLE_ADMIN Though some people knows Spring security, some don't know.
@mritunjayyadav37884 жыл бұрын
did you get your answer ?
@jijuka784 жыл бұрын
@@mritunjayyadav3788 yes, thanks
@mritunjayyadav37884 жыл бұрын
@@jijuka78 please share it with me too
@rashidaryan4 жыл бұрын
@@mritunjayyadav3788 Please share it with me too
@rashidaryan4 жыл бұрын
@@jijuka78 Please share the answer with me too.
@SrivatsaLakshmi3 жыл бұрын
Fantastic tutorial. Well explained and easy to follow along.
@firozgg75244 жыл бұрын
Tjank you so much brother... It was the best spring security tutorial i've ever watched so far...💜
@AdrianVrabie4 жыл бұрын
Indeed, very well explained! I loved it! Subscribed + Shared!
@RajdeepBarman3 жыл бұрын
Could you make few tutorials that talks about handling user session management after login, thread local etc
@ankitank19904 жыл бұрын
Thanks for your hard effort to make the things done. Awesome
@rudranarayandash14665 жыл бұрын
Before I watched I just click like button 👍
@Chanakya00002 жыл бұрын
You made it look so easy. Thank you.
@srikarmadhavapeddy98813 жыл бұрын
In the MySQL implementation, where are you verifying the password? You are simply taking the username, getting the user details, and passing it to MyUserDetails(). Does that mean, for the above code, you can give any password and it will work?
@exit123ty4 жыл бұрын
In sql database active data type is ?
@samedsakhri51174 жыл бұрын
Best I've ever seen on youtube .. thks man 😀👍
@prageethjayasinghe7093 жыл бұрын
Perfect teaching skills.
@ashokmandadi4 жыл бұрын
very good video bout spring security, usage of lamda expression also very nice
@ChathushkaPeiris2 жыл бұрын
this is exactly i was looking for! thanks!
@ivanetinajero5 жыл бұрын
Great Video. God bless you. Regards from Mexico!
@priscillavannyamelia8736 Жыл бұрын
Amazing tutorial, thank you for creating this video
@francescodigiuseppe734 жыл бұрын
Thanks a lot Prof, you're my best teacher
@deepakkakkar76986 ай бұрын
Awesome explanation man,
@FranklinXPe4 жыл бұрын
Congratulations #JavaBrains. It's the best tutorial I've read about Spring Security + JPA. It's almost complete. Thanks you very much! Pd: I think you should endcoder your password with other tecnique, because it inserts plain-text password.
@Java.Brains4 жыл бұрын
Yes, I do mention that use no-op encoding for simplicity. check out the password encoding tutorial on my channel to learn about password encoding!
@souvikdasgupta89604 жыл бұрын
Very nicely explained. Can you make a tutorial on Spring security + oauth2
@beginner-techies67934 жыл бұрын
wow , amazing explanation, waiting your video on spring boot with keycloak
@Ashrays_melodies2 жыл бұрын
some DBs (like postgresql) does not allow to create database with name 'springsecurity' and table with name 'user' .. probably because they are reserved words .. try using different names in such cases
@anaghavarhade73754 жыл бұрын
Thank you so much for these videos. They are very helpful ❤❤❤
@mihaicosminmavrodin8313 жыл бұрын
Quick question: I have understood and implemented all of this. I have a user that exists inside the DB, and when I try to log him in, all is fine, I get a jwt back and all of that stuff. But when I try to access the /login rest point with invalid credentials, I get a 403 forbidden instead of "username not found". What am I doing wrong? Note: I also set my requests to permitAll(), so that's not to blame.
@ArvindYadav-cn4md4 жыл бұрын
Great job Sir. This is what required.. thank you v much.
@sumitchhonker65183 жыл бұрын
Hey Koushik, Please use white background for IntelliJ - its difficult to view
@Sergio-di1jt4 жыл бұрын
Suscribed and like and thanks
@maheshshelke4989 Жыл бұрын
This tutorial is really helping me alot. Explained so perfectly. here we have created our MyUserDetailsService, but autowired instance of UserDetailsService. Still worked !! Should we MyUserDetailsService ?
@AkhileshKumar-cs2kh4 жыл бұрын
ROLE prefix is the default behaviour of SimpleGrantedAuthority. It took me some time to figure out why Authorization was failing. It was due to this prefix .
@selvakumarm89484 жыл бұрын
Sir, Thanks for you effort to provide us great quality content. I really like your video style. :)
@thiyakarasanrk87442 жыл бұрын
Video is great and usefull. Use mvcMatchers instead of antMatchers for trailing slash / issue. We may use hasAuthority in place of hasRole. This not required ROLE_ prefix in code as well as database.