Spring Security Token Based Authentication JWT Tutorial (Full App Example)

Рет қаралды 10,030

Күн бұрын

Пікірлер: 19

@ElDiariodeJavierSuarez 5 жыл бұрын

Nice. Thanks for the video mate. Next time consider making the code text view a little bigger/close up. It was a little difficult sometimes reading the code

@momedalhouma14 5 жыл бұрын

very good content, hope to see more things on spring security

@szymusu 3 жыл бұрын

Clear and helpful video c: but why light theme

@magiapensada 4 жыл бұрын

this was a huge help for me ... thank you very much

@hemamalik2673 4 жыл бұрын

THANKU SO MUCH. THIS VIDEO IS VERY HELPFULL :)

@ElDiariodeJavierSuarez 5 жыл бұрын

I´m stucked at 10:35 man, It gives me this error: The Tomcat connector configured to listen on port 8888 failed to start. The port may already be in use or the connector may be misconfigured. So basically I dont understand how this works. First I run it at says running on port correctly. but nothing happens. Then of course I run it again and its when starts to do things but at the end it gives me this error.

@Cyecize 5 жыл бұрын

Hello! This is interesting, can you ping me on facebook and send me screenshot of the error. The link is in my channel.

@bartoszwasik1759 5 жыл бұрын

Hi, I'm wondering if default Spring Security handled by session will no affect your solution. If you authorize with basic auth, you will receive auth token as a response. But besides that, Spring will put some information into its session. Now, when you want to access the protected endpoint, such as "logged" you say that the user must provide token. Well - it's not necessary. Authentication will be also handled by default Spring Security and cookies will be checked. Try doing the following: 1. authorize 2. call logged endpoint without any token You will get a positive response, which is not expected. So I believe, that one more thing is missing in your solution - adding .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS); into SecurityConfiguration. That will guarantee, that Spring will not handle authorization under the hood. Then providing incorect token, on expired token or no token at all will cause anauthorized response. Correct me if I'm wrong, I'm not Spring Security master.

@Cyecize 5 жыл бұрын

Hi, thanks for noticing! I found this and one more error but totally forgot to update the repo.

@anmol859 5 жыл бұрын

Do you have any idea that how to post an object and pass token in some end point

@jairygonzrr378 4 жыл бұрын

nice video :D i have just one question for you, how did you learn all of that? because when i followed spring guides, for me, it looks like I must learn something else before, so which steps did you follow to understand all of that?

@Cyecize 4 жыл бұрын

Thanks! And that's a hard question 😀. Usually the reason why I even make such videos is because it took me some time to get it working and I'm doing my part to help others overcome the same issue and not waste time. So yes, I did learn all the things that I do in the video, it's not scripted or anything. But prior to making this video It took me few days to get this to work as I wanted in my real project. And to give you a tip for learning things - build things from scratch. This is the best way for me and it sure is the best way to remember and understand how a certain technology works. For example I've made a custom web server and an MVC framework and while writing the code I learned so much about Spring because I was trying to replicate the functionalities and I had to dig in their source code.

@rakeshprasad7459 5 жыл бұрын

how to test this using postman

@Cyecize 5 жыл бұрын

Hi! To get a token, run POST on /authorize and in the security tab choose basic security and enter your credentials (user: admin / user, password: password) As a response you will get authToken: "your token" Then you can add this token as a header named authToken and use it for the rest of the endpoints.