Great talk with many valuable background information on underlying patterns and decisions. Also great idea to paste those code blocks using code templates during the talk.

Gold level talk

Great video. And right from the source!

great talk and very easy to follow along the code provided. Thanks guys!

28:44 If Only Java had expressions (Expression in this case) like C# so we could use it to specify what field of auth object we want instead of using magic string.

do you guys have any video for authorization based on roles in spring security

Great work...👏👏👏👏

Great work, please more of this :)

I am wondering if one can have one version of git code with security and one without? If yes, is it easy to be maintained in parallel?

Great talk :))

bom demais!

Thanks bro

The DSL... the HTTP Security DSL is the biggest failures of Spring Framework. It is absolutely horrible. It is unreadable spaghetti code. It absolutely needs block level elements which the fluent inferface does not have. Fluent works and is readable when it ALWAYS returns the same type. NO one knows how to get the HttpSecurity to work. Every time is is just random stabs in the dark until it suddenly kind-of works and then they to make your app support what ever you got to work that is close enough of what you wanted.

I wish spring security does not include a default filter chain, they are useless. Every time I had to disable csrf here and disable stateful session there. I would be thinking: why don't we have a RestApiFilterChain. becoz rest api is the main stream now. Also could spring security be more opinionated and less flexible? Just have one way to do things and do things right. The spring security will be much much easier then.