I have a controller with several endpoints. Every endpoint is mapped to a service which could return 200 or throw an exception, that is then handled and will re
I have a spring boot API hosted at Heroku and when I try to access it via a Angular app in Google Chrome (In Firefox it works fine) I'm facing the following pro
I think I have found a bug in Grails Spring Security 3.1.1, and latest Grails 3.2.6. I have installed the Spring Security plugin. From the command line console
I am trying to develop Spring Boot web application and securing it using Spring security java configuration. After placing my static web resources in 'src/main
@Component public class TestInterceptor implements HandlerInterceptor { @Override public void afterCompletion(HttpServletRequest arg0, HttpS
I have deployed and run spring saml sample successfully. From SAML Response (IdP -> SP) shown below, can it be identified whether: the SAML response is sig
I need to authenticate some rest services using a token id in the url (or maybe in the request header - but this is not important for now). I am trying to use j
I am building rest API using Spring Boot v1.3.3. API is secured by Spring Security. I have implemented custom user details service to have custom principal in a
I'm using spring security with REST, and I'm using the URL (/logout) as an endpoint for my logout method. But after calling this method, it redirect me to (/log
I can redirect a user to home page upon session logout.. this was very simple. However, if an user had logged into the app and had the page open, even on sessio
SecurityContextHolder.getContext().getAuthentication() obtains the currently authenticated principal, or an authentication request token, but in which context s
I have a react project, and the security works fine untill I navigate within page - i.e. clicking buttons etc. But, if I refresh page, or input url directly int
I am trying to implement spring security with JWT token, I am trying to achieve authentication with method level authorization My configuration looks like this
I would like to customize how the TokenEndpoint works so that I can add additional parameters to to incoming /oauth/token rest call that I will capture and proc
I am using spring oAuthClient version 5.2.4.RELEASE By following the document link of spring security https://docs.spring.io/spring-security/site/docs/current
My app uses Angular on the frontend and Spring Boot (w basic authentication & Spring security) on the backend. I'm using a proxy for api requests to my back
I am using the springdoc-openapi-ui. I have configured the global headers named Authorization. When I execute the API Authorization is not showing in the CURL o
CookieCsrfTokenRepository sets a cookie and on subsequent requests it just just compares the cookie value from the client with the cookie value from the header.
I have this listener in the context of Spring: package listeners; import java.util.Date; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.s
I have a REST service, written using Spring MVC. The server is an OAuth2 resource server and I am using the JwtAuthenticationProvider to have the JWT parsed and