{getToc} $title={Table of Contents}
Introduction
In this project, I going to use Jason Web Token (JWT) and how we developed a
secure spring boot application using JWT. I think you will be able to get a
basic understanding of JWT and how to use that in a real project.
Security Config
In this part 6,
I have created securityConfig class with extending
WebSecurityConfigurerAdapter. Here I have implemented passwordEncoder, it is
return NoOpPasswordEncoder instance that means password encoder that does
nothing. It is useful for testing where working with plain text passwords
may be preferred.
Configure method handle all the security configurations like csrf and
filters.
In Part 1,
I have developed simple project to demonstrate how authorization process
work with JWT.
You already known how to initialize new spring boot project with adding
necessary dependencies.
In Part 2,
I have created a user class inside the entity package with several
attributes such as id, username, password and email.
You already known how to create user class, user authorize request and
repository to find user by username by using Jpa Repository.
In Part 3,
I have created a class called UserDetailServiceImpl. In this class I have
used Spring security features, you can see implemented UserDetailsService
interface.
The UserDetailsService is a core interface in Spring Security framework,
which is used to retrieve the user’s authentication and authorization
information.
This interface has only one method named loadUserByUsername which we can
implement to feed the customer information to the Spring security API.
In Part 4,
I have created a class JWTUtil inside the Util Service package. Actually
this is very important class because all the JWT based implementations are
implemented here.
In part 5,
I have created JwtFilter class under JwtFilter package. The main objective
in method of doFilterInternal is to filter username and token separately.
Git: https://github.com/Yuth-Set/Securing-Spring-Boot-with-JWT