Learn how to automate the sending of the CSRF token to the server when using Postman.
Search Results for: csrf
CSRF With Stateless REST API
A quick investigation if stateless REST API can be vulnerable to CSRF attacks.
CSRF Protection with Spring MVC and Thymeleaf
Quick and practical guide to preventing CSRF attacks with Spring Security, Spring MVC and Thymeleaf.
A Guide to CSRF Protection in Spring Security
Learn how CSRF attacks work on a practical Spring application, and then how to enable protection against these kinds of attacks with Spring Security.
Creating a Spring Security Key for Signing a JWT Token
In this tutorial, we learn how to sign and verify a JWT token in Spring Boot.
Migrate Application from Spring Security 5 to Spring Security 6/Spring Boot 3
In this tutorial, we learn how to migrate an existing application using Spring Security 5 to Spring Security 6.
OAuth2 Backend for Frontend With Spring Cloud Gateway
In this tutorial, we implement the OAuth2 Backend for Frontend (BFF) pattern with Spring Cloud Gateway and spring-addons.
HttpSecurity vs. WebSecurity in Spring Security
In this tutorial, we learn the difference between HttpSecurity and WebSecurity in Spring.
HttpSecurity vs. WebSecurity in Spring Security
Explore and discover the differences between HttpSecurity and WebSecurity.
How to Solve 403 Error in Spring Boot POST Request
Learn how to solve the 403 error in a Spring Boot POST request.
Securing Spring Boot API With API Key and Secret
A quick and practical guide to securing Spring Boot APIs with API keys and secrets.
Shared Secret Authentication in Spring Boot Application
Private microservices may use a shared secret to protect their APIs from illegal access. We look at how to implement a simple token based security pattern based on a shared secret using Spring Security.
SAML with Spring Boot and Spring Security
Learn how to sett up SAML2 with Spring Boot.
Form Login and Basic Authentication in springdoc-openapi
Learn how to configure authentication in Springdoc for accessing protected endpoints via generated documentation in Swagger-UI.
Spring @EnableMethodSecurity Annotation
Learn the main features of @EnableMethodSecurity and how it replaces @EnableGlobalMethodSecurity.
Multitenancy With Spring Data JPA
Building a multi-tenant system in Spring requires keeping data from one tenancy apart from another. We look how to separate requests into different databases by tenant, and how to validate that the requests belong to the correct tenancy.
Spring Security: Upgrading the Deprecated WebSecurityConfigurerAdapter
Learn how to create a Spring Security configuration without using WebSecurityConfigureAdapter
Spring Boot – Keycloak Integration Testing with Testcontainers
A step by step guide to test the authentication of a Spring Boot app using Keycloak
Disabling Keycloak Security in Spring Boot
Learn how to disable the configuration put in place by the Spring Keycloak starter.
Handle Spring Security Exceptions
Spring Security handlers for exceptions.