The Baeldung logo
  • The Baeldung Logo
  • Start Here
  • Courses ▼▲
    • REST with Spring

      The canonical reference for building a production grade API with Spring

    • Learn Spring Security ▼▲

      THE unique Spring Security education if you’re working with Java today

      • Learn Spring Security Core

        Focus on the Core of Spring Security 5

      • Learn Spring Security OAuth

        Focus on the new OAuth2 stack in Spring Security 5

    • Learn Spring

      From no experience to actually building stuff​

    • Learn Spring Data JPA

      The full guide to persistence with Spring Data JPA

  • Guides ▼▲
    • Persistence

      The Persistence with Spring guides

    • REST

      The guides on building REST APIs with Spring

    • Security

      The Spring Security guides

  • About ▼▲
    • Full Archive

      The high level overview of all the articles on the site.

    • Baeldung Ebooks

      Discover all of our eBooks

    • About Baeldung

      About Baeldung.

Category upSpring

Spring Security

Spring Security is a framework focused on providing authentication and authorization for Spring applications. Learn how to work with Spring Security concepts through the list of guides below.

  • Authentication (33)
  • OAuth Legacy Stack (16)
  • OAuth New Stack (14)
  • Registration (11)
  • Authorization (8)
  • OAuth (7)
  • Spring Security Basics (7)
  • Spring Security 5 (5)
  • Angular (5)
  • JWT (4)
  • Password (4)

>> SAML with Spring Boot and Spring Security

>> Testing Spring OAuth2 Access-Control

>> Authenticating Users with AzureAD in Spring Boot

>> Form Login and Basic Authentication in springdoc-openapi

>> Access HTTPS REST Service Using Spring RestTemplate

>> Spring @EnableMethodSecurity Annotation

>> TLS Setup in MySQL and Spring Boot Application

>> PKCE Support for Secret Clients with Spring Security

>> Display Logged-in User’s Information in Thymeleaf

>> Spring Security: Upgrading the Deprecated WebSecurityConfigurerAdapter

>> Spring Boot – Keycloak Integration Testing with Testcontainers

>> Handle Spring Security Exceptions With @ExceptionHandler

>> Disabling Keycloak Security in Spring Boot

>> Configure JWT Authentication for OpenAPI

>> Get Keycloak User ID in Spring

>> Spring Security Authorization with OPA

>> Handle Spring Security Exceptions

>> Spring Security – Map Authorities from JWT

>> Authentication With Spring Security and MongoDB

>> Introduction to OAuth2RestTemplate

>> Enable Logging for Spring Security

>> Spring Security – Configuring Different URLs

>> Using Spring Cloud Gateway with OAuth 2.0 Patterns

>> Content Security Policy with Spring Security

>> Spring Security – Request Rejected Exception

>> Spring @EnableWebSecurity vs. @EnableGlobalMethodSecurity

>> Spring Security OAuth Authorization Server

>> A Guide to SAML with Spring Security

>> Prevent Cross-Site Scripting (XSS) in a Spring Application

>> Social Login with Spring Security in a Jersey Application

>> OAuth 2.0 Resource Server With Spring Security 5

>> How to Disable Spring Security Logout Redirects

>> Spring Security vs Apache Shiro

>> Simple Single Sign-On with Spring Security OAuth2 (legacy stack)

>> Redirecting Logged-in Users with Spring Security

>> Logout in an OAuth Secured Application (using the Spring Security OAuth legacy stack)

>> Spring Security With Okta

>> Manual Logout With Spring Security

>> Disable Security for a Profile in Spring Boot

>> Spring Security Custom Logout Handler

>> Spring Security: Check If a User Has a Role in Java

>> OAuth2 for a Spring REST API – Handle the Refresh Token in AngularJS (legacy OAuth stack)

>> Using JWT with Spring Security OAuth (legacy stack)

>> The Clear-Site-Data Header in Spring Security

>> Spring REST API + OAuth2 + Angular (using the Spring Security OAuth legacy stack)

>> Guide to @CurrentSecurityContext in Spring Security

>> Spring Security and OpenID Connect (Legacy)

>> Deny Access on Missing @PreAuthorize to Spring Controller Methods

>> Guide to the AuthenticationManagerResolver in Spring Security

>> Why I’m Breaking up my “Learn Spring Security” Course?

>> Spring Security – Attacking OAuth

>> JHipster Authentication with an External Service

>> Spring Security: Exploring JDBC Authentication

>> JWS + JWK in a Spring Security OAuth2 Application

>> Authenticating with Amazon Cognito Using Spring Security

>> Introduction to SPNEGO/Kerberos Authentication in Spring

>> Preventing Username Enumeration Attacks with Spring Security

>> Fixing 401s with CORS Preflights and Spring Security

>> Handle Security in Zuul, with OAuth2 and JWT

>> Filtering Jackson JSON Output Based on Spring Security Role

>> Notify User of Login From New Device or Location

>> Deprecated Classes in Spring

>> Spring WebClient and OAuth2 Support

>> Customizing Authorization and Token Requests with Spring Security 5.1 Client

>> Find the Registered Spring Security Filters

>> Spring Security – Whitelist IP Range

>> OAuth2 – @EnableResourceServer vs @EnableOAuth2Sso

>> Spring Security for Spring Boot Integration Tests

>> Introduction to Spring Security Taglibs

>> Spring Security Login Page with Angular

>> Extracting Principal and Authorities using Spring Security OAuth

>> Default Password Encoder in Spring Security 5

>> Spring Security Custom AuthenticationFailureHandler

>> Spring Security Login Page with React

>> Front-End App with Spring Security OAuth – Authorization Code Flow

>> Spring Security OAuth 2 Guides

>> Spring Security with Thymeleaf

>> New Password Storage In Spring Security 5

>> Spring Data with Spring Security

>> Security In Spring Integration

>> Spring Boot Security Auto-Configuration

>> An Intro to Spring Cloud Security

>> A Custom Spring SecurityConfigurer

>> How to Manually Authenticate User with Spring Security

>> Extra Login Fields with Spring Security

>> Spring Security – Auto Login User After Registration

>> Using JWT with Spring Security OAuth

>> Introduction to Spring Method Security

>> Spring Security 5 – OAuth2 Login

>> Introduction to Spring Security ACL

>> CAS SSO With Spring Security

>> Spring Security 5 for Reactive Applications

>> Activiti with Spring Security

>> Granted Authority Versus Role in Spring Security

>> New in Spring Security OAuth2 – Verify Claims

>> Securing Jakarta EE with Spring Security

>> Intro to Security and WebSockets

>> OAuth2 Remember Me with Refresh Token (using the Spring Security OAuth legacy stack)

>> Allow Authentication from Accepted Locations Only with Spring Security

>> Simple Single Sign-On with Spring Security OAuth2

>> Multiple Authentication Providers in Spring Security

>> Logout in an OAuth Secured Application

>> Testing an OAuth Secured API with Spring MVC (using the Spring Security OAuth legacy stack)

>> Multiple Entry Points in Spring Security

>> Spring Security and OpenID Connect

>> Spring Security – Redirect to the Previous URL After Login

>> Spring Security – Customize the 403 Forbidden/Access Denied Page

>> Two Login Pages with Spring Security

>> Spring Security – Cache Control Headers

>> Servlet 3 Async Support with Spring MVC and Spring Security

>> Spring Security Context Propagation with @Async

>> Spring Cloud – Securing Services

>> OAuth2.0 and Dynamic Client Registration (using the Spring Security OAuth legacy stack)

>> Spring Security – @PreFilter and @PostFilter

>> Spring Security OAuth2 – Simple Token Revocation (using the Spring Security OAuth legacy stack)

>> A Secondary Facebook Login with Spring Social

>> A Custom Filter in the Spring Security Filter Chain

>> Custom AccessDecisionVoters in Spring Security

>> Spring Security: Authentication with a Database-backed UserDetailsService

>> Introduction to Java Config for Spring Security

>> CSRF Protection with Spring MVC and Thymeleaf

>> Two Factor Auth with Spring Security

>> X.509 Authentication in Spring Security

>> Registration with Spring – Integrate reCAPTCHA

>> Quick Intro to Spring Cloud Configuration

>> A Custom Security Expression with Spring Security

>> Intro to Spring Security Expressions

>> Keep Track of Logged In Users with Spring Security

>> Spring Security – Run-As Authentication

>> Spring HTTP/HTTPS Channel Security

>> OAuth2 for a Spring REST API – Handle the Refresh Token in Angular

>> A Guide to CSRF Protection in Spring Security

>> The REST With Spring Master Class Giveaway

>> Intro to Spring Security LDAP

>> Spring REST API + OAuth2 + Angular

>> Updating your Password

>> Registration – Password Strength and Rules

>> The Registration API becomes RESTful

>> Authenticating with Reddit OAuth2 and Spring Security

>> Spring Security Registration Tutorial

>> Spring Security Registration – Resend Verification Email

>> Spring Security Authentication Tutorial

>> Spring Security – Reset Your Password

>> Prevent Brute Force Authentication Attempts with Spring Security

>> Spring Security – Roles and Privileges

>> Registration with Spring Security – Password Encoding

>> Registration – Activate a New Account by Email

>> The Registration Process With Spring Security

>> Login For a Spring Web App – Error Handling and Localization

>> Spring Security – Persistent Remember Me

>> Spring Security Remember Me

>> Retrieve User Information in Spring Security

>> Redirect to Different Pages after Login with Spring Security

>> Unable to Locate Spring NamespaceHandler for XML Schema Namespace

>> Spring Security Digest Authentication

>> No Bean Named ‘springSecurityFilterChain’ is Defined

>> Control the Session with Spring Security

>> Spring Security Authentication Provider

>> Spring Security Basic Authentication

>> Security with Spring

>> Spring Security Logout

>> Spring Security – security none, filters none, access permitAll

>> Spring Security Form Login

>> Spring Security with Maven

>> Basic and Digest Authentication for a REST Service with Spring Security

  • ↑ Back to Top
res – Security (video) (cat=Security/Spring Security)
opt-in
Security basics for a REST API
Get access to the video
The Baeldung logo

Courses

  • All Courses
  • All Bulk Courses
  • All Bulk Team Courses
  • The Courses Platform

Series

  • Java “Back to Basics” Tutorial
  • Jackson JSON Tutorial
  • Apache HttpClient Tutorial
  • REST with Spring Tutorial
  • Spring Persistence Tutorial
  • Security with Spring
  • Spring Reactive Tutorials

About

  • About Baeldung
  • The Full Archive
  • Editors
  • Jobs
  • Our Partners
  • Partner with Baeldung
  • Terms of Service
  • Privacy Policy
  • Company Info
  • Contact
The Baeldung Logo