Java

Spring Boot: just 4 beans for implementing a default JDBC Authentication with SecurityFilterChain-based Configuration

ByPanos 17/01/202417/01/2024

This project is a pure REST API demo, exposing just a couple of protected endpoints. It is based on Java version 17, and the latest releases of Spring Boot 3.2.1 (announced on DECEMBER 19, 2023) and Spring Security 6.2.1 (announced on DECEMBER 21, 2023). It shows the 4 very basic beans required for the default JDBC-based Authentication for implementing a fundamental custom security configuration class based on the SecurityFilterChain. You can use it as a base repo for further customizations.

Spring: Avoid Circular Dependency error of your @Component(s)

ByPanos 27/07/202328/07/2023

A case-study using a Custom implementation of the “weird” UsernamePasswordAuthenticationFilter, as @Component. This is actually the case when an auto-created bean (e.g.: an AuthenticationManager instance in a @Configuration annotated class) is required in a @Component annotated class (e.g.: a custom filter extending the UsernamePasswordAuthenticationFilter filter), and then, the bean of the @Component custom filter class is required in the @Configuration class.

Java | Spring | Spring Boot

No other place to go for your properties and values in Spring

ByPanos 12/07/202324/07/2023

Spring Boot: @Value, @ConfigurationProperties, Environment API, and other, not-that-easy to be distinguished goodies.

Do you know @Value annotation in Spring/Spring Boot framework? Well, maybe. However, this post aims to be your one-stop shop, when you are wrangling with the mess of externally defined values, for properties and messages. And not only for your bean-managed classes.

Java | Spring Boot

Spring: Customizing the “weird” UsernamePasswordAuthenticationFilter

ByPanos 18/02/202319/02/2023

A thorough step-by-step guide on how you can implement a custom filter, based on the “weird” UsernamePasswordAuthenticationFilter, for handling both: Basic Authentication and JWT Bearer token Authorization.

Java | Spring Boot

Spring Boot Security Configuration, practically explained – Part6: A deep intro to filter/token-based security

ByPanos 31/01/202306/03/2023

A deeper intro about what is behind the scenes of the Spring authentication/authorization process, integrating also concepts like filters, tokens, customizations for an Authentication Manager or an Authentication Provider, and so on.

Java | MySQL | Spring Boot

Spring Boot Security Configuration, practically explained – Part5: From WebSecurityConfigurerAdapter to SecurityFilterChain

ByPanos 19/12/202219/12/2022

Pass from deprecated WebSecurityConfigurerAdapter to the new component-based (bean-based) security configuration, in an easy and understandable way.

Apache | Java

Installing the Apache Portable Runtime APR-based Native library for Tomcat

ByPanos 19/09/202220/09/2022

Installing the Tomcat APR native library allows us to work smoothly with both: the JSSE and the OpenSSL implementation.

Apache | Java

Installing the Apache Portable Runtime APR Libraries

ByPanos 19/09/202219/09/2022

APR mainly is a supporting library for the Apache web server, offering also some more encasements and functionalities. In this post, you can see the process of installing it in a Debian/Linux distribution system.

Java | Spring Boot

Spring Boot Security Configuration, practically explained – Part3: LDAP Bind Authentication

ByPanos 27/05/202211/12/2022

This is the 3rd in a series of posts which focuses on LDAP Authentication, but does not provide any detail on the LDAP itself. Our aim is to demonstrate how you can implement LDAP Authentication with Spring Boot framework, by using either a configurer (via the the ldapAuthentication()) or an authentication provider Bean (the LdapAuthenticationProvider) in a classic Custom Security Configuration class, extending
the WebSecurityConfigurerAdapter

Java | Spring Boot

Spring Boot Security: The WebSecurityConfigurerAdapter is not the case anymore

ByPanos 23/05/202225/05/2022

Using a Custom Security Configuration class based on WebSecurityConfigurerAdapter should not be a case for you anymore. This is because it has been deprecated since Spring Security 5.7.0-M2.
However, if you wish to continue using it for a while, without seeing the warning curly yellow lines in your IDE, then here is a quick solution.