Hats off to you sir You literally made Spring Security Easy. I've gone through many lengthy videos but nothing worked your spring security videos made me learn within 2hrs including jwt and basic auth.

I have been binge watching many videos on JWT authentication and luckily found this video, you are simply amazing with the way of delivering things sir, thanks a lot and more power to you to roll out such amazing videos in the future

@Javatechie

Жыл бұрын

Thank you so much Karthik for appreciating it . I am glad to hear that people are getting benefitted with my content

incredible! didn't expect to find usage ready solution here, but you nailed it. thanks!

Sir, thank a lot for your contribution. I have searched so many methods to implement JWT on my project running on Spring 3.1.5 but couldn't find a proper solution. We need more videos on new releases like this. Thanks a lot!!!🤩

Simply amazing Sir. I was struggling for authorization configuration in springboot 3.2.0. You have covered it well.

Watching your complete series because of the migration project, Thanks a lot again

I appreciate the detailed description of this video. Thanks for sharing.

One thing I can say..........the best channel I have ever seen....thank u so much sir

What a man you are ? It's not only tutorial for security .It's the night mare for me to achieve security in spring application.Hats off keep the learning spell always on.Thanks a lot!🌟

@Javatechie

Жыл бұрын

Thank you so much Gokul . Glad to hear that 😊 . Keep learning

@SupriyaMondal3

9 ай бұрын

".It's the night mare for me to achieve security in spring application." ,, ...... really ?

@Javatechie

6 ай бұрын

@Supriya are you facing any issue?

Great tutorial those who are moving spring security 6. Awesome! job.

This is so well explained! Thank you!

Oh wow , thank you so much sir .. i was thinking to request you for this spring security jwt and just found it now . Great ,will cover this in this weekend,thank you 😊

@kshitijbansal3672

Жыл бұрын

Suppose I have a spring boot application which is having multiple instances running (lets say 3 instances are running), and I have a scheduler which is suppose generating a report after every 1 hour, so now my scheduler will start generating the same report for every instance of my application (so it will generate 3 report in total) and which is a wrong thing, so how can we handle such scenario. How to make our scheduler generate only 1 report even if 3 instances are running. Today an interviewer asked this question to me and I was clueless about it. Pls help.

thanks, great video. I have followed lots of youtube videos only this code working properly. thanks again.

Bro i don't know who are you.. you are God's gift. I am search for a job.. once I got it..I will give super thanks to you

@Javatechie

Жыл бұрын

Thanks buddy 😊 . Keep learning

@dipakkale2723

4 ай бұрын

Did you got job ?

@Thiru-zt5lw

4 ай бұрын

@dipakkale2723 yes..already enrolled in his courses..

@IAmUsingAndroid

7 күн бұрын

Did you get the job.

Present when needed. Thank you!

Amazing video, you made so easy, understood every part

Nicely covered both authentication and authorization.

Great video, thanks for all the explanation!

I have learned everything I needed to learn, thanks a lot man

No words Mind Blowing session

Thankyou so much for this I have got a task to build jwt auth This will be very helpful for me

Thanks basant for the detailed video about jwt

Your explanation is really good, thanks for making tutorial

Really helped me for my internship

Nice ...keep posting some complex spring boot projects...

Thanks for choosing this topic. And make a Oauth 2 verification video in spring boot 3

this happens the first time for me, i just needed a walkthrough in spring3 + jwt and spring security. and well, you provided it 22 minutes ago. +sub

@kshitijbansal3672

Жыл бұрын

Suppose I have a spring boot application which is having multiple instances running (lets say 3 instances are running), and I have a scheduler which is suppose generating a report after every 1 hour, so now my scheduler will start generating the same report for every instance of my application (so it will generate 3 report in total) and which is a wrong thing, so how can we handle such scenario. How to make our scheduler generate only 1 report even if 3 instances are running. Today an interviewer asked this question to me and I was clueless about it. Pls help.

@kiryls1207

Жыл бұрын

@@kshitijbansal3672 holy ffffu. it's more like: - how many hours did you mess with spring framework, tinkering here and there? - yes

@kshitijbansal3672

Жыл бұрын

@@kiryls1207 if you know the solution, you can, don't ask unnecessary questions

@kiryls1207

Жыл бұрын

@@kshitijbansal3672 i saw guides and tutorials about spring concurrency and threading. i don't know the solution, i just started with spring

@Javatechie

Жыл бұрын

In that scenario you need to configure your scheduler related properties in only one instance For example let's say you have instance 1 ,2 and 3 You want to run your scheduler only in instance 1 in that case create all properties of scheduler like cron expression, time zone etc only in instance 1 configuration When i say instance 1 configuration i mean just find a place where you can load required properties

amazing tutorial!

Excellent! Love it

Very good content. Thank you very much!

Yr explanation is just amazing👍👍

Love the popping sounds

thank you man, that was very helpful

A really nice explanation . Very helpful

Amazing. Thank you so much

Again an amazing tutorial. I can't thank you enough. ❤

Greate explanation sir! as always 🙏🙏.

Worth watching your videos

Another nice explanation video ❤

Thank you sir, more videos , I'm beginner :)

❤Great demo

Hell yeah thanks man 🔥

Great explanation sir thanks lot

Love you bro ! Thanks alottttt

Amazing video with covering all the aspect of JWT in latest version of spring boot. Thank you for the in detailed walkthrough. Please make one video on internals of spring boot security internals with new classes in involved latest version

@Javatechie

10 ай бұрын

Glad it was helpful! Yes it's in my queue soon i will do that

Highly appreciated

thanks for excellent video

This is very right way explain.

Nice tutorial sir

Well explained 🙂

good explanation

Awesome ❤

Thank you so much sir.

Hats Off sir!

such great tutorial, explained in simple way, help be crash course through it and build a new micro service implementing spring JWT authentication, thank you so much

@Javatechie

11 ай бұрын

Thanks buddy, What are you looking for here it is kzread.info/dash/bejne/f4uq0M-yfLW7mc4.html

very nice explanation

Best Tutorial ever bro thank you somuch

Thank you!!!

Awesome 😍

Thank you so much master, te amo

Thanks for the video. I did learn a lot from it. A few points: 1. the authentication manager is not recommended although it works, you should come up with your own authentication manager. 2. there is a new nimbus package in the latest Spring security which should be used for encoder and decoder. 3. that filter is not necessary as I understand. You simply provide the encoder and decoder, spring security will automatically take care of the security check for all the configured paths.

@Javatechie

Жыл бұрын

Thank you for your suggestion buddy. I will definitely take a look into these changes

@RN-jo8zt

11 ай бұрын

you mean bcryptpasswordencoder?

Спасибо!

Thank you 💖

i from vietnam, thanks your video

Thank you sir

that some great content .. thanks basant ... i have 2 doubts 1. SInce we created a filter for every end points in this application how /authenticate is working without token ? i know i am missing something here please point me to right direction . 2 . can u please create a new video which explains spring security 3.0 all classes and flow from the basic . Thanks

One thing I realized, in your extractAllClaims method, the jtw parser throws exceptions that are not caught. For example, if the token is expired it throws a ExpiredJWTException! So you checks for istokenexpired is moot.

you passed claims map empty (During token generation), what is the use of that i did n't get that point? can you please elaborate that little more.

hats off man

Excellent video. I also wanted to know how to implement logout. Can you show a sample with the same example?

Hi In your spring boot crud operations video I am having trouble during the execution the table is not getting created I have even put the getters and setters but still table is not getting created. Can you please tell me fast what should I DO?

Wanted to add one point: if we are generating token only when user register or login then in validation process, we can skip fetching user details from db because if the token is modified then it will be invalid token when we match it using our secret. So, If the token is valid then we can save it to our security context always.This is my understanding. Please add to it if something is incorrect or I am missing something.

Can you do a tutorial on using JWT authentication and Angular for the front end? I don't know if it's possible for you to do it, but I'm at roadblocks in trying to figure this out

Sir, plz provide flow diagrams of each classes before you code. And also include entire flow with all classes as summary at the end and if possible at very begining. You know the flow, so you find it super easy naming classes, but its tough for any beginners as classes names are big and similar. My hostel juniors gave me this feedback when I shared them ur lecture.

@Javatechie

Жыл бұрын

Thanks Raj for your suggestion. Noted this and will work on it

@samsonmayeem8409

11 ай бұрын

Nevertheless, it's a big-time first-class tutorial regardless.

@deeplife9654

4 ай бұрын

Yes. This is the only thing this tutorial is missing.

Hi Java Techie, could you please change password field type to character array as recommended for security reason and also cover why to use char array for password over string type. if I am not wrong here. Thank you for for uploading such concepts.

Hi Javatechie, this is great tutorial. I have made my application by following your tutorial. It was working fine until I add JwtAuthFilter but after adding JwtAuthFilter and completed the whole process, The bearer token is not getting generated for authentication api from postman . Can you help me to resolve this issue?

Hi, If here we want to add Swagger -UI and swagger integration, what changes we need to do? Can you please make a video on Spring boot+jwt_swagger-UI

No need to validate token again right, because parseJwt method in Jwt implementation validates the token expiration and secret key & loadUserByUsername fetch if user exist.

I implemented this JWT Authentication and Authorization, and when I call the endpoints via Postman everything works perfectly. The problem is that I'm trying to write unit tests for my controllers using JUnit 5, but all endpoints always throw 403 Forbidden. Even when I use the @WithMockUser annotation, the same problem continues. Does anyone know what the problem could be? Did someone who implemented this JWT Authentication and Authorization manage to do the unit tests for the controllers?

do you have any example with Keycloak RBAC ? or any help?

thanks

Can we use http basic when requesting a token instead of passing username and password as json? Greetings from the Philippines

Can you please do this using Reactive approach, it will help us.

Hello everything is fine? I really admire your work. But could you make a tutorial using spring Tools suit 4 IDE

Thats a great stuff as always :) . .. One request to you ..can you create one video on Spring Security OAuth Authorization Server using spring boot 3.0 .. Thanks again.. keep up good work :)

@Javatechie

9 ай бұрын

Okay sure noted

Thanks , your tutorial clips are the best.

@Javatechie

Жыл бұрын

Thank you buddy 😊

thank you for your helpful videos. please do a video on Oauth2 for springboot 3

@Javatechie

Жыл бұрын

Okay sure we will do that

Can you help me with an implementation idea about asymmetric encryption

Hello Sir, Kudos to your effort of explaining the concepts so effortlessly !! I implemented the same using Spring Security 6.2.3, however, I am getting HTTP403 error for every request that I am trying to hit from postman (for both users). I am trying to identify what is getting messed up...Any thoughts (by any chance) on this weird behavior ?

Sir I'm getting an expected csrf token is missing in my postman while trying to register an user from api gateway but it's working fine from it's own port number and I have also disabled the csrf in SecurityFilterChain. So where's this coming from?

very informative , please we need a demo for spring boot 3 & spring cloud keycloak

@Javatechie

Жыл бұрын

Okay i will plan for it

@ismailforeveryone6889

Жыл бұрын

@@Javatechie thank you so much

Thanks Buddy, can you make a video integrating jwt on api gateway

@Javatechie

5 ай бұрын

Please check this kzread.info/dash/bejne/o4N40aaqZcLOcbA.html

27:20 How does AuthenticationManager knows it needs to lookup 'userinfo' table to verify username ?

Could you please create a video with Feign Client implementation with micro services

Awesome kindly do junit and mockito 2023 for both three layers testing tutorial video (controller service and repository) if possible 🙂 because one method will have multiple methods inside it... How to write in that scenario... please make video on this use cases

@Javatechie

Жыл бұрын

Okay i will

@kshitijbansal3672

Жыл бұрын

@@Javatechie Suppose I have a spring boot application which is having multiple instances running (lets say 3 instances are running), and I have a scheduler which is suppose generating a report after every 1 hour, so now my scheduler will start generating the same report for every instance of my application (so it will generate 3 report in total) and which is a wrong thing, so how can we handle such scenario. How to make our scheduler generate only 1 report even if 3 instances are running. Today an interviewer asked this question to me and I was clueless about it. Pls help.

Have a question about roles. I saw some video where they didn't user preauthorize annotation. But used enum role. What is the best approuch ?

@Javatechie

Жыл бұрын

Without @PreAuthorize not sure . Will check and update

Awesome tutorial! Is it possible to have both JWT for API & FormLogin for everything else? I am wanting to build back of house app to manager products and customers and then build second ecommerce app.

@Javatechie

Жыл бұрын

Yes it's absolutely possible

@paulfx5019

Жыл бұрын

Okay, I will keep searching for the solution, I have found once setting session management to stateless formlogin stops working. So far the only solution that works for me is httpbasic for both api's and forms

@Javatechie

Жыл бұрын

I will check and share you reference

thank you good sir +sub

Thank you for the video, can we implement hasRole on SecurityConfig instead of Controller? I'm struggling with check authority on SecurityConfig file.

@Javatechie

2 ай бұрын

No it should be on your endpoints because that is what we are authorised

hi sir can u make vedio for integration vedio of jwt and google oauth sign in plzzz!!!