Posts

Showing posts with the label Spring Security 6

Integration of Spring Security with Spring LDAP Authentication in Spring Boot

Image
Here’s an end-to-end example of integrating Spring Security with Spring LDAP for authentication in a Spring Boot  application. 1. Set Up Local LDAP Server To install and run an LDAP server locally, you can use Apache Directory Server or OpenLDAP . Here, I'll use Apache Directory Server (Apache DS) because it's easy to set up and works well with Spring Boot. 1.1. Install Apache Directory Server Download Apache Directory Server from the official site . Choose the latest version based on your operating system. Install Apache Directory Server : Extract the downloaded ZIP or tar.gz file to a directory of your choice. Open a terminal or command prompt and navigate to the directory where you extracted the server. Start Apache Directory Server : Run the following command to start the LDAP server: bin/apacheds .sh start For Windows, use bin/apacheds.bat start . Access the Apache Directory Studio (optional) for easier interaction with your LDAP server: Download Apache Directory Stud...

Secure Your Spring Boot Backend and Angular Frontend with Okta

Image
Securing a Spring Boot backend and Angular frontend with Okta involves integrating authentication and authorization into both the backend and frontend using Okta's Identity Management platform. Here's a step-by-step guide: Backend (Spring Boot with Okta OAuth2 Integration) 1. Set Up Okta Developer Account Go to Okta Developer and create an account. Once logged in, create a new OAuth 2.0 Application in the Okta dashboard: Choose Web as the platform. Set up the Redirect URI to http://localhost:8080/login/oauth2/code/okta for local development. Set Grant Type to Authorization Code . After creating the app, note the Client ID , Client Secret , and Issuer URL (e.g., https://dev-XXXX.okta.com/oauth2/default ). 2. Add Dependencies to pom.xml Add the required dependencies for Spring Security OAuth2 and Okta to your pom.xml : <dependencies> <dependency> <groupId> org.springframework.boot </groupId> <artifactId> spring-boot-sta...

Spring Boot 3 + Spring Security 6 + Thymeleaf - Registration and Login Example

Image
In this section we will learn how to create user registration and login using Spring boot 3, Spring security 6, Thymeleaf, JPA, and PostgreSQL. The GitHub repository link is provided at the end of this tutorial. You can download the source code. What’s New in Spring Security 6? WebSecurityConfigurerAdapter Removed : The  WebSecurityConfigurerAdapter class was deprecated and then removed in Spring Security 6. Instead, you should now take a more component-based approach and create a bean of type  SecurityFilterChain . Here's an example: @Configuration @EnableWebSecurity public class SecurityConfiguration { @Bean public SecurityFilterChain securityFilterChain ( HttpSecurity http) throws Exception { http .authorizeHttpRequests((requests) -> requests .requestMatchers( "/registration**" ).permitAll() .anyRequest().authenticated() ) .formLogin((form) -> form ...