Actually I followed your blog, then when I was trying to execute the following command :
curl -X GET -H "X-Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJzdmxhZGFAZ21haWwuY29tIiwic2NvcGVzIjpbIlJPTEVfQURNSU4iLCJST0xFX1BSRU1JVU1fTUVNQkVSIl0sImlzcyI6Imh0dHA6Ly9zdmxhZGEuY29tIiwiaWF0IjoxNTE1NTU4MDk1LCJleHAiOjE1MTU1NTg5OTV9.DyE3eZPlSgDeMBz9ggZ1GU-HVlyk80nTWfsMMG3z1COZeN7pS39LudXLufAZNLYkhbnQpDOGMvSwtri39jCULA" -H "Cache-Control: no-cache" "http://localhost:9966/api/me"
I got this error :
{"status":401,"message":"Authentication failed","errorCode":10,"timestamp":1515558348119}

Then I have just realized in WebSecurityConfig class, the variable AUTHENTICATION_HEADER_NAME was defined as below :
"Authorization";
When I change the variable to "X-Authorization" in java code or when I a change the header in my curl request to "Authorization", then I can see the correct result successfully . So which side should be change?

I think its a mistake! I have the same issue....I just change from X-Authorization to Authorization and it worked perfect!

@henry-ajere @mhkarimi I haven't updated blog post with the code changes. Header name "X-Authorization" is non-standard way for Bearer token. "Authorization" header name should be used instead. I will update blog post with this changes.

@svlada should changed！