Giters

xpadro / spring-security

Samples about securing web applications with Spring Security

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

spring-security

This repository contains examples on how to implement different functionalities with the Spring Security framework.

Spring Security 4.x

Spring version: 4.3.14.RELEASE
Spring Security version: 4.2.4.RELEASE
Java version: 1.8


  • Basic in-memory: The most basic example of a secured application. Users are defined in-memory in the security configuration. Secured paths are 'home' and 'admin' which are available depending on the user role.

    Links to source code: Spring Boot | JavaConfig | XML


  • Basic JDBC: Modified version of basic-inmemory where users are stored in an in-memory database (H2).

    Links to source code: Spring Boot | JavaConfig


  • Basic JDBC with H2: The previous basic-jdbc example configuring a H2 servlet to enable connecting to the in-memory database.

    Links to source code: JavaConfig


  • BCrypt password encoder: The previous basic-jdbc example configuring a password encoder that uses BCrypt hashing function in order to encode user credentials before persisting them.

    Links to source code: Spring BootJavaConfig | XML


  • Remember-me token: Configures a remember me using a token approach, which sets a cookie in the browser.

    Links to source code: Spring Boot | JavaConfig


  • Remember-me persistent: Configures a persistent remember me. THis is a more secure version which relies on a database

    Links to source code: Spring Boot | JavaConfig


  • JDBC full sample: Complete example covering the basic features of a secured application, described below:

    • user details backed up by an in-memory database (H2)
    • custom login page
    • encrypted credentials with BCrypt
    • CSRF protection
    • logout feature
    • remember-me feature

    Links to source code: Spring Boot | JavaConfig | XML


  • JDBC full sample with Thymeleaf: The above example but using Thymeleaf instead of JSPs.

    Links to source code: Spring Boot



  • Retrieving user details: Shows different ways of retrieving user details in the controller layer

    Links to source code: Spring Boot


Spring Security 3.x

Spring version: 3.2.10.RELEASE
Spring Security version: 3.2.10.RELEASE
Java version: 1.7


  • Basic in-memory: The most basic example of a secured application. Users are defined in-memory in the security configuration. Secured paths are 'home' and 'admin' which are available depending on the user role.

    Links to source code: XML


  • Basic JDBC: Modified version of basic-inmemory where users are stored in an in-memory database (H2).

    Links to source code: XML


  • Basic JDBC with H2: The previous basic-jdbc example configuring a H2 servlet to enable connecting to the in-memory database.

    Links to source code: XML


  • Default password encoder: Basic-jdbc example configuring a standard password encoder that uses SHA-256 hashing.

    Links to source code: XML


  • BCrypt password encoder: The previous basic-jdbc example configuring a password encoder that uses BCrypt hashing function in order to encode user credentials before persisting them.

    Links to source code: XML


  • Remember-me token: Configures a remember me using a token approach, which sets a cookie in the browser.

    Links to source code: XML


  • Remember-me persistent: Configures a persistent remember me. THis is a more secure version which relies on a database

    Links to source code: XML


  • JDBC full sample: Complete example covering the basic features of a secured application, described below:

    • user details backed up by an in-memory database (H2)
    • custom login page
    • encrypted credentials with BCrypt
    • CSRF protection
    • logout feature
    • remember-me feature

    Links to source code: XML

About

Samples about securing web applications with Spring Security

Languages

Language:Java 98.5%Language:HTML 1.5%