SpringBoot JWT security how to
Question
I am trying to implement simple JWT security with token refresh in my web app. Probably, the question has been asked numerous times and I am digging for an answer but can't seem to find it after a month of searching.
I have two models for the user in the database and they should have different role type ADMIN and USER. ADMIN type needs to access his url endpoints and USER his own upon successful email and password login. I am trying to avoid oauth because I do not need enterprise like implementation. Could anyone refer me to a good guide that explains how stuff works or just explain by himself with a code sample? You would help me alot! Thanks.
1 answers
solution1
2 ACCPTED 2017-08-22 02:21:03
You may want to try JJWT if you're looking for a simple to use JWT library for Java. It's well documented and easy to integrate into Spring Boot apps.
At the very least, you'll need to write your own service for generating tokens (using JJWT), a filter for pre-processing the request and generating an Authentication, and an AuthenticationProvider for performing the actual processing/validation of the token content (again with JJWT) and to populate roles/authorities or any other information that might be required by your Authentication implementation.
This method of implementing JWT based authentication does not require any components from Spring's OAuth2 implementation.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.