SCSarat Chandra Bharadwajinbharadwaz.hashnode.dev·Jun 1, 2025 · 2 min readSpring Security: Internal flowLet's examine the basic authentication flow.Spring Security uses a filter chain managed by the FilterChainProxy, which passes requests through a series of security filters. Flow: Login Request A user submits their username and password to the log...00
SCSarat Chandra Bharadwajinbharadwaz.hashnode.dev·May 31, 2025 · 3 min readSpring Security: Password EncodersWe all know that storing passwords in plain text is very insecure. There are several ways to store passwords in a database—encoding, encryption, and hashing—but not all are equally secure. Let's explore each method to understand which one is recommen...00
SCSarat Chandra Bharadwajinbharadwaz.hashnode.dev·May 31, 2025 · 4 min readSpring Security: Jdbc Authentication (Part 2)In the previous section, we configured JdbcUserDetailsManager to work with an H2 database using Spring Security’s default implementation (DaoAuthenticationProvider). With this setup, Spring expects two specific tables: users and authorities. However,...00
SCSarat Chandra Bharadwajinbharadwaz.hashnode.dev·May 30, 2025 · 3 min readSpring Security: JDBC Authentication (Part 1)In the previous sections, we set up user authentication using InMemoryUserDetailsManager. While this is fine for simple cases, real-world applications usually use a database for user credentials. For simplicity, I'll use the H2 in-memory database in ...00
SCSarat Chandra Bharadwajinbharadwaz.hashnode.dev·May 30, 2025 · 3 min readSpring Security: In-Memory UsersIn the previous section, we configured a single user (john) using the application.yaml file. However, that approach doesn't support configuring multiple users. Spring Security provides several ways to manage user credentials, such as: In-memory stor...00