Method security testing is the process of testing the security of each method to make sure that only authorized users can access them. By testing the method-level security, we can ensure that our application is secure and that users can only perform the actions that they are authorized to do. Let’s say we built an…
Read More Testing Method Security in Spring BootIn this Spring Boot Security tutorial, you will learn how to use Spring method-level security to secure RestController methods with @PreAuthorize annotation. If you are interested in video lessons, then I also show how to create user Roles and Authorities and how to use Spring Method Level Security annotations in my video course: RESTful Web…
Read More Spring Method-Level Security with @PreAuthorizeExciting news! I am very happy to announce that my new view video course is launching soon. If you want to learn how to build Scalable & Security Reactive(Non-blocking) Spring Boot Microservices, you do not want to miss this video course. What you’ll learn This video course is designed for absolute beginners, and the following…
Read More Scalable & Secure Reactive Spring Boot MicroservicesIn this tutorial, I will guide you through setting up a Kafka Consumer in a Spring Boot application. You will learn how to configure the consumer properties, create a listener class using the @KafkaListener annotation, and how to process messages with the @KafkaHandler annotation. Let’s start with the configuration. Kafka Consumer Configuration in application.properties In…
Read More Creating Kafka Consumer in Spring Boot MicroserviceIn this tutorial, you will learn how to implement Kafka Producer in a Spring Boot Microservice. A Kafka Producer is an application that sends messages to a Kafka topic, which can be consumed by other microservices. You will use Spring for Apache Kafka dependency to configure and create a Kafka Producer in your Spring Boot…
Read More Kafka Producer in Spring Boot MicroserviceKeeping sensitive data secure is essential, but it isn’t that easy in today’s world. If you are using the Spring Boot application and want to encrypt your credentials, such as DB passwords, server information, or personal data then the simplest way is to use Jasypt. What is Jasypt? Jasypt (Java Simplified Encryption) is a Java…
Read More Spring Boot Password Encryption Using JasyptIn this tutorial, you will learn what is Spring Cloud Vault, how to install and run HashiCorp’s Vault using three different methods: from HashiCorp website, using Homebrew, or as Docker container. What is Spring Cloud Vault? How do we store secrets safe in a distributed system? Secrets are sensitive information that you don’t want to expose…
Read More Installing and Running HashiCorp’s Vault for Spring CloudIn this tutorial, you will learn what the @Respository annotation is and how to use it in your Spring Boot applications. @Repository is a Spring annotation that indicates that the decorated class is a repository. A repository is a mechanism for encapsulating storage, retrieval, and search behaviour which emulates a collection of objects. How to…
Read More @Repository Annotation in SpringIn this tutorial you will learn how to enable and how to view Spring Cloud API Gateway Routes using Spring Boot Actuator. Developers use Actuator to enable API Gateway routes in order to keep track of the routes being used in their application. By exposing these routes through Actuator endpoints, developers can get valuable information…
Read More Viewing Spring Cloud API Gateway Routes with Spring Boot ActuatorSpring Boot Actuator is a useful feature that provides developers with a set of tools to monitor and manage their applications. However, some of the actuator endpoints are sensitive and can potentially expose sensitive information about your application. In this article, we’ll explore different ways to secure these endpoints to ensure your application is protected.…
Read More Securing Spring Boot Actuator Endpoints: Best PracticesIn this tutorial, I will explain in detail how to secure sensitive Spring Boot Actuator Endpoints using Spring Boot version 3. This tutorial is intended for beginners who want to learn how to monitor and manage their Spring Boot applications using Actuator. Spring Boot Actuator is a sub-module of Spring Boot that provides production-ready features…
Read More How to Secure Spring Boot Actuator Endpoints with Basic AuthenticationThis blog post will guide you on reading the body of an HTTP request in the filter class of your Spring Boot application. For more code examples, you can refer to the Spring Boot tutorials page. What is a Spring Filter? A Spring Filter is an object that intercepts incoming HTTP requests and outgoing HTTP…
Read More Reading Request Body in Spring FilterIn this tutorial, you will learn how to use the @PostAuthorize annotation to secure the return of the method’s return value in your Spring Boot Application. The @PostAuthorize annotation is evaluated after the business logic in a method is executed and if needed will prevent the method from returning a return value. There are other…
Read More @PostAuthorize Security Annotation ExampleThis tutorial will guide you on how to incorporate JUnit support into your Spring Boot application based on Maven. Spring Boot Starter Test Dependency To add JUnit and Mockito support to your Maven-based Spring Boot application, include the following dependencies in the <dependencies> section of your pom.xml file: <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> By adding…
Read More JUnit Support in Spring BootIn this article, you will learn how to perform user authentication with Amazon Cognito in a Spring Boot application. But before we dive into that, let’s first explore what Amazon Cognito is. According to what’s mentioned on the AWS official website: Amazon Cognito lets you add user sign-up, sign-in, and access control to your web…
Read More User Authentication with Amazon Cognito in Spring Boot Application