Scribd
Upload
420 views

Notes - JWT + Spring Security Overview

The document provides an introduction to JSON Web Tokens (JWT) including what they are, when they should be used, their structure, and how they work. It also describes how to implement JWT authentication in a Spring Boot application.

Uploaded by

Khôi Nguyên Huỳnh Kỳ
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
420 views

Notes - JWT + Spring Security Overview

The document provides an introduction to JSON Web Tokens (JWT) including what they are, when they should be used, their structure, and how they work. It also describes how to implement JWT authentication in a Spring Boot application.

Uploaded by

Khôi Nguyên Huỳnh Kỳ
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

JWT Introduction

(JSON Web Token)


By Ramesh Fadatare ( Java Guides)

By Ramesh Fadatare ( Java Guides)


What is JWT
• JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact
and self-contained way for securely transmitting information between parties as
a JSON object.
• JWT, or JSON Web Tokens (RFC 7519), is a standard that is mostly used for
securing REST APIs.
• JWT is best way to communicate securely between client and server
• JWT follows stateless authentication mechanism

By Ramesh Fadatare ( Java Guides)


When should you use JSON Web Tokens?
• Authorization
• Information Exchange

By Ramesh Fadatare ( Java Guides)


What is the JSON Web Token structure?
• JSON Web Tokens consist of three parts separated by dots (.), which are:
• Header {
"alg": "HS256",
"typ": "JWT"
xxxxx.yyyyy.zzzzz
}

• Payload {
"sub": "1234567890",
"name": "John Doe", eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbkBnbW
"admin": true FpbC5jb20iLCJpYXQiOjE2MTY1NjY5NDksImV4cCI
} 6MTYxNzE3MTc0OX0.RVggbCFH2VGRZw9-
• Signature pptLl7EKgp2BYxfOw8DXoE22MVTGJUBer600dx49
UZyd-TeFvBPflOKH9Rbi8SOvzYmIAA
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
secret)
By Ramesh Fadatare ( Java Guides)
By Ramesh Fadatare ( Java Guides)
How do JSON Web Tokens work?

By Ramesh Fadatare ( Java Guides)


Spring Security Basic Auth
Spring Boot REST APIs

REST API 1

REST API 2

REST API 3

By Ramesh Fadatare ( Java Guides)


Development Process
Step 1: Adding JWT Dependency
Step 2: Create JwtAuthenticationEntryPoint
Step 3: Add jwt properties in application.properties file
Step 4: Create JwtTokenProvider
Step 5: JwtAuthenticationFilter
Step 6: Create JWTAuthResponse DTO
Step 7: Configure JWT in Spring Security Configuration
Step 8: Change login/signin API to return token to client

By Ramesh Fadatare ( Java Guides)


Spring Security + JWT
Spring Boot REST APIs

REST API 1 (Login API)


JSON token

token
REST API 1

token
REST API 2

token
REST API 3

By Ramesh Fadatare ( Java Guides)

You might also like