Useful Links
Computer Science
Cybersecurity
Spring Security
1. Introduction to Spring Security
2. Core Architectural Components
3. Authentication Mechanisms
4. Authorization and Access Control
5. Web Security Configuration
6. OAuth 2.0 and OpenID Connect (OIDC)
7. Advanced Topics and Integrations
8. Customization and Extensibility
Core Architectural Components
The Servlet Filter Chain
Purpose and Function of Servlet Filters
`DelegatingFilterProxy`
Role in Delegating to Spring Beans
Configuration in `web.xml`
Configuration in Spring Boot
`FilterChainProxy`
Managing Multiple Security Filter Chains
Order of Filters
Filter Chain Selection
The `SecurityFilterChain` Bean
Definition and Purpose
Customizing Filter Chains
Multiple Filter Chains for Different Endpoints
Filter Chain Matching
`SecurityContextHolder`
Storage Strategies
ThreadLocal Strategy
InheritableThreadLocal Strategy
Global Strategy
Accessing the Security Context
Clearing the Security Context
Thread Safety Considerations
`SecurityContext`
Structure and Purpose
Storing Authentication Information
Context Propagation
`Authentication` Object
Structure and Key Properties
Principal
Credentials
Authorities
Authentication State
Key Interfaces and Implementations
`UserDetails`
Required Methods
Account Status Properties
Custom UserDetails Implementations
`UserDetailsService`
Loading User Information
Implementing Custom UserDetailsService
Exception Handling
`GrantedAuthority`
Role and Permission Representation
Simple Granted Authority
Custom Authority Implementations
`PasswordEncoder`
Purpose and Usage
Encoding Passwords
Matching Passwords
Previous
1. Introduction to Spring Security
Go to top
Next
3. Authentication Mechanisms