DEV Community

Create APIs with JWT authorization using Spring boot

cuongld2 on September 30, 2019

Dear folks, Today I will cover how to create simple REST APIs with JWT authorization using Spring Boot. You might want to check out my previous bl...
Collapse
 
ale_jacques profile image
Alexandre Jacques

This is the first sane alternative I've seen for JWT with Spring Boot. The OAuth approach (that seems to be the "default" approach nowadays is crazy complex for a JWT authentication).
Thanks for your time and dedication.

Collapse
 
cuongld2 profile image
cuongld2

Thank you Alexandre.
Great to hear that from you!!

Collapse
 
omerfarukerkul profile image
Omer Faruk • Edited

Hello Mr. coungld2 I really liked this article and gave me new ideas but, I have a question for you. I wanted to change the database from MySQL to H2 database. I configured the server as I always do in my Spring Boot applications. I could've connected to the H2 Database console with /h2-console.
When I try to login to the /h2-console, the server gives me "JWT Token does not begin with Bearer String". I added /h2-console endpoint to the WebSecurityConfig.java as shown below.

httpSecurity.csrf().disable().authorizeRequests().antMatchers("/authenticate","/user","/h2-console/**").permitAll()

What are the steps should I take to login the database.

Thank you.
Sincerely.

Collapse
 
cuongld2 profile image
cuongld2

Dear Omer,
I'm glad that you liked this blog post.
Sorry but currently I don't have any idea about H2 database.
But I will take a look at that when I got the time.
Happy coding!!!

Collapse
 
sreedevfullstack profile image
sree-dev-fullstack • Edited

I really like the article and i have implemented the JWT token authentication in my spring boot application.it is working fine. When i tried to make it as jar and use it as dependency in another spring boot application, token authentication is perfectly happening but it is not redirecting to the Rest API.Please help me how to resolve the issue

Collapse
 
cuongld2 profile image
cuongld2

Thanks for the comment.
Sorry for late response.
I dont understand the part "not redirecting to the rest api".
Could you give more details?

Collapse
 
sreedevfullstack profile image
sree-dev-fullstack • Edited

thanks for responding. after token authentication in the JWSrequest filter

    chain.doFilter(request, response); will redirects to the restcontroller , where our request mapping url matches , our method will be executed.This redirection is not happening for me. Do i need to configure anything in security page in my application .

Can i share my code.or can you suggest the approach when we use JWt token authentication as seperate jar in other spring boot application.Here my requirement is that JWT token authentication code as seperate jar in multiple applications in my project.

Collapse
 
babusr01 profile image
SRIDHAR BABU BANDLAMUDI

Thanks for you response. This will helpful for automate restful service using restful service. Could you suggest good books or internet site to learn develop restful service using spring boot . I am core java developer .
Thanks
Sridharbabu

Collapse
 
cuongld2 profile image
cuongld2

Thank you SRIDHAR. (Not sure that's your firstname or last name so pardon me :) ).
I would suggest you take a look at Spring Boot in action book.
For online sites, please take a look at Baeldung or Dzone as they got a lot of java tutorials in general.
Cheers!!

Collapse
 
sreedevfullstack profile image
sree-dev-fullstack

thanks for responding. after token authentication in the JWSrequest filter

chain.doFilter(request, response); will redirects to the restcontroller , where our request mapping url matches , our method will be executed.This redirection is not happening for me. Do i need to configure anything in security page in my application .

Can i share my code.or can you suggest the approach when we use JWt token authentication as seperate jar in other spring boot application.Here my requirement is that JWT token authentication code as seperate jar in multiple applications in my project.

Collapse
 
cuongld2 profile image
cuongld2

Dear sree,
I've never met this situation before.
Really sorry I cannot help you on this :(.
Stay strong.
Maybe you can search online for the solution. :)

Collapse
 
gmourtzounis profile image
gmourtzounis

Hi cuongld2! Thanks for the tutorial, as a newbie in spring boot, I found it very helpful.
I have one question though. When a user signs in, a bearer token is generated; but where is it stored?
My goal is to create a log out functionality, where the user's token is destroyed upon logging out.

Collapse
 
cuongld2 profile image
cuongld2

Hi,
Im really glad that my tutorial help you :d.
The jwt token is stored in the client side.
The server will verify the token is correct or not.
Im about to add api for logout so but does not have the time yet.
If you can please make a PR to add api for log out. :)

Collapse
 
juantovarlavin profile image
juantovarlavin

Thank you so much was really helpful

Collapse
 
cuongld2 profile image
cuongld2

I'm glad this could help you.
:d

Collapse
 
sreedevfullstack profile image
sree-dev-fullstack

Can you help me how to resolve below issue.

Collapse
 
x25net profile image
x25Net

You're my hero! Thank you sir, you saved my life ;) It works like a charm

Collapse
 
cuongld2 profile image
cuongld2

So glad that could help you.
Stay tuned for more!!!

Collapse
 
jenithleon profile image
Jenith

How to get the custom header value in spring security configure method ?

Collapse
 
linhebisolvn profile image
Linh リン

tuyệt vời quá anh, trên Baeldung họ viết hơi khó hiểu hơn bài này của anh, nếu được a có thể cho link github để xem source đc ko ạ. Vì có nhiều file ko biết anh để đâu nên hơi khó implement

Collapse
 
cuongld2 profile image
cuongld2

Source code ở đây nhé Linh : github.com/cuongld2/springboot-sim...
Thanks em đã đọc bài :)