Menu
I am authenticating a User using UsernamePasswordAuthenticationToken in SpringBoot.
I am generating a token using JJWT for that User and returning it back.
Now the User uses that token to send any further requests to me. After decrypting the token should I be using PreAuthenticatedAuthenticationToken and set it to SecurityContextHolder.getContext().setAuthentication()?
What is the purpose of PreAuthenticatedAuthenticationToken?
943
The @EnableWebSecurity is a marker annotation. It allows Spring to find (it's a @Configuration and, therefore, @Component ) and automatically apply the class to the global WebSecurity . If I don't annotate any of my class with @EnableWebSecurity still the application prompting for username and password.
Spring Security provides login and logout features that we can use in our application. It is helpful to create secure Spring application.
In Spring Boot 2, if we want our own security configuration, we can simply add a custom WebSecurityConfigurerAdapter. This will disable the default auto-configuration and enable our custom security configuration. Spring Boot 2 also uses most of Spring Security's defaults.
If a Spring Boot Security dependency is added on the classpath, Spring Boot application automatically requires the Basic Authentication for all HTTP Endpoints. The Endpoint “/” and “/home” does not require any authentication. All other Endpoints require authentication.
The Purpose of the PreAuthenticatedAuthenticationToken is to integrate Third Party Identity Management Systems into your Spring Application with Spring Security.
A PreAuthenticatedAuthenticationToken can come in the form of a HTTP Header, HTTP Parameter etc. In this case there need not be an Entire User Registration in your Application. Just storing this token and relevant data would be suffice.
You can read more on this from Spring Security Documentation
For JWT Case though after decryption you can even use UsernamePasswordAuthenticationToken as decryption process will reveal the Username, Password, Authorities.
176
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
