Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Purpose of PreAuthenticatedAuthenticationToken in Spring Security?

Tags:

java

spring-boot

jwt

spring-security

I am authenticating a User using UsernamePasswordAuthenticationToken in SpringBoot.

I am generating a token using JJWT for that User and returning it back.

Now the User uses that token to send any further requests to me. After decrypting the token should I be using PreAuthenticatedAuthenticationToken and set it to SecurityContextHolder.getContext().setAuthentication()?

What is the purpose of PreAuthenticatedAuthenticationToken?

like image 943
amitection Avatar asked Oct 06 '16 04:10

amitection

People also ask

What is the need for @EnableWebSecurity?

The @EnableWebSecurity is a marker annotation. It allows Spring to find (it's a @Configuration and, therefore, @Component ) and automatically apply the class to the global WebSecurity . If I don't annotate any of my class with @EnableWebSecurity still the application prompting for username and password.

What is the purpose of the Spring Security Login Logout module?

Spring Security provides login and logout features that we can use in our application. It is helpful to create secure Spring application.

What is the use of WebSecurityConfigurerAdapter in spring boot?

In Spring Boot 2, if we want our own security configuration, we can simply add a custom WebSecurityConfigurerAdapter. This will disable the default auto-configuration and enable our custom security configuration. Spring Boot 2 also uses most of Spring Security's defaults.

What is the use of spring boot starter security dependency?

If a Spring Boot Security dependency is added on the classpath, Spring Boot application automatically requires the Basic Authentication for all HTTP Endpoints. The Endpoint “/” and “/home” does not require any authentication. All other Endpoints require authentication.

1 Answers

The Purpose of the PreAuthenticatedAuthenticationToken is to integrate Third Party Identity Management Systems into your Spring Application with Spring Security.

A PreAuthenticatedAuthenticationToken can come in the form of a HTTP Header, HTTP Parameter etc. In this case there need not be an Entire User Registration in your Application. Just storing this token and relevant data would be suffice.

You can read more on this from Spring Security Documentation

For JWT Case though after decryption you can even use UsernamePasswordAuthenticationToken as decryption process will reveal the Username, Password, Authorities.

like image 176
shazin Avatar answered Sep 20 '22 12:09

shazin
Sign in to Comment

Related questions

How to deal with database pagination when a row in between can be deleted by user action?
What is the difference between -Xss and -XX:ThreadStackSize?
Create an ObjectNode from JSON string
Hibernate auto key generation with MySQL and Oracle
Usage of -d32 and -d64 while launching Java
Dagger 2 on Android @Singleton annotated class not being injected
ClassCastException: org.slf4j.impl.Log4jLoggerAdapter cannot be cast to ch.qos.logback.classic.Logger
How to return enum value in java
How to sanitize and validate user input to pass a Checkmarx scan
Android READ_EXTERNAL_STORAGE permission not working
Difference between server JRE and client JRE [duplicate]
com.jcraft.jsch.JSchException: channel is not opened when opening a channel in jsch
How does Java fit a 3 byte Unicode character into a char type?
Kotlin cannot access kotlin.jvm.functions.Function1 when calling kotlin function with java lambda
How to make Jackson ignore properties if the getters throw exceptions
Switching from fragment with map fragment leaves a black screen
Retrofit 2.0 how to delete?
Should I pass a managed entity to a method that requires a new transaction?
How to call an aws java lambda function from another AWS Java Lambda function when both are in same account, same region
Spring boot Dynamic Query

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!