Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Spring security JWT without OAuth

Recently I started learn how to configure spring boot with oauth 2.0 + jwt, and I have a question: is it possible to use spring boot security + jwt avoiding oauth 2.0?

like image 212
Tymur Berezhnoi Avatar asked Oct 14 '18 07:10

Tymur Berezhnoi


People also ask

Can JWT be used without OAuth?

OAuth is an standardised authorization protocol that can use JWT as a token. OAuth uses server-side and client-side storage. If you want to do real logout you must go with OAuth2. Authentication with JWT token can not logout actually.

Can I use JWT without Spring Security?

Implementing JWT Token to Authorise Rest API in Spring Boot without using Spring security. As we are moving towards Micro service based architecture most of our API are required to be state less and adoption of REST API is at peak. so to authorize our request we have one globally accepted method is through JWT.

Does Spring Security use OAuth?

The AuthorizationServerConfigurerAdapter class is used to configure the authorization server using the spring security oauth2 module.


1 Answers

Yes, it is possible to use JWT functionalities without the usage of standardized OAuth 2.0 flows. Here is a good example implementation to help you out. Another example can be found at AUTH0. You can use for example this dependency:

<!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-jwt -->
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-jwt</artifactId>
    <version>1.0.9.RELEASE</version>
</dependency>
like image 100
git-flo Avatar answered Nov 03 '22 00:11

git-flo