jwt-spring-security-demo
jwt-spring-security-demo copied to clipboard
szerhusenBC
A demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2
Hi, In **jwt-spring-security-demo**,there is a dependency **org.apache.tomcat.embed:tomcat-embed-core:8.5.23** that calls the risk method. [CVE-2018-8014](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014) The scope of this CVE affected version is **[,7.0.89),[8.0.0, 8.0.53),[8.5.0, 8.5.32),[9.0.0, 9.0.9)** After further analysis, in this...
Hi, first of all thank you so much for this application. Sorry about the "silly" question but how do I register a new user? I've created this: @PostMapping("/register") public ResponseEntity...
Setting JWTs in local storage is bad practice according to OWASP, and makes JWTs suceptible to session steal through for instance an XSS. https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html#local-storage > Do not store session identifiers...
Hi first thank for your sharing... I would like to ask why we need this: ``` SecurityContextHolder.getContext().setAuthentication(authentication); ``` source: https://github.com/szerhusenBC/jwt-spring-security-demo/blob/master/src/main/java/org/zerhusen/security/rest/AuthenticationRestController.java#L44 @PostMapping("/authenticate") method returns only header from controller. Is there any...
There should be an endpoint to refresh tokens before they expire. You should get a new token. Tokens which are expired should be decline.
I am getting the following error when running the default H2 database: Error executing DDL "# noinspection SqlNoDataSourceInspectionForFile" via JDBC Statement org.hibernate.tool.schema.spi.CommandAcceptanceException: Error executing DDL "# noinspection SqlNoDataSourceInspectionForFile" via JDBC...
I've tried to run app without docker and this is the error below `Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory at org.springframework.boot.SpringApplication.(SpringApplication.java:195) Caused by: java.lang.ClassNotFoundException: org.apache.commons.logging.LogFactory at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:641) at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188) at...
Metadata
Owner
Metadata
A demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2