- Spring Security – An Introduction
- What is JSESSIONID?
- Password encoding with Spring Security
- Getting started with using Spring Security with Spring Boot – Securing REST API
- What is OAuth 2.0?
- OAuth 2.0 protocol flow
- OAuth 2 – Authorization Code Grant
- OAuth 2 Grant Types
- Encryption Algorithms
- Running Standalone Authorization Server Keycloak on Localhost
- Creating New Realm and New User in Keycloak
- Keycloak – Create new OAuth client and request access and refresh token
- Working of OAuth with resource server
- OAuth 2 Resource Server – Scope Based Access Control
- Role based access control with Keycloak
- Method level security at resource server
- Login with Github with Spring Boot and React JS
- Spring Security and React – Form Login
- From @EnableGlobalMethodSecurity to @EnableMethodSecurity: A Migration Guide for Spring Security 6+
- Implementing Mutual TLS (mTLS) in a Spring Boot Application
- How mTLS (Mutual TLS) Works
- Symmetric Keys in mTLS
- HttpOnly Cookies
JWT
- JSON Web Token (JWT) – An Introduction
- JWT Claims
- What Information Can Be Seen in a JWT?
- How to Invalidate Compromised JWT Tokens in Keycloak
- JWT Usage in a React Application
- Refresh Token Grant Type in OAuth 2.0 (with Keycloak)
- The Last Guide to JWT
- Understanding PKCE (Proof Key for Code Exchange) in JWT Authentication