Spring Security In Action Second Edition [OFFICIAL]

@Component public class JwtService private final SecretKey key = Keys.secretKeyFor(SignatureAlgorithm.HS256); private final long EXPIRATION = 86400000; // 24 hours public String generateToken(String username) return Jwts.builder() .setSubject(username) .setIssuedAt(new Date()) .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION)) .signWith(key) .compact();

To go stateless, we need to disable session creation entirely: spring security in action second edition

public String extractUsername(String token) return Jwts.parserBuilder() .setSigningKey(key) .build() .parseClaimsJws(token) .getBody() .getSubject(); private final long EXPIRATION = 86400000

@Configuration @EnableWebSecurity public class StatelessSecurityConfig @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception http .sessionManagement(session -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS) ) .authorizeHttpRequests(auth -> auth .requestMatchers("/login", "/refresh").permitAll() .anyRequest().authenticated() ); // No formLogin() - we use a custom filter return http.build(); To go stateless

ADDRESS

G Tech Systems
#447 Communist Building
Avinashi Road
Tiruppur 641 602

ADDRESS - 2

Email: digitalsigns.in@gmail.com

Website: www.digitalsigns.in

Call Us : 9 789 45 33 2 9

Call Us : 0421 - 432 33 29

OUR COMPANY

Home

About Us

Terms of Use

Privacy Policy

Spring Security In Action Second Edition [OFFICIAL]

Spring Security In Action Second Edition [OFFICIAL]

ADDRESS

ADDRESS - 2

OUR COMPANY

Login Form