0

I knew that through in-memory authentication we can secure Spring boot rest API(Which uses default authentication creating random JWT token). My requirement is that I have created JWT token through oracle rest service, using this token i need to secure my spring boot rest api. How can i achieve this? Any help please?

similar to below question, Secure REST Api with Spring boot and JWT

Regards Raj

Raj
  • 55
  • 11
  • refer this for sample JWT Filter. https://stackoverflow.com/questions/50691187/spring-security-sessions-without-cookies/50857373#50857373 – MyTwoCents Dec 24 '19 at 09:10

1 Answers1

-1

Create a Filter it should be a pre-filter or you can follow any Spring AOP (AspectJ Annotation). Once after successful login, for every subsequent request check whether JwtToken presented in request header.

If it available parse the token and check the expiry. If the token is expired return 401 (UnAuthorized).

For Reference: Access spring security principal in microservies ,when actual authentication has done in ZUUL gateway

GnanaJeyam
  • 2,780
  • 16
  • 27
  • Thanks. I'm new to spring boot. I followed below link & able to create a sample Spring Boot REST API application with authentication. Just i need to replace this JWT token part & need to set my custom JWT(Will call oracle rest service to generate JWT token). I dont know how to replace it. https://dzone.com/articles/secure-spring-rest-api-using-oauth2-1 . – Raj Dec 24 '19 at 08:04
  • @Raj the link you posted is similar to the link I posted in my answer. Don't do it gnana's way with filters and AOP, its all built into Spring. I think the Baeldung link is a little cleaner and better explained vs. Dzones. – SledgeHammer Dec 24 '19 at 18:17