Implementing JWT (JSON Web Tokens) with Spring Security in Springboot App

Follow me on Twitter: twitter.com/DailyCodeBuffer

You are champion, there are of course many videos in youtube, but we can expect quality from some only . Yours are one among them

Great video as always! One suggestion, keep your picture in picture smaller so it doesn't hide the IDE code. Maybe thumbnail size. Thank you again for the tutorial !

Nice Explanation ..Actually some youtubers have more subscribers i don't know why because they told the only basic what we have in books but u explain each and every point very clear and useful to realtime as well .. wel done ..impressed and subscribed

I have seen this Video several times.. This is just a Saver for me. Just wanted to have a video on JWT implementation in Microservices.. How do we manage token between the Applications.

Very nice video. I learnt basics of Filter, Authentication and JWT Token in one single video of just 36 minutes.

That is my 5th video by that I learned how to implement JWT. Thanks, sir, and great of u.

he is doing work more than blah blah ...appreciated

@Daily Code Buffer, what is the difference from this and your new video about spring security. Are you using jwt token there too?

Hi sir I was asked a question by the interviewer and the question is
Q) Suppose I am hitting an endpoint and I am having the token appended as header for that endpoint so every time I hit that Endpoint will the authentication check is gonna happen again and again or not and I was unable to answer this question I think the answer is that before hitting the request my filter check is gonna happen and there this check is gonna be done where we are checking that security context.getAuthenticated() object is Null or not if it is not null then the rest of the check is not going to happen because the details are saved there already but my question is like for different types of users suppose 5 users are there five users have their own token so how that check is going to happen please clear this doubt sir.

can you do a video about this with Spring 3.0 because some of things are deprecated

Excellent tutorial on jwt tutorial with practicals. Thank you so much for the wonderful content.

Man this is the best Video I have seen about Spring Security, THANK YOU.

One of the most underrated youtuber

Hi,
Not clear with the Filter in this video. Can you explain those code alone in detail please?

Your tutorials are so fantastic. I keep watching your videos. The way you narrate and segway things are exemplary. Too good brother. keep it up!!

I keep gettting a 403 error forbidden even after implementing the whole code as you have it

This a good explanation my concern is if we go the microservices way and other services apart from the auth service don't have access to the users database , is it possible and how do we go by authenticating the requests efficiently without having to hit the auth endpoint to validate the token against the user details service

Thank you so much, you are the best to simplify complex codes

Hello,
I downloaded github JWT-Demo project as it is running same code in eclipse but I got one error "no converter found for return value of type: class and in postman showing Internal server error.
Is there any solution can any one helps to me?

im getting a 415 error in the POST request. Is there some further configuration that has to be implemented? Thank you

Very good concept.. Easily understandable.. Nicely explained 👍.. Thank you.

Could you update this video with the role base authentication and without the deprecated web adapter configure.
Thank you in advance.
Even if you can’t update the video … if you can update GitHub with role base authentication that would be super awesome.

Hey can you create a crash application in spring boot which deals with data and have login, register and back end too. In short i need one bank app which manages my wallet transactions

thank you for explanation.create example on distributed transaction in microservices

I followed exactly same procedure...And it created token....But when i configured filter .....Token generation is not working.....What to do ????

I don't understand the verify method. Why does it not seem like its verifying against the secret key at all?

Nice stuff. Can you extend this in the scenario of multiple services (microservices) and refresh token? Will be great. Thanks

I am using Eclipse and based on your tutorial the jjwt does not appear in my pom.xml as yours though.

Best tutorial on jwt !!! Thanks bro 😎

Hi
Good explanation. Well done.
Can you please update the GIT with latest Spring version, have many compilation issues now.
Thanks in advance.

Can't we pass encoded password to get JWT token. from postman we are sending plain password. Is it possible to send encrypted password ?

Great Video !! Which version of Spring Security are we using here?

The best and the easiest explanation and implementation of JWT !!

Rather than sending the authorization header, do we have any other option ? Can I send header with any other name say "authToken" and keep the token in that which I can access from the same filter ?

Super bro... I love the way you teach content to the precise point and fast pace...

your tutorials are very nice and informative with real example. subscribed immediately. keep going and post more such videos.

Life savior. looking forward to Securing microservices.

Do we need to create the authenticate function if the boiler plate is not having in a question

If you are using ping federate as authorization server how will be the implementation.

Getting error please let me know how to solve this.
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalArgumentException: [Assertion failed] - this expression must be true

Can we create JWT token on the air and validate it within the same method itself and return the output. Please provide me the solution.

How are you opening Intelij idea with the command line ? Can you tell us?

The type WebSecurityConfigurerAdapter is deprecated .. plz tell the solution

Hello! Thanks for the amazing video. Tried to download the source code and run it as it is but im getting a 400 error in the POST request. Is there some further configuration that has to be implemented? Thank you

Sir if i am creting a token and all things are work properly.But again i am creting a new token for same user then how to expire old token.Plese comment sir

Hi, I have created a Seperate Microservice for JWT and i want to authenticate a different microservice
how to do that??

I am working on an application where jwt token authentication is required and that token will be sending to end user's via email. So is there any way to invalidate token once it is forwarded to another emails ?. Kindly suggest some idea over this. Thanks

thanks. best video on jwt i saw.

Hi, I was going through the video and implemented the same in my system. Getting error in Filter part. Not able to generate Token in postman after applying filter.Can you help plz?

Thank you ! Nice Tutorial and Explanations

Very good tutorial, please make one tutorial to add encoding and decoding.

Bro how can we create a refresh token here. Any idea about on that?

Hi Bro,
I created an Auth-Service for generating jwt. Apart from this, I have multiple services like Api-Gateway-Service, Registry-Service, City-Service, Country-Service then how to use that token which I generated using Auth-Service. Please help me how to use that token in multiple services.
Thanks,
Khan

Great tutorial, just a couple of issues with this. I got slightly confused, you started by saying JWT is used for both Authentication and Authorisation, maybe we mean different things but authentication isn't possible with JWT.
Around 21:50, you are calling loadUserByUsername after the authentication? Isn't this a repetition ?
The authentication manager would need to call that method to check that a user exists first right?
Can we not retrieve the user from the principal?

Hi I am getting 404 while trying to send the get request with generated jwt with Bearer in header .I checked everything is fine in code.Can anyone knows why it's happening ?

Please how Can i implement that in a microservice Spring cloud , i need implement an authentication with jwt

12:56 jjwt is showing vulnerability in dependencies , should we use it or not?

How do you check current user information? so that current user can access to his/her own data without touching others' data

Thank You for the great video , you have ample knowledge , salute

Thanks for this video. You've explained so well.

what about the repository code and encoding and decoding part.

Now i can explain spring security in very well .. thank you for such a informative and great video. 👍

WebSecurityConfigurerAdapter is deprecated.... what is the solution

Anything you have using Boot 3.1.5?

So Excellent with Great "E" !

from where you get all JWTutility methods. plz describe. thanks

Thank you for this very helpful tutorial , and please can you help me I don't know why when i send the get request without the authorization header it doesn't show an error it gives back a 200 success response

Thanks for the video, it's really helpful. Just a suggestion - when you show the code/IDE, just the voice over should be enough, the picture is quite big and hinders the view.

Hi @Daily Code Buffer , I m getting bad credentials error when I entered username and password(hardcoded values), any more setup needed for this?

Very informative. You are doing a really awesome job.

Great tutorial! Thanks for share! Helped me a lot!

Main part was creating the JWTUtility that you just pasted and explained , it would have been better if this code was written.

What is the theme that you’re using in intellij idea

Hi bro. I absorbed all applications your using yml file why can't you use property file? Can you please explain

HI,
good tutorial !
One problem I faced was, that after (successful) call to "/authenticate" it is not possible to re-authenticate (call again /authenticate). Why ?
Best regards.
Esteban
(Second call to "/authenticate" fails)

Hi, Can you please me know the similar thing if we need to separate the server (that gives/authenticate the jwt token and client ? Because I don't to include the server coding in the multiple client API project.s

how to pass Athorization token every request ,then how to everytime automatically write token in the header

Really great effort from you and helping people a lot.

Hey once i added the JwtFilter class, it stopped returning the JWT Token.. Any ideas? I still get a 200 - OK status. I put a "test" println at the /authenticate endpoint, and it doesnt even execute.

sir how can I consume this jwt token using spring as client

Hi actually I tried the above code with user name name and password password even jwt token is generating ??

Can please create video that how to invalid the jwt token after the logout.

application properties error and it does not run localhost:8080

Such an amazing video! Congratulations and thanks

Loving your videos 🙏🙏

i have a little problem, when i send the request i ve got 500 internal server error and idk what can i do, help me pls

Sir can you please tell how we can implement jwt between different modules

I have to deploy my springboot application onto openshift with Stargate jwt authentication.. how would I define the path for this trustore in openshift

Will you make a video for Google cloud jwt authorization in springboot ?

Cool does this token has timer?

Thank you very much for all your help!

Please update for Spring Security 6.**

Great tutorial..!! Thanks for sharing Step by Step

@Daily Code Buffer what are the prerequisites for this ?

Great video as always! One suggestion, keep your picture in picture smaller

How you automatically add user name and password

Really helpful...get rid of my lead's nagging after following this video 🥲

Really very good explanation, helping me a lot... Thanks a lot.

Can you please make a video on access and refresh token in jwt. Using spring boot