I've done a lot of cleanup on #SpringSecurity MFA support this past week. The updates (along with improved docs) can be seen in the reference docs.spring.io/spring-secur...
docs.spring.io
October 10, 2025 at 9:34 PM
I've done a lot of cleanup on #SpringSecurity MFA support this past week. The updates (along with improved docs) can be seen in the reference docs.spring.io/spring-secur...
#SpringSecurity 7 added MFA support docs.spring.io/spring-secur...
tldr Add following to require both password and one time token
`@EnableGlobalMultiFactorAuthentication(authorities = {
GrantedAuthorities.FACTOR_PASSWORD_AUTHORITY,
GrantedAuthorities.FACTOR_OTT_AUTHORITY })`
tldr Add following to require both password and one time token
`@EnableGlobalMultiFactorAuthentication(authorities = {
GrantedAuthorities.FACTOR_PASSWORD_AUTHORITY,
GrantedAuthorities.FACTOR_OTT_AUTHORITY })`
Adaptive Authentication :: Spring Security
docs.spring.io
September 30, 2025 at 9:38 PM
#SpringSecurity 7 added MFA support docs.spring.io/spring-secur...
tldr Add following to require both password and one time token
`@EnableGlobalMultiFactorAuthentication(authorities = {
GrantedAuthorities.FACTOR_PASSWORD_AUTHORITY,
GrantedAuthorities.FACTOR_OTT_AUTHORITY })`
tldr Add following to require both password and one time token
`@EnableGlobalMultiFactorAuthentication(authorities = {
GrantedAuthorities.FACTOR_PASSWORD_AUTHORITY,
GrantedAuthorities.FACTOR_OTT_AUTHORITY })`
The next instalment of the Road to GA series about a cross-project, collaborative effort on new capabilities for HTTP service clients is now live spring.io/blog/2025/09...
#SpringFramework #SpringBoot #SpringCloud #SpringSecurity
#SpringFramework #SpringBoot #SpringCloud #SpringSecurity
HTTP Service Client Enhancements
Level up your Java code and explore what Spring can do for you.
spring.io
September 23, 2025 at 10:42 AM
The next instalment of the Road to GA series about a cross-project, collaborative effort on new capabilities for HTTP service clients is now live spring.io/blog/2025/09...
#SpringFramework #SpringBoot #SpringCloud #SpringSecurity
#SpringFramework #SpringBoot #SpringCloud #SpringSecurity
Exciting News! Spring Authorization Server is moving to #SpringSecurity 7.0
spring.io/blog/2025/09...
spring.io/blog/2025/09...
Spring Authorization Server moving to Spring Security 7.0
Level up your Java code and explore what Spring can do for you.
spring.io
September 11, 2025 at 5:11 PM
Exciting News! Spring Authorization Server is moving to #SpringSecurity 7.0
spring.io/blog/2025/09...
spring.io/blog/2025/09...
Ever wanted to be able to change how the built in #SpringSecurity hasRole hasAuthority, etc methods work but continue to use the existing DSL? Enter AuthorizationManagerFactory.... docs.spring.io/spring-secur...
Thanks x.com/sjohnr for your PR github.com/spring-proje...
Thanks x.com/sjohnr for your PR github.com/spring-proje...
Authorization Architecture :: Spring Security
docs.spring.io
September 9, 2025 at 8:47 PM
Ever wanted to be able to change how the built in #SpringSecurity hasRole hasAuthority, etc methods work but continue to use the existing DSL? Enter AuthorizationManagerFactory.... docs.spring.io/spring-secur...
Thanks x.com/sjohnr for your PR github.com/spring-proje...
Thanks x.com/sjohnr for your PR github.com/spring-proje...
Check out what's new in the #Spring community 👉 bit.ly/3HW4Q0a
The second milestone releases of Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Session, Spring Integration, Spring REST Docs, and more.
#Java #SpringBoot #SpringSecurity #SpringFramework
The second milestone releases of Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Session, Spring Integration, Spring REST Docs, and more.
#Java #SpringBoot #SpringSecurity #SpringFramework
August 28, 2025 at 12:02 PM
Check out what's new in the #Spring community 👉 bit.ly/3HW4Q0a
The second milestone releases of Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Session, Spring Integration, Spring REST Docs, and more.
#Java #SpringBoot #SpringSecurity #SpringFramework
The second milestone releases of Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Session, Spring Integration, Spring REST Docs, and more.
#Java #SpringBoot #SpringSecurity #SpringFramework
1/ API Spring com acesso liberado pra geral? 😱 Seus dados agradecem a falta de segurança… #SpringSecurity #API #Java
August 4, 2025 at 8:59 PM
1/ API Spring com acesso liberado pra geral? 😱 Seus dados agradecem a falta de segurança… #SpringSecurity #API #Java
How I Implemented GitHub OAuth2 into My Spring Boot + Angular App N1netails Not everyone wants to log into a website using a basic email and password form. Sometimes it’s due to a lack of trust, ...
#oauth #springboot #springsecurity #angular
Origin | Interest | Match
#oauth #springboot #springsecurity #angular
Origin | Interest | Match
How I Implemented GitHub OAuth2 into My Spring Boot + Angular App N1netails
Not everyone wants to log into a website using a basic email and password form. Sometimes it’s due to...
dev.to
August 2, 2025 at 4:37 AM
How I Implemented GitHub OAuth2 into My Spring Boot + Angular App N1netails Not everyone wants to log into a website using a basic email and password form. Sometimes it’s due to a lack of trust, ...
#oauth #springboot #springsecurity #angular
Origin | Interest | Match
#oauth #springboot #springsecurity #angular
Origin | Interest | Match
1/ Building secure Spring Boot apps? 🤯 Granular access control is a MUST, not a nice-to-have! 🛡️ #SpringSecurity #SpringBoot
July 25, 2025 at 1:01 PM
1/ Building secure Spring Boot apps? 🤯 Granular access control is a MUST, not a nice-to-have! 🛡️ #SpringSecurity #SpringBoot
We often ran into the same challenge: handling OAuth2/OIDC securely and cleanly with #SpringSecurity.
So we created XDEV SSE – a practical extension born out of real-world needs. It simplifies authentication flows, boosts security, and integrates seamlessly with Vaadin.
So we created XDEV SSE – a practical extension born out of real-world needs. It simplifies authentication flows, boosts security, and integrates seamlessly with Vaadin.
Check out our latest blog post on XDEV SSE! 🔐 Learn how our extension for #SpringSecurity simplifies OAuth2/OIDC handling, improves security, and integrates seamlessly with #Vaadin.
Dive into the code & discover its features: xdev.software/news
#Java #OpenSource
Dive into the code & discover its features: xdev.software/news
#Java #OpenSource
July 21, 2025 at 2:11 PM
We often ran into the same challenge: handling OAuth2/OIDC securely and cleanly with #SpringSecurity.
So we created XDEV SSE – a practical extension born out of real-world needs. It simplifies authentication flows, boosts security, and integrates seamlessly with Vaadin.
So we created XDEV SSE – a practical extension born out of real-world needs. It simplifies authentication flows, boosts security, and integrates seamlessly with Vaadin.
Check out our latest blog post on XDEV SSE! 🔐 Learn how our extension for #SpringSecurity simplifies OAuth2/OIDC handling, improves security, and integrates seamlessly with #Vaadin.
Dive into the code & discover its features: xdev.software/news
#Java #OpenSource
Dive into the code & discover its features: xdev.software/news
#Java #OpenSource
July 18, 2025 at 8:30 AM
Check out our latest blog post on XDEV SSE! 🔐 Learn how our extension for #SpringSecurity simplifies OAuth2/OIDC handling, improves security, and integrates seamlessly with #Vaadin.
Dive into the code & discover its features: xdev.software/news
#Java #OpenSource
Dive into the code & discover its features: xdev.software/news
#Java #OpenSource
Just pushed support for Spring Security OAuth + Interface REST Client integration docs.spring.io/spring-secur...
#SpringFramework #SpringSecurity
#SpringFramework #SpringSecurity
HTTP Interface Integration :: Spring Security
docs.spring.io
June 17, 2025 at 6:34 PM
Just pushed support for Spring Security OAuth + Interface REST Client integration docs.spring.io/spring-secur...
#SpringFramework #SpringSecurity
#SpringFramework #SpringSecurity
Dive into the latest releases from #Spring 👉 bit.ly/4jGq7rP
GA releases of Spring Boot, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring for GraphQL, Spring AI and Spring Web Services.
#Java #SpringBoot #SpringSecurity #SpringAI
GA releases of Spring Boot, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring for GraphQL, Spring AI and Spring Web Services.
#Java #SpringBoot #SpringSecurity #SpringAI
May 28, 2025 at 6:30 AM
Dive into the latest releases from #Spring 👉 bit.ly/4jGq7rP
GA releases of Spring Boot, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring for GraphQL, Spring AI and Spring Web Services.
#Java #SpringBoot #SpringSecurity #SpringAI
GA releases of Spring Boot, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring for GraphQL, Spring AI and Spring Web Services.
#Java #SpringBoot #SpringSecurity #SpringAI
🚨#CVE-2025-41232: #SpringSecurity versions 6.4.0 through 6.4.5 Authorization bypass related to private method annotations using Aspects. Look for @EnableMethodSecurity(mode=ASPECTJ) and method-level security annotations on private methods. Fixed in Spring Security 6.4.6.
buff.ly/kIm4Wrd
buff.ly/kIm4Wrd
May 22, 2025 at 1:22 PM
🚨#CVE-2025-41232: #SpringSecurity versions 6.4.0 through 6.4.5 Authorization bypass related to private method annotations using Aspects. Look for @EnableMethodSecurity(mode=ASPECTJ) and method-level security annotations on private methods. Fixed in Spring Security 6.4.6.
buff.ly/kIm4Wrd
buff.ly/kIm4Wrd
You can tell @garnier.wf's 2-hour deep dive session on "Spring Boot Testing" was packed full of useful tips, because I didn't have any time to post anything during the session!
I took one pic to remind me about #SpringSecurity and csrf when doing `WebMvcTest`.
#DevoxxUK #SpringBoot #TestingIsGood
I took one pic to remind me about #SpringSecurity and csrf when doing `WebMvcTest`.
#DevoxxUK #SpringBoot #TestingIsGood
May 8, 2025 at 1:42 PM
You can tell @garnier.wf's 2-hour deep dive session on "Spring Boot Testing" was packed full of useful tips, because I didn't have any time to post anything during the session!
I took one pic to remind me about #SpringSecurity and csrf when doing `WebMvcTest`.
#DevoxxUK #SpringBoot #TestingIsGood
I took one pic to remind me about #SpringSecurity and csrf when doing `WebMvcTest`.
#DevoxxUK #SpringBoot #TestingIsGood
Dive into the latest releases from #Spring 👉 bit.ly/449pt1L
First release candidates of Spring Boot, Spring Data 2025.0.0, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring Modulith & Spring Web Services.
#Java #SpringBoot #SpringData #SpringSecurity
First release candidates of Spring Boot, Spring Data 2025.0.0, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring Modulith & Spring Web Services.
#Java #SpringBoot #SpringData #SpringSecurity
April 29, 2025 at 9:33 AM
Dive into the latest releases from #Spring 👉 bit.ly/449pt1L
First release candidates of Spring Boot, Spring Data 2025.0.0, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring Modulith & Spring Web Services.
#Java #SpringBoot #SpringData #SpringSecurity
First release candidates of Spring Boot, Spring Data 2025.0.0, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring Modulith & Spring Web Services.
#Java #SpringBoot #SpringData #SpringSecurity
This #InfoQ article provides a detailed solution for registering & authenticating a user through a client-side #JavaScript application using the #SpringSecurity infrastructure, access & refresh tokens.
We explore the process in detail with helpful flow diagrams!
🔗 bit.ly/3PJ3YMA
#Java #Spring
We explore the process in detail with helpful flow diagrams!
🔗 bit.ly/3PJ3YMA
#Java #Spring
April 22, 2025 at 5:36 AM
This #InfoQ article provides a detailed solution for registering & authenticating a user through a client-side #JavaScript application using the #SpringSecurity infrastructure, access & refresh tokens.
We explore the process in detail with helpful flow diagrams!
🔗 bit.ly/3PJ3YMA
#Java #Spring
We explore the process in detail with helpful flow diagrams!
🔗 bit.ly/3PJ3YMA
#Java #Spring
Introduction to Spring Security - Base Classes for Spring Security Implementation #springboot #springsecurity #authentication #filter senoritadeveloper.medium.com/introduction...
Introduction to Spring Security
Base Classes for Spring Security Implementation
senoritadeveloper.medium.com
April 12, 2025 at 3:49 PM
Introduction to Spring Security - Base Classes for Spring Security Implementation #springboot #springsecurity #authentication #filter senoritadeveloper.medium.com/introduction...
#SpringBoot : Build Short URL Application
Part 7 is about securing web apps using #SpringSecurity.
Explained it in a beginner friendly way. I am sure, you are going to like it.
Stay tuned.
www.youtube.com/playlist?lis...
Part 7 is about securing web apps using #SpringSecurity.
Explained it in a beginner friendly way. I am sure, you are going to like it.
Stay tuned.
www.youtube.com/playlist?lis...
Spring Boot URL Shortener Application - YouTube
www.youtube.com
April 1, 2025 at 4:51 AM
#SpringBoot : Build Short URL Application
Part 7 is about securing web apps using #SpringSecurity.
Explained it in a beginner friendly way. I am sure, you are going to like it.
Stay tuned.
www.youtube.com/playlist?lis...
Part 7 is about securing web apps using #SpringSecurity.
Explained it in a beginner friendly way. I am sure, you are going to like it.
Stay tuned.
www.youtube.com/playlist?lis...
Dive into the latest releases from #Spring 👉 bit.ly/3QKfxUy
Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Integration, Spring AMQP, Spring for Apache Kafka & Spring Web Services.
#Java #SpringBoot #SpringFramework #SpringSecurity #SpringBatch #SpringModulith
Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Integration, Spring AMQP, Spring for Apache Kafka & Spring Web Services.
#Java #SpringBoot #SpringFramework #SpringSecurity #SpringBatch #SpringModulith
March 26, 2025 at 7:27 AM
Dive into the latest releases from #Spring 👉 bit.ly/3QKfxUy
Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Integration, Spring AMQP, Spring for Apache Kafka & Spring Web Services.
#Java #SpringBoot #SpringFramework #SpringSecurity #SpringBatch #SpringModulith
Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Integration, Spring AMQP, Spring for Apache Kafka & Spring Web Services.
#Java #SpringBoot #SpringFramework #SpringSecurity #SpringBatch #SpringModulith
Spring Security is a hotbed of debate! Its open source funding, Apache 2.0 license, and VMware backing raise tough questions: is corporate power stifling true innovation in Java security? Dive in: https://www.license-token.com/wiki/springsecurity-vmware
March 20, 2025 at 9:33 AM
Spring Security is a hotbed of debate! Its open source funding, Apache 2.0 license, and VMware backing raise tough questions: is corporate power stifling true innovation in Java security? Dive in: https://www.license-token.com/wiki/springsecurity-vmware
Spring Security giving you headaches? 😵💫 Cristian Schuszter dives into OAuth2, OIDC, and custom authorization, tackling common pitfalls in Spring Security 6—with live coding! 🔥
#JAXcon #SpringSecurity #OAuth2
➡️ https://jax.de/performance-security/spring-security-advanced-use-cases/?loc=mz ⬅️
#JAXcon #SpringSecurity #OAuth2
➡️ https://jax.de/performance-security/spring-security-advanced-use-cases/?loc=mz ⬅️
March 13, 2025 at 9:02 AM
Spring Security giving you headaches? 😵💫 Cristian Schuszter dives into OAuth2, OIDC, and custom authorization, tackling common pitfalls in Spring Security 6—with live coding! 🔥
#JAXcon #SpringSecurity #OAuth2
➡️ https://jax.de/performance-security/spring-security-advanced-use-cases/?loc=mz ⬅️
#JAXcon #SpringSecurity #OAuth2
➡️ https://jax.de/performance-security/spring-security-advanced-use-cases/?loc=mz ⬅️
We just broke down the Authentication Server and Resource Server setup process step-by-step with practical examples.
Swing by our blog for the complete walkthrough and more Java security content!
#SpringSecurity #OAuth2 #JavaDevelopment #Security #APIAuthentication #MicroservicesSecurity
Swing by our blog for the complete walkthrough and more Java security content!
#SpringSecurity #OAuth2 #JavaDevelopment #Security #APIAuthentication #MicroservicesSecurity
March 12, 2025 at 3:13 AM
We just broke down the Authentication Server and Resource Server setup process step-by-step with practical examples.
Swing by our blog for the complete walkthrough and more Java security content!
#SpringSecurity #OAuth2 #JavaDevelopment #Security #APIAuthentication #MicroservicesSecurity
Swing by our blog for the complete walkthrough and more Java security content!
#SpringSecurity #OAuth2 #JavaDevelopment #Security #APIAuthentication #MicroservicesSecurity
SpringSecurity触ってたら何故かCoyoteのソースまで見ることに
Spring人類には早い
Spring人類には早い
February 7, 2025 at 3:04 PM
SpringSecurity触ってたら何故かCoyoteのソースまで見ることに
Spring人類には早い
Spring人類には早い
Securing #Vaadin Applications with One-Time Token by @martinelli.ch
#SpringFramework #SpringSecurity
#SpringFramework #SpringSecurity
Securing Vaadin Applications with One-Time Token
Logging into an application should be simple for users but still safe and secure. Traditional logins with usernames and passwords work, but they can be inconvenient and sometimes risky if passwords ar...
martinelli.ch
January 31, 2025 at 6:07 PM
Securing #Vaadin Applications with One-Time Token by @martinelli.ch
#SpringFramework #SpringSecurity
#SpringFramework #SpringSecurity