Visit brilliant.org/DailyCodeBuffer/ to get started learning STEM for free, and the first 200 people will get 20% off their annual premium subscription.
Nice video. One suggestion, it would be better if you spend the first 15 mins of the video on which functions you plan to create and why. This would help us have a bigger picture in mind. Thank you for your effort.
Learning spring security is really making me scratch head (sorry, I am just a newbie to spring😂) . And this tutorial really helps me a lot, many thanks !❤
Great videos, great explanation, great topics. I would like to see more Reactive Spring with Kotlin and Postgres (or just reactive spring with java and postgres)! Keep up the good work!
The most awaited one i guess... All functionalities in a single course.. Loved it ❤️ If you could continue this course and add List of Roles instead of single role it would be really helpful..
I felt that your explanation of the topics is awesome, I have only one suggestion that instead you do one video with long hours can break into small and share as a series would be very nice.
Ohohohoho... another excellent hands on series, which is like all in one here... this really helps us a lot... and thanks for sharing those links... I know its not easy to make such long informative tutorial without getting side tracked anywhere.... appreciate your efforts and patience in making such good videos... thank you much :)
Thanks for the tutorial. I just have a question, where are we getting the oauth2 access token from the authorisation server and where are we validating it in our client before the endpoint is accessed from rhe browser.
Is there any video or a part of a video that you explained why we use events etc. ?? I dont get it why we need events in confirming user email and generally why we need events?
The video was good but I just have one doubt. When the token is expiring you are deleting it from the database, so if someone wants to regenerate the token after expiration then he will not be able to generate as the generation of new token requires the availability of old token in the database. So, do we need to delete the token if it has expired ?
Could please do a plsylist on creating e commerce application using 1.spring boot microservices 2. Mongodb 3. Rabbitmq 4. Jwt auth 5. Api gsteway 6. Circuit breaker 7. Elk stack 8. Redis cache With microservices user(admin, inventory, nrml customer ) Cart Wishlist Payment Subscription (like amazon prime, Flipkart plus) Please try to do it. It will help us a lot. From your previous video we learn all individualy. Please do this project. It helps us how to know how things work togethe
I have little doubt, if user get the token after the 10 min of registration and then it will click for enable his registration. Now token has been expired and he has no api to re-generate the token again because you deleted the record from database. I think you need to focus on this and explore the api again. Thanks buddy for tutorial
Hi, can anyone tell me which is the advantage of using the application events for the send of the email rather than using a simple service method to do it when the user is registered? Thank you
Hey 👋 I just wanted to ask you one thing, why we are using two different classes for model and entity, why they can’t be same? Why we can’t use entity as modal(POJO), since we are having duplicate code.
I am getting Access to localhost is denied error and 403 error while trying to run the SpringSecurityClientApplication part. Somebody please help me fix it.
I believe the issue can be fixed if you add "/verifyRegistration" to the static String[] WHITE_LIST_URLS in WebSecurityConfid package, if you had not done that yet.
Very in details explaining for concept, Thanks Shabbir. But I'm stuck at auth-server:9000/login page its giving whitelabel error page ? Where did I go wrong?
Great. I have really learn a lot from your video. On this one, you said we can resend token even if token was not gotten but resending token requires old token. Is there anything I’m missing?
hi, how can i redirect to a html page, where i can show user information instead of showing json. Can any one help ? I am working with separate frontend and backend. Thank you.
Hi The video was amazing . Just a small thought when we are resending verification token we should also update the time in verification token table . Seems like as per current implenentation the expiration time is not getting updated in database along with new token . Please share your thoughts if i am wrong
When you have entity then why you created model I don't understand???Actually I have covered spring-boot videos of another youtuber..... Am here for Spring-Security only.....So it's kind of confusing for me.....
Very wonderful video explanation. Although I would like to know one more aspect that how can we write Unit Tests for this code. Rather in generic how can we write Unit Tests for Spring based projects.
I have given only one URL in whitelist but its permits all the end points. I have cloned your code as well but its stil the same. Can you please confirm what are the changes required
Microservices video helped me a lot. Thanks for your efforts. 1 Question - Can I use this spring security code in my Login service in microservices? Please suggest me. waiting for your reply
Thanks for tutorial, I just had one problem. If i initially create a user but the token expires, and then I try to access the link via email, ie. /confirm?token=xxx Then obviously it won't validate because the token is expired, but then it also deletes that token when I call the endpoint to confirm after the token is expired. This means when I try to resend the confirmation token /resendVerifyToken after the token is expired, it won't work because the old token was deleted from the database, and I can't get a new link with the token to confirm account again. I hope it makes sense, can you please inform what to do?
Okay so instead of deleting the token in this condition check, if((confirmationToken.isConfirmationTokenExpired())) { confirmationTokenRepository.delete(confirmationToken); } I removed the delete statement so that it doesn't delete the token if a user hits /confirm after the token has expired, now I can generate a new token using this token because it's still in the database even if the token is expired. Please let me know if this is okay?
Hi Shabbir. Thanks for this detailed tutorial on Spring Security, easy to understand. However I am facing issue while building client app. Error LogCaused by: java.lang.IllegalStateException: Unknown provider ID 'spring' Is there any configuration I have missed to add. Kindly assist on this. TIA.
It's a very useful video. I tried to implement it to the end according to the tutorial. However, when I log in as a valid user, the "Content required" page does not appear. WhiteErrorPage (Bad Request / 400 error) is displayed. What could be the cause?
This video is good but I have not understood anything. What is the difference between the model and the entity? Because I tried implementing things as you have done in the video but my code kept on pointing back to the entity class and not the model class
When the verification token expires, how would you handle the unverified user entry, in the database? In case that person wants to register with those same details. Great video by the way
I think we can always check if that user already exists in the database before creating the user. If the user exists but the registration has not been verified then we can just resend a verification token to complete the pending registration instead of re-registration.
@@kareendawn4991 if the vertificationToken is expired then how are we going to get the user details, as he is deleting the token from the DB. I think the token shouldn't be deleted instead there should just be some service logic which just checks if the token is expired or not.
Whole course is just amazing almost solve my every doubt about spring security thing You are amazing @dailycodebuffer Just a one request could you please make one video for explaining that Oauth2 thing we are confused where do we have to make changes in "Application.yml" file.
I just start watching this hope it will be another great video 🙂🙃 Please make a video series on angular + springboot+ microservices + security + MySQL etc. like a Realtime example of full stack application end to end .
Hello! I really like the way you teach us how to do complex things easily. Really like your videos. Please, can you tell me which IntelliJ theme you're using? It looks very cool! Thanks!
Great Job Bro👍 A small request from my side could you please make introductory video on applicationEvents and listener i am new learner and it will help new learners like me🙏🙏
@@DailyCodeBuffer thanks :) Can I ask You one more question: how do You learn such concepts? You go through the documentation? Read books? How long does it take You to be comfortable with the topic? I ask because You have deep understanding of the matter and is very intriguing :)
I go through the documentation and sample examples provided by the library or framework Thats gives a little better understanding of how to use the framework and library Then I build a small project from it And i don’t try to learn everything at s time. Whatever is needed I learn that only Thank you so much and I am no expert in any matter ☺️
Hi! Thank you again for the one of the best channels on youtube, fast and clear! I have a question, what is the difference between this and the OAuth 2.0 Implementation with Spring Security and Spring Boot | Full Example video? I am learning about jwt and security and had read about a config server with spring cloud for store secret keys for authorization, something like that. Do you have any video like that?
![Microservices using SpringBoot 3.0 | Full Example [NEW]](http://i.ytimg.com/vi/HFl2dzhVuUo/mqdefault.jpg)
Visit brilliant.org/DailyCodeBuffer/ to get started learning STEM for free, and the first 200 people will get 20% off their annual premium subscription.
0
Again what theme are you using? Can you make video on User Role, User Group.
Nice video. One suggestion, it would be better if you spend the first 15 mins of the video on which functions you plan to create and why. This would help us have a bigger picture in mind. Thank you for your effort.
Thanks for suggestion
I will try to implement that way from now on
Keep Supporting
This is the best Spring Security Course about Authorization and Resource Server so far. Thanks bro, you made my day!
Thanks 🙏
Hope you enjoy the tutorial 😊
Learning spring security is really making me scratch head (sorry, I am just a newbie to spring😂) . And this tutorial really helps me a lot, many thanks !❤
Bro, I am watching this video at 1.5x.
1:01:11 You are creating new token. Then I think you should also update the expiration time as well. Please let me know right or wrong.
Great videos, great explanation, great topics. I would like to see more Reactive Spring with Kotlin and Postgres (or just reactive spring with java and postgres)! Keep up the good work!
Thanks 🙏
lot of depricated API 's , methods , classes are there security is updated a lot in spring 6 pls do an updated tutorial .
yes
The most awaited one i guess... All functionalities in a single course.. Loved it ❤️
If you could continue this course and add List of Roles instead of single role it would be really helpful..
Will plan on it 🙏
An extremely important topic explained in a very simplified manner!
Thanks 🙏🏻
I felt that your explanation of the topics is awesome, I have only one suggestion that instead you do one video with long hours can break into small and share as a series would be very nice.
Very helpful for beginners and intermediate spring developers... Exceptional content 👏👍
Thanks 🙏🏻
Ohohohoho... another excellent hands on series, which is like all in one here... this really helps us a lot... and thanks for sharing those links... I know its not easy to make such long informative tutorial without getting side tracked anywhere.... appreciate your efforts and patience in making such good videos... thank you much :)
Thanks 🙏🙏
Firstly, I find your video is a bit tough but now I'm learning more with your concepts.... Thanks
Thanks 🙏🏻
I will try more to make it more understandable
@@DailyCodeBuffer Can u suggest me from where I learnt about Spring Scheduling CRON
Probably the best tutorial I saw on this topic
Thanks 🙏🏻
At 41:00 why we are disabling the cors and csrf. Can anyone tell me the exact purpose of this two functions.
Time 1:50:00 you added transactional in the CustomUserDetailsService, is there any reason for that??
do u have a playlist for newbies or could u plz recommend a source cuz found my self just copy pastin'
best thing about his video is how he creates bookmark chapter for each concept
Try to reimport your maven project right hand side and verify it has the right dependencies. You shouldn’t need to invalidate cache.
Thanks for the tip. I will do that from now
Thanks!
🙏🏻🙏🏻
Thanks for the tutorial. I just have a question, where are we getting the oauth2 access token from the authorisation server and where are we validating it in our client before the endpoint is accessed from rhe browser.
Please explain with the project react .Previous movie
Is there any video or a part of a video that you explained why we use events etc. ?? I dont get it why we need events in confirming user email and generally why we need events?
The video was good but I just have one doubt. When the token is expiring you are deleting it from the database, so if someone wants to regenerate the token after expiration then he will not be able to generate as the generation of new token requires the availability of old token in the database. So, do we need to delete the token if it has expired ?
Could please do a plsylist on creating e commerce application using
1.spring boot microservices
2. Mongodb
3. Rabbitmq
4. Jwt auth
5. Api gsteway
6. Circuit breaker
7. Elk stack
8. Redis cache
With microservices user(admin, inventory, nrml customer )
Cart
Wishlist
Payment
Subscription (like amazon prime, Flipkart plus)
Please try to do it. It will help us a lot.
From your previous video we learn all individualy.
Please do this project. It helps us how to know how things work togethe
how to make a post Request call from Postman for the same endpoint ?
Why do you add the dependencies to the submodules pom and not to the parents pom? Isn't this supposed to be the other way around?
I have little doubt, if user get the token after the 10 min of registration and then it will click for enable his registration.
Now token has been expired and he has no api to re-generate the token again because you deleted the record from database.
I think you need to focus on this and explore the api again.
Thanks buddy for tutorial
Please tell me why we create service interface and it's implementation seprate , what is its benefit??
how do we add security client project as a module in spring security tutorial project? I'm using eclipse IDE.
How would you get hold of old token in case the email is not received to regenerate token?
This is gold, great concepts explained in a simple way
Thanks 🙏
Please help me!
My code cannot redirect after authorization successfully, thems still login rollback.
The best lessons for Spring boot auth, security.
Thanks 🙏
Hi, can anyone tell me which is the advantage of using the application events for the send of the email rather than using a simple service method to do it when the user is registered? Thank you
Unknown provider ID 'spring' not sure why i am getting this issue
Hey 👋
I just wanted to ask you one thing, why we are using two different classes for model and entity, why they can’t be same?
Why we can’t use entity as modal(POJO), since we are having duplicate code.
i think model is same as dto.if u dont want to expose all the db column to client then u use model or dto
Hello , very informative video.
Need to know how to track multiple failed login attempts and how to block the user using spring security
Great video as Always, Allah grant you great success a head, as you are sharing such a valuable content for free.
Thank you so much 🙏
Hello, can i have a question? So, in this course, did you used spring security with JWT?
Your videos are great and on point...it helped me learn spring boot very clearly without any doubts...thanks
Glad to hear that you got value from th tutorial 🙏🙏
Keep Supporting
@@DailyCodeBuffer please make a video on Quartz scheduler implementing calender also as it is not well explained anywhere on RUclips
In this project, How can we register the user after applying auth2 security.
I am getting Access to localhost is denied error and 403 error while trying to run the SpringSecurityClientApplication part. Somebody please help me fix it.
I believe the issue can be fixed if you add "/verifyRegistration" to the static String[] WHITE_LIST_URLS in WebSecurityConfid package, if you had not done that yet.
Which theme are you using? Is it Community Edition or Premium?
is it possible to have client and auth server in the same project (jar -file )???
Very in details explaining for concept, Thanks Shabbir.
But I'm stuck at auth-server:9000/login page its giving whitelabel error page ?
Where did I go wrong?
Great. I have really learn a lot from your video. On this one, you said we can resend token even if token was not gotten but resending token requires old token. Is there anything I’m missing?
Thank you so much if I had said so then I missspoke. sorry for that. But yeah once we get the tokrn then only will be able to send it.
Brilliant Brother....You make coding easy as pie....👍👍
Thanks Krunal 🙏🙏
Hii broo I have one doubt, like how the role data have to give static, means when we are storing the data into database can we give the role
hi, how can i redirect to a html page, where i can show user information instead of showing json. Can any one help ? I am working with separate frontend and backend. Thank you.
I hope you are reading this, why did you use User in both model and Entity
Wow😊😊😊😊 Thanks Alot.
Do you have a video on Testing in springboot ?
I really enjoy how you teach spring🥺
Thanks 🙏
Spring boot tutorial covers the Testing as well
Yea..I mean writing unit testing and integration testing in springboot
Yes that. Please checkout that tutorial. If you think that any other topics needed, I will plan a video on that
Bro in now they are saying there are lot of changes done in spring security is it older or new one is it ok for me to learn this
Suggest me bro
Hi The video was amazing . Just a small thought when we are resending verification token we should also update the time in verification token table . Seems like as per current implenentation the expiration time is not getting updated in database along with new token . Please share your thoughts if i am wrong
because he was setting the expiration time from entity and not updating VerificationToken entity expiration time before saving to db
When you have entity then why you created model I don't understand???Actually I have covered spring-boot videos of another youtuber..... Am here for Spring-Security only.....So it's kind of confusing for me.....
Very wonderful video explanation. Although I would like to know one more aspect that how can we write Unit Tests for this code. Rather in generic how can we write Unit Tests for Spring based projects.
I have given only one URL in whitelist but its permits all the end points.
I have cloned your code as well but its stil the same.
Can you please confirm what are the changes required
I am also facing th same issue, whitelisting doesn't works
Thank you Shabbir ❤❤ I hope you are Listen my request this video. Your teaching style is amazing 👏 😍 🙌
Thanks buddy 😊
Microservices video helped me a lot. Thanks for your efforts. 1 Question - Can I use this spring security code in my Login service in microservices? Please suggest me. waiting for your reply
Yes
Thanks for tutorial, I just had one problem.
If i initially create a user but the token expires, and then I try to access the link via email, ie.
/confirm?token=xxx
Then obviously it won't validate because the token is expired, but then it also deletes that token when I call the endpoint to confirm after the token is expired.
This means when I try to resend the confirmation token /resendVerifyToken after the token is expired, it won't work because the old token was deleted from the database, and I can't get a new link with the token to confirm account again.
I hope it makes sense, can you please inform what to do?
Okay so instead of deleting the token in this condition check,
if((confirmationToken.isConfirmationTokenExpired())) {
confirmationTokenRepository.delete(confirmationToken);
}
I removed the delete statement so that it doesn't delete the token if a user hits /confirm after the token has expired, now I can generate a new token using this token because it's still in the database even if the token is expired.
Please let me know if this is okay?
@PT_Trainer, what if the email was never gotten
Hi Shabbir. Thanks for this detailed tutorial on Spring Security, easy to understand. However I am facing issue while building client app.
Error LogCaused by: java.lang.IllegalStateException: Unknown provider ID 'spring'
Is there any configuration I have missed to add. Kindly assist on this. TIA.
hey Soumen I am facing same issue.Did you find solution?
Really heartly appreciated...mind blowing explanation...keep it up...god bless you for sharing knowledge with us.
🙏🏻❤️
Nice and Informative with Clear explanation Thanks.😊
Most welcome 😊
It's a very useful video. I tried to implement it to the end according to the tutorial. However, when I log in as a valid user, the "Content required" page does not appear. WhiteErrorPage (Bad Request / 400 error) is displayed.
What could be the cause?
same error for me too if you find the solution can you share it please
Can you make a part how to configure and prevention of CSRF attacks in Spring web application. ( I am not talking about spring boot )
A nice masterpiece . Which of your videos did you implement email with springboot ?
@33:43 MINUTES , You said you have created a video for sending email. which of your videos please ?
Can we use @Bean inside @Service as PasswordEncoder is defined in CustomUserDetailService Class?
Btw Thank you for your efforts.
Also at 2:10:19 will bindAuthenticationProvider be @Autowired or @Bean?
This video is good but I have not understood anything. What is the difference between the model and the entity? Because I tried implementing things as you have done in the video but my code kept on pointing back to the entity class and not the model class
that's an approach called dto i think
Hey, May I know which theme u have used in intellij idea?? Thanks 😀
Xcode Dark
@@DailyCodeBuffer Thank you.
Hi! Amazing video! What could be happening if after login, with correct credentials, the login page is shown again? Thanks!!
Man, you are doing a great work!! Pls make some more videos.
Thanks 🙏
Great video as always, everything is free, this is amazing. Thank you
🙏🏻
When the verification token expires, how would you handle the unverified user entry, in the database? In case that person wants to register with those same details.
Great video by the way
I think we can always check if that user already exists in the database before creating the user. If the user exists but the registration has not been verified then we can just resend a verification token to complete the pending registration instead of re-registration.
@@kareendawn4991 if the vertificationToken is expired then how are we going to get the user details, as he is deleting the token from the DB. I think the token shouldn't be deleted instead there should just be some service logic which just checks if the token is expired or not.
Whole course is just amazing almost solve my every doubt about spring security thing
You are amazing @dailycodebuffer
Just a one request could you please make one video for explaining that Oauth2 thing we are confused where do we have to make changes in "Application.yml" file.
I just start watching this hope it will be another great video 🙂🙃
Please make a video series on angular + springboot+ microservices + security + MySQL etc. like a Realtime example of full stack application end to end .
Will plan something
@@DailyCodeBuffer Thanks it will be great
He is not robot
Your helpful videos are the give away for us.Thanks and all the best 🙏👍
🙏🙏
Please which color theme is this ??
Xcode dark theme
why did you use * on the endpoints inside Webconfig !!??
also great content thank you
* as a wild char to allow everything
Thanks 🙏🏻
@@DailyCodeBuffer thank you so much for you quick response really enjoy your content
great job
Hello! I really like the way you teach us how to do complex things easily. Really like your videos. Please, can you tell me which IntelliJ theme you're using? It looks very cool! Thanks!
Thank you so much 😊
I am using Xcode dark theme
@@DailyCodeBuffer thanks again.
Nice Tutorials❤Best Channel 👍
Thanks 🙏🏻
Could you add JWT option ?
Great Job Bro👍 A small request from my side could you please make introductory video on applicationEvents and listener i am new learner and it will help new learners like me🙏🙏
Does it have opene I'd connect too ?
Yes
please tell me what theme u used in IJIdea?
Using Xcode Dark theme
Thanks sir
Hi , do you have vídeos of Spring webflux?
I love Your Setup..
u r using Intellij ?? & theme & icon theme..
Thanks
Bro. Can you do a cloning project using spring-boots ?
Great tutorial!!!. Any videos regarding Vaadin and Springboot framework in future?
Will plan on it
Awesome tutorial, Thank you
Please post the Angular videos also.
Planning on it
you created another project as parent and added the two projects but you didn't said it in the video
Weeknd stuff 🔥🙏🏻🙏🏻🥳
🙏🙏
Besides it'a an awesome tutorial (You really have a talent for this) - how did You customize Intellij like that? Is that kind of a theme or plugin?
Thanks 🙏
That is xcode dark theme and Atom icons packs
@@DailyCodeBuffer thanks :) Can I ask You one more question: how do You learn such concepts? You go through the documentation? Read books? How long does it take You to be comfortable with the topic? I ask because You have deep understanding of the matter and is very intriguing :)
I go through the documentation and sample examples provided by the library or framework
Thats gives a little better understanding of how to use the framework and library
Then I build a small project from it
And i don’t try to learn everything at s time. Whatever is needed I learn that only
Thank you so much and I am no expert in any matter ☺️
@@DailyCodeBuffer thanks for respond :) You are inspirng (at least for me) what makes You kinda expert :D
Why are you calling super() in VerificationToken()
Very useful and very informative
Glad it was helpful!
yo can you make file upload in springboot?
Hi! Thank you again for the one of the best channels on youtube, fast and clear! I have a question, what is the difference between this and the
OAuth 2.0 Implementation with Spring Security and Spring Boot | Full Example video? I am learning about jwt and security and had read about a config server with spring cloud for store secret keys for authorization, something like that. Do you have any video like that?
20:55
Lets get started
Hi amazing video!! Wtha is you ide theme?? Is epic!!! 😉👍🏼
Thanks 🙏🏻
It is Xcode Dark
@@DailyCodeBuffer thks for your answer!! This theme include the icons in the project exolorer? Or is other plug-in?
For icon’s, I am using Atom icons plugin