spring-security-jwt's People
Forkers
radhikari54 nullpointer0 piyushgith nuskarthikeyan jasbir-s-minhas atmakurikirankumar rpbht zainzin ksmung abhinavsinha1991 diegomafu binod-techindustan bk11001 wangjingyi qwaider khacdinh shakhawatmollah arunpnambiar sakib-shadman zaitzev16 nandini-ps-fk naveenc0505 lanaflonperso hcnhatnam ganeshlakshmi9 vishnu2497 gaohanghang felipefucs geethas88 lanaflonform mahendran-natarajan hellspawn287 brijeshsrivastava21 habeebcycle kvvswaminaidu jpssasadara leenawat jaisonsteephen kalloaa sanbag1985 yurekesley setushwetank prakashtjp abdulkatheer kgotgit chepaiytrath filikliktilahun tetrazon softgen007 manjeet5079 jkdilunika fechau alaposi muralidharan-rade shahmilanp86 arccaelt luiz158 durgasankar theinzawisgm rishikesh10 kutanulgen somasundaram1996 kdallas1203 nazmul-prince technovikram hoangdinh98 kaikrk divyansh2710 stefanofiorenza twonails srinidhi1071 shubham1210 akshaymemane flashxfork anandsaij kakachen kalana-code naqib83 0thmane fengchen810823 salmanhusein chetannpatil gpamitranjit rarrarra99 cyberglad jayakrishnanpr santoshngithub prateek-jss saifi346 mfmehdi vinay-sv ahmedghallab deeps0007 tajbist anubhavgupta1012 krishb-appdesk ramirezramirez125 nanduk667 rishabhhanday gurunathaspring-security-jwt's Issues
403 - Forbidden Error
I am getting 403 - Forbidden error on Postman after sending valid token in the header.
Possible authentication bypass.
There is an authentication bypass in the whole project, correct me if wrong. Steps to reproduce:
- Import project from version control.
- Do a post request on /authenticate endpoint with the following body: {"username":"random","password":"foo"}
When matching at least the password field the caller gets a response with a valid token matching the correct user.
Username can be anything.
SecurityConfigurer.java missing
SecurityConfigurer.java missing
Error creating bean with name 'springSecurityFilterChain'
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.NullPointerException: Cannot invoke "Object.getClass()" because "filter" is null
returns 200 ok for "/authenticate" endpoint
the override of the configure(httpSecurity) method always returns 200 ok for "/authenticate" endpoint and the break point in the respective function is not reached.
how to solve this?
There should be RestController
In this application, there should be RestController unable to find. Are you forgot to push? to repo
Refresh Token
Please add refresh token functionality so that access token's expiry can be made lesser.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.