Spring Security Flash Cards

Spring Security - 10 Cards
Click here to toggle all cards
Authentication
Checking if a user is valid
Authorization
Checking if a user has the right access
Spring Security Filter Chain
A series of filters that Spring Security runs for each request
Form Based Authentication
Used by most web applications, depends on a session cookie (JSESSIONID)
Basic Authentication
Basic option for securing REST APIs, but has many flaws and is not recommended for production.
Cross-Origin Resource Sharing (CORS)
A specification that allows you to configure which cross-domain requests are allowed
JWT (Json Web Token)
An open way of representing claims between two parties. Can contain user details and authorizations.
Symmetric Key Encryption
Uses the same key for encryption and decryption
Asymmetric Key Encryption
Uses two keys - a public key for encryption and a private key for decryption. Also known as Public Key Cryptography.
OAuth
An industry-standard protocol for authorization, which now also supports authentication