Spring Security

Question 1

What is Spring Security?

Answer 1

A framework that provides authentication, authorization, and protection against common attacks in Spring applications.

Question 2

What is the @EnableWebSecurity annotation used for?

Answer 2

It enables Spring Security’s web security configuration.

Question 3

How do you secure endpoints in Spring Security?

Answer 3

By configuring access rules in the WebSecurityConfigurerAdapter or with annotations like @Secured and @PreAuthorize.

Question 4

What is the role of UserDetailsService in Spring Security?

Answer 4

It loads user-specific data, typically used for authentication.

Question 5

How do you configure password encoding in Spring Security?

Answer 5

Using a PasswordEncoder bean such as BCryptPasswordEncoder.

Question 6

What is the default login URL provided by Spring Security?

Answer 6

/login.

Question 7

How can you customize the login page in Spring Security?

Answer 7

By overriding the default login page URL and providing a custom login view.

Question 8

What is CSRF protection in Spring Security?

Answer 8

Cross-Site Request Forgery protection, enabled by default in Spring Security to prevent unauthorized actions on behalf of authenticated users.

Question 9

How do you disable CSRF protection in Spring Security?

Answer 9

By calling csrf().disable() in the security configuration.

Question 10

What is OAuth2 in Spring Security?

Answer 10

A framework for implementing single sign-on (SSO) and secure authorization using OAuth2 protocol.