Spring security Flashcards
Hvad står jwt for
JSon Web Token.
Hvad bliver JWT brugt til?
JWT bruges ofte til at autenticere brugere og give dem adgang til ressourcer eller tjenester
SECRET_KEY
is a secret cryptographic key used to sign and verify JWTs.
If authentication fail we get…
401 error..
If authorization fail we get…
403 error
local storage / session storage
bruges til at gemme data, på brugerens computer direkte i browseren.
What is Spring Security?
A powerful and customizable authentication and access-control framework for Java applications.
What is the primary purpose of authentication in Spring Security?
To verify the identity of a user.
What does the term ‘authorization’ refer to in Spring Security?
The process of determining whether a user has permission to access a resource.
Which annotation is used to secure methods in Spring Security?
@PreAuthorize
What is a Security Filter Chain?
A series of filters that process requests and responses in Spring Security.
What is the function of the UserDetailsService interface?
To load user-specific data.
What does CSRF stand for?
Cross-Site Request Forgery
True or False: CSRF protection is enabled by default in Spring Security.
True
Multiple Choice: Which of the following is a common way to secure REST APIs in Spring Security? A) Form-based authentication B) Token-based authentication C) Basic authentication D) All of the above
D) All of the above
What is the default role prefix used in Spring Security?
ROLE_
CSRF
hvis du skal bruge en side der kræver authentication,
undgå at andre kan få adgang til dine oplysninger og ændre login osv..
CORS
en sikkerhedsmekanisme i browsere, der styrer hvilke domæner der må tilgå din server.
@crossOrgin(origine =”*”)
