This project demonstrates the implementation of security using Spring Boot 3.0 and JSON Web Tokens (JWT). It provides a robust authentication and authorization system with features like JWT-based login, role-based permissions, access denial handling, logout, and refresh token support. Additionally, it securely sends tokens using HttpOnly cookies.
- User Login with JWT Authentication: Secure user authentication using JSON Web Tokens.
- Role-Based Authorization: Assign roles with fine-grained permissions for access control.
- Customized Access Denied Handling: Handle unauthorized access gracefully.
- Logout Mechanism: Provide users with a secure way to log out.
- Refresh Token: Implement token refreshing for long-lived sessions.
- Secure Token Delivery: Tokens are securely delivered using HttpOnly cookies.
- Spring Boot 3.0: The foundation of the application.
- Spring Security: For robust security features.
- JSON Web Tokens (JWT): Used for secure authentication and authorization.
- Maven: For project management and dependency handling.
- MySQL: As the database backend.
To get started with this project, ensure that you have the following prerequisites installed on your local machine:
- JDK 17+: Install the latest Java Development Kit.
- Maven 3+: Install the latest version of Maven for dependency management.
Follow these steps to build and run the project:
- Clone the repository:
git clone https://github.com/hichambouttaj/jwt-access-refresh-cookie-spring-security.git- Navigate to the project directory:
cd jwt-access-refresh-cookie-spring-security- Create a MySQL database named "jwt_cookie."
- Build the project:
mvn clean install- Run the project:
mvn spring-boot:runThe application will be available at http://localhost:8080.
Feel free to explore the code, customize it to your needs, and use it as a reference for implementing secure authentication and authorization in your own Spring Boot projects.