Spring Boot

JWT & Stateless Security

Stateless security with JWT, token generation and validation, security filters, refresh tokens

20 preguntas de entrevista·
Senior
1

What is the structure of a JWT (JSON Web Token)?

Respuesta

A JWT consists of three parts separated by dots: Header (algorithm and type), Payload (claims/data), and Signature (integrity verification). Each part is Base64URL encoded. This structure allows secure and verifiable information transmission between two parties.

2

Which JWT claim represents the subject (user) of the token?

Respuesta

The 'sub' (subject) claim identifies the JWT's subject, typically the authenticated user (e.g., user ID or username). It's a standard claim defined in RFC 7519. Other standard claims include 'iss' (issuer), 'exp' (expiration), 'iat' (issued at), 'aud' (audience), and 'jti' (JWT ID).

3

What is the main difference between HMAC and RSA signing algorithms for JWT?

Respuesta

HMAC (e.g., HS256) uses a shared symmetric secret key to sign and verify, while RSA (e.g., RS256) uses an asymmetric key pair (private to sign, public to verify). RSA is preferable when multiple services need to verify tokens without accessing the signing key, as in microservices architectures.

4

Which JWT claim defines the token expiration date?

5

How should a client send a JWT in an HTTP REST request?

+17 preguntas de entrevista

Otros temas de entrevista Spring Boot

Spring Core - IoC & DI

Junior
22 preguntas

Spring Boot Auto-Configuration

Junior
20 preguntas

Spring Boot Starters

Junior
18 preguntas

Application Properties & YAML

Junior
16 preguntas

Logging with SLF4J & Logback

Junior
20 preguntas

Spring Boot DevTools

Junior
15 preguntas

Spring MVC Basics

Mid-Level
20 preguntas

Spring REST Controllers

Mid-Level
20 preguntas

Request & Response Handling

Mid-Level
20 preguntas

Exception Handling

Mid-Level
25 preguntas

Bean Validation

Mid-Level
25 preguntas

Spring Data JPA Basics

Mid-Level
25 preguntas

JPA Entities & Relationships

Mid-Level
30 preguntas

JPA Queries

Mid-Level
30 preguntas

Spring Data Repositories

Mid-Level
25 preguntas

Spring Security Basics

Mid-Level
25 preguntas

Spring Boot Actuator

Mid-Level
20 preguntas

Unit Testing with JUnit & Mockito

Mid-Level
30 preguntas

Spring Boot Testing

Mid-Level
30 preguntas

Profiles & Environment

Mid-Level
20 preguntas

RestTemplate & WebClient

Mid-Level
24 preguntas

Async & Scheduling

Mid-Level
25 preguntas

Caching with Spring

Mid-Level
25 preguntas

Spring WebFlux (Reactive)

Mid-Level
25 preguntas

Spring Transactions

Senior
30 preguntas

Advanced Authentication & Authorization

Senior
30 preguntas

OAuth2 & Authorization Server

Senior
20 preguntas

Spring Boot & Docker

Senior
19 preguntas

Microservices with Spring

Senior
25 preguntas

Spring Cloud Config

Senior
19 preguntas

Performance Optimization

Senior
30 preguntas

GraalVM Native Images

Senior
20 preguntas

Domina Spring Boot para tu próxima entrevista

Accede a todas las preguntas, flashcards, tests técnicos, ejercicios de code review y simuladores de entrevista.

Empieza gratis