Spring Boot

Advanced Authentication & Authorization

Advanced authentication, fine-grained authorization with @PreAuthorize/@PostAuthorize, roles, permissions, SpEL

30 perguntas de entrevista·
Senior
1

What is the main role of the UserDetailsService interface in Spring Security?

Resposta

UserDetailsService is responsible for loading user information from the data source (database, LDAP, etc.) during authentication. Its loadUserByUsername() method returns a UserDetails object containing the username, password, roles and authorities. Spring Security then uses this information to validate credentials and build the SecurityContext.

2

Which annotation enables method-level security in Spring Security 6+?

Resposta

@EnableMethodSecurity is the modern annotation in Spring Security 6+ that enables method-level security. It replaces the old @EnableGlobalMethodSecurity and enables @PreAuthorize, @PostAuthorize and @Secured by default. It uses AOP proxy-based configuration to intercept method calls and check authorizations.

3

When does the @PreAuthorize annotation check authorizations?

Resposta

@PreAuthorize checks authorizations BEFORE method execution. If the SpEL condition returns false, an AccessDeniedException is thrown and the method is never executed. This prevents access to unauthorized resources from the start. In contrast, @PostAuthorize checks after execution, which is useful for filtering results based on the user.

4

What is the main difference between hasRole() and hasAuthority() in Spring Security?

5

How to implement a custom UserDetailsService that loads users from a database?

+27 perguntas de entrevista

Outros temas de entrevista Spring Boot

Spring Core - IoC & DI

Junior
22 perguntas

Spring Boot Auto-Configuration

Junior
20 perguntas

Spring Boot Starters

Junior
18 perguntas

Application Properties & YAML

Junior
16 perguntas

Logging with SLF4J & Logback

Junior
20 perguntas

Spring Boot DevTools

Junior
15 perguntas

Spring MVC Basics

Mid-Level
20 perguntas

Spring REST Controllers

Mid-Level
20 perguntas

Request & Response Handling

Mid-Level
20 perguntas

Exception Handling

Mid-Level
25 perguntas

Bean Validation

Mid-Level
25 perguntas

Spring Data JPA Basics

Mid-Level
25 perguntas

JPA Entities & Relationships

Mid-Level
30 perguntas

JPA Queries

Mid-Level
30 perguntas

Spring Data Repositories

Mid-Level
25 perguntas

Spring Security Basics

Mid-Level
25 perguntas

Spring Boot Actuator

Mid-Level
20 perguntas

Unit Testing with JUnit & Mockito

Mid-Level
30 perguntas

Spring Boot Testing

Mid-Level
30 perguntas

Profiles & Environment

Mid-Level
20 perguntas

RestTemplate & WebClient

Mid-Level
24 perguntas

Async & Scheduling

Mid-Level
25 perguntas

Caching with Spring

Mid-Level
25 perguntas

Spring WebFlux (Reactive)

Mid-Level
25 perguntas

Spring Transactions

Senior
30 perguntas

JWT & Stateless Security

Senior
20 perguntas

OAuth2 & Authorization Server

Senior
20 perguntas

Spring Boot & Docker

Senior
19 perguntas

Microservices with Spring

Senior
25 perguntas

Spring Cloud Config

Senior
19 perguntas

Performance Optimization

Senior
30 perguntas

GraalVM Native Images

Senior
20 perguntas

Domine Spring Boot para sua proxima entrevista

Acesse todas as perguntas, flashcards, testes tecnicos, exercicios de code review e simuladores de entrevista.

Comece gratis