Spring Boot

Spring Security Basics

Spring Security, authentication, authorization, SecurityFilterChain, UserDetailsService, PasswordEncoder

25 perguntas de entrevista·
Mid-Level
1

What is Spring Security?

Resposta

Spring Security is a security framework for Spring applications that provides authentication and authorization features. It protects applications against common attacks (CSRF, XSS, session fixation) and offers integration with various authentication mechanisms (form login, HTTP Basic, OAuth2, JWT). The framework uses a filter chain (Security Filter Chain) to intercept and process HTTP requests before they reach controllers.

2

What is the difference between authentication and authorization in Spring Security?

Resposta

Authentication verifies user identity (who are you?), typically via username/password, while authorization verifies permissions (what can you do?). Authentication happens first and creates a SecurityContext with user information. Authorization then uses this information to decide if the user can access a specific resource. For example, a user can be successfully authenticated but not authorized to access /admin if their role is USER and not ADMIN.

3

What is the SecurityContext in Spring Security?

Resposta

The SecurityContext is an object that contains the security information of the currently authenticated user, primarily the Authentication object. It is stored in the SecurityContextHolder and accessible throughout request processing. After successful authentication, Spring Security creates a SecurityContext containing an Authentication with user details (username, authorities, credentials). This context allows the application to check who the current user is and what their permissions are.

4

How does SecurityContextHolder store the SecurityContext by default?

5

What is the role of the UserDetails interface in Spring Security?

+22 perguntas de entrevista

Outros temas de entrevista Spring Boot

Spring Core - IoC & DI

Junior
22 perguntas

Spring Boot Auto-Configuration

Junior
20 perguntas

Spring Boot Starters

Junior
18 perguntas

Application Properties & YAML

Junior
16 perguntas

Logging with SLF4J & Logback

Junior
20 perguntas

Spring Boot DevTools

Junior
15 perguntas

Spring MVC Basics

Mid-Level
20 perguntas

Spring REST Controllers

Mid-Level
20 perguntas

Request & Response Handling

Mid-Level
20 perguntas

Exception Handling

Mid-Level
25 perguntas

Bean Validation

Mid-Level
25 perguntas

Spring Data JPA Basics

Mid-Level
25 perguntas

JPA Entities & Relationships

Mid-Level
30 perguntas

JPA Queries

Mid-Level
30 perguntas

Spring Data Repositories

Mid-Level
25 perguntas

Spring Boot Actuator

Mid-Level
20 perguntas

Unit Testing with JUnit & Mockito

Mid-Level
30 perguntas

Spring Boot Testing

Mid-Level
30 perguntas

Profiles & Environment

Mid-Level
20 perguntas

RestTemplate & WebClient

Mid-Level
24 perguntas

Async & Scheduling

Mid-Level
25 perguntas

Caching with Spring

Mid-Level
25 perguntas

Spring WebFlux (Reactive)

Mid-Level
25 perguntas

Spring Transactions

Senior
30 perguntas

Advanced Authentication & Authorization

Senior
30 perguntas

JWT & Stateless Security

Senior
20 perguntas

OAuth2 & Authorization Server

Senior
20 perguntas

Spring Boot & Docker

Senior
19 perguntas

Microservices with Spring

Senior
25 perguntas

Spring Cloud Config

Senior
19 perguntas

Performance Optimization

Senior
30 perguntas

GraalVM Native Images

Senior
20 perguntas

Domine Spring Boot para sua proxima entrevista

Acesse todas as perguntas, flashcards, testes tecnicos, exercicios de code review e simuladores de entrevista.

Comece gratis