More security! In a modern application the authentication on its own is not sufficient. It’s a common practice to grant different privileges to a group of users. Also when we talk about users, the two basic uses cases come to our mind - user log-in and log-out. In this post we will cover user authorization and OAuth 2 token revocation in the Spring Boot 2 framework. This tutorial is a second part of the recent post introducing token-based authentication in the Spring framework.
Yet another tutorial? Some time ago I’ve been asked to setup authentication for a Spring Boot-based REST application. “Easy-peasy” I said to myself. I’ve been coding in Java for many years. I’ve been using Spring framework since the very early version when you had to love the XML. I took into account all the requirements and proposed a solution with OAuth 2 as an authentication framework. I was happy to start a development.