Jwt Spring Security Demo

A demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2
Alternatives To Jwt Spring Security Demo
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
4 months ago29mitJava
循序渐进,学习Spring Boot、Spring Boot & Shiro、Spring Batch、Spring Cloud、Spring Cloud Alibaba、Spring Security & Spring Security OAuth2,博客Spring系列源码:https://mrbird.cc
Spring Security8,09516,2151,186a day ago215November 20, 2023935apache-2.0Java
Spring Security
Jwt Spring Security Demo2,534
4 years ago2mitJava
A demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2
Jasypt Spring Boot2,4183521598 months ago30December 15, 202221mitJava
Jasypt integration for Spring boot
Pac4j2,338146152a day ago110November 06, 2023apache-2.0Java
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Spring Boot Leaning2,068
a year ago1Java
Spring Boot 2.X 最全课程代码
Spring Security Oauth1,923
a month ago9mitJava
Just Announced - "Learn Spring Security OAuth":
X Springboot1,845
3 months ago2Java
Security Core1,7539,00841219 days ago500January 24, 2023mitPHP
Symfony Security Component - Core Library
Spring Security React Ant Design Polls App1,617
9 months ago45Java
Full Stack Polls App built using Spring Boot, Spring Security, JWT, React, and Ant Design
Alternatives To Jwt Spring Security Demo
Select To Compare

Alternative Project Comparisons

JWT Spring Security Demo

Screenshot from running application


This is a demo for using JWT (JSON Web Token) with Spring Security and Spring Boot. I completely rewrote my first version. Now this solution is based on the code base from the JHipster Project. I tried to extract the minimal configuration and classes that are needed for JWT-Authentication and did some changes.

Build Status


This demo is build with with Maven 3.6.x and Java 11.


Just start the application with the Spring Boot maven plugin (mvn spring-boot:run). The application is running at http://localhost:8080.

You can use the H2-Console for exploring the database under http://localhost:8080/h2-console:

Screenshot from h2-console login


There are three user accounts present to demonstrate the different levels of access to the endpoints in the API and the different authorization exceptions:

Admin - admin:admin
User - user:password
Disabled - disabled:password (this user is deactivated)

There are four endpoints that are reasonable for the demo:

/api/authenticate - authentication endpoint with unrestricted access
/api/user - returns detail information for an authenticated user (a valid JWT token must be present in the request header)
/api/persons - an example endpoint that is restricted to authorized users with the authority 'ROLE_USER' (a valid JWT token must be present in the request header)
/api/hiddenmessage - an example endpoint that is restricted to authorized users with the authority 'ROLE_ADMIN' (a valid JWT token must be present in the request header)


I've written a small Javascript client and put some comments in the code that hopefully makes this demo understandable. You can find it at /src/main/resources/static/js/client.js.

Generating password hashes for new users

I'm using bcrypt to encode passwords. Your can generate your hashes with this simple tool: Bcrypt Generator

Using another database

Actually this demo is using an embedded H2 database that is automatically configured by Spring Boot. If you want to connect to another database you have to specify the connection in the application.yml in the resource directory. Here is an example for a MySQL DB:

      # possible values: validate | update | create | create-drop
      ddl-auto: create-drop
    url: jdbc:mysql://localhost/myDatabase
    username: myUser
    password: myPassword
    driver-class-name: com.mysql.jdbc.Driver

Hint: For other databases like MySQL sequences don't work for ID generation. So you have to change the GenerationType in the entity beans to 'AUTO' or 'IDENTITY'.

You can find a reference of all application properties here.

Using Flyway



This project has a docker image. You can find it at https://hub.docker.com/r/hubae/jwt-spring-security-demo/.


If you have project related questions please take a look at the past questions or create a new ticket with your question.

If you have questions that are not directly related to this project (e.g. common questions to the Spring Framework or Spring Security etc.) please search the web or look at Stackoverflow.

Sorry for that but I'm very busy right now and don't have much time.

Interesting projects


Stephan Zerhusen

Copyright and license

The code is released under the MIT license.

Please feel free to send me some feedback or questions!

Popular Security Projects
Popular Spring Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Spring Boot
Jwt Authentication
Spring Security