0% found this document useful (0 votes)
3 views

Spring Security

Spring Security is primarily used for authentication and authorization in web applications, securing the HTTP protocol. In Spring Boot, it can be enabled by adding the 'spring-boot-starter-security' dependency and customized by extending the 'WebSecurityConfigurerAdapter'. Basic Authentication uses Base64-encoded credentials and is considered weak security unless used with HTTPS.

Uploaded by

ayushjohari0603
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
3 views

Spring Security

Spring Security is primarily used for authentication and authorization in web applications, securing the HTTP protocol. In Spring Boot, it can be enabled by adding the 'spring-boot-starter-security' dependency and customized by extending the 'WebSecurityConfigurerAdapter'. Basic Authentication uses Base64-encoded credentials and is considered weak security unless used with HTTPS.

Uploaded by

ayushjohari0603
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Spring Security

What is Spring Security

1. What is the primary purpose of Spring Security?


o A) Logging
o B) Authentication and authorization
o C) Data persistence
o D) Dependency injection

Answer: B) Authentication and authorization

2. Which of the following is not a feature provided by Spring Security?


o A) Protection against CSRF attacks
o B) Built-in database management
o C) Authentication
o D) Authorization

Answer: B) Built-in database management

3. Which protocol is primarily secured by Spring Security for web applications?


o A) FTP
o B) HTTP
o C) SMTP
o D) SNMP

Answer: B) HTTP

Spring Security with Spring Boot

4. Which dependency is primarily added to a Spring Boot application to enable Spring Security?
o A) spring-boot-starter-web
o B) spring-boot-starter-data-jpa
o C) spring-boot-starter-security
o D) spring-boot-starter-thymeleaf

Answer: C) spring-boot-starter-security

5. In a Spring Boot application, how can you customize the default security configuration?
o A) By creating a class that extends WebSecurityConfigurerAdapter
o B) By creating a class that extends SpringBootApplication
o C) By modifying application.properties
o D) By creating a class that extends SpringApplication

Answer: A) By creating a class that extends WebSecurityConfigurerAdapter

6. What is the default behavior of Spring Security in a Spring Boot application without any custom configuration?
o A) No authentication required
o B) HTTP Basic Authentication
o C) Form-based login
o D) Token-based authentication

Answer: B) HTTP Basic Authentication


Basic Authentication

7. What does Basic Authentication use to authenticate users?


o A) Cookies
o B) JWT tokens
o C) Base64-encoded username and password
o D) OAuth tokens

Answer: C) Base64-encoded username and password

8. Which HTTP header is used to send the credentials in Basic Authentication?


o A) Authorization
o B) Authenticate
o C) Credentials
o D) Auth

Answer: A) Authorization

9. What type of security does Basic Authentication provide?


o A) Strong security because of password encryption
o B) Weak security, vulnerable to interception if not used with HTTPS
o C) Stateful authentication
o D) Token-based authentication

Answer: B) Weak security, vulnerable to interception if not used with HTTPS

Authentication with User Credentials from Database and Authorization

10. Which interface must be implemented to retrieve user details from a database in Spring Security?
o A) UserDetailsManager
o B) UserDetails
o C) UserDetailsService
o D) UserManager

Answer: C) UserDetailsService

11. Which component in Spring Security is used to encode passwords?


o A) PasswordEncoder
o B) PasswordHasher
o C) PasswordEncrypter
o D) PasswordManager

Answer: A) PasswordEncoder

12. Which annotation is used to specify security configurations at method level in Spring Security?
o A) @Secured
o B) @Security
o C) @Protected
o D) @RolesAllowed

Answer: A) @Secured
JWT Authorization

13. What does JWT stand for?


o A) Java Web Token
o B) Java Wide Token
o C) JSON Web Token
o D) JSON Wide Token

Answer: C) JSON Web Token

14. In JWT-based authentication, what component typically handles token creation and validation?
o A) TokenProvider
o B) TokenManager
o C) TokenEncoder
o D) TokenFactory

Answer: A) TokenProvider

15. Where is the JWT typically stored on the client side?


o A) Cookies
o B) Local Storage or Session Storage
o C) HTML Meta Tags
o D) CSS Files

Answer: B) Local Storage or Session Storage

16. Which HTTP header is commonly used to pass the JWT token in requests?
o A) Authorization
o B) Authenticate
o C) Token
o D) JWT

Answer: A) Authorization

17. What is a common structure of a JWT?


o A) Header, Payload, and Signature
o B) Username, Password, and Timestamp
o C) Token, Secret, and Timestamp
o D) Header, Token, and Footer

Answer: A) Header, Payload, and Signature

You might also like