Get App

Flashcards

Quick study sessions to strengthen memory and retain key concepts.

Flashcard Study

Java: JWT Signatures

Front

Spring Security's Role in JWT Processing?

Spring Security filters can process JWTs for authentication. Spring Security's filter chain can be configured to intercept requests…

View Card →
Flashcard Study

Java: JWT Signatures

Front

Managing User Logout in Stateless Authentication?

Implement token blacklist or expiration strategies. In stateless JWT authentication, token revocation isn't straightforward because tokens don't require…

View Card →
Flashcard Study

Java: JWT Signatures

Front

Risks of Storing JWTs in Local Storage?

Storing JWTs in localStorage exposes them to XSS attacks. Storing JWTs in localStorage makes them accessible via JavaScript,…

View Card →
Flashcard Study

Java: JWT Signatures

Front

Ensuring JWT Integrity with Signatures?

The Signature ensures data integrity and prevents tampering. The Signature in a JWT is created by encoding the…

View Card →
Flashcard Study

Java: JWT Signatures

Front

Why JWT Payloads Aren't Secure by Default?

JWT Payloads are Base64 encoded, not encrypted. The Payload of a JWT is Base64 encoded, which is a…

View Card →
Flashcard Study

Java: JWT Signatures

Front

Understanding the Structure of a JWT?

A JWT consists of a Header, Payload, and Signature. A JSON Web Token (JWT) is composed of three…

View Card →
Flashcard Study

Java: JWT Signatures

Front

Why rotate signing keys?

To reduce blast radius and enable safer operational rollover if a key leaks. Signing keys should be treated…

View Card →
Flashcard Study

Java: JWT Signatures

Front

What does the `kid` header do?

It identifies which signing key should validate the token. When multiple signing keys exist during rotation, the `kid`…

View Card →
Flashcard Study

Java: JSON Web Tokens (JWT)

Front

How does the transition from stateful to stateless authentication help manage JVM Heap memory?

Stateless authentication reduces JVM Heap memory usage by eliminating the need to store session data on the server.…

View Card →
Flashcard Study

Java: JSON Web Tokens (JWT)

Front

Why does CSRF tokens in forms matter in practice?

They prevent unauthorized requests from being processed. Cross-Site Request Forgery (CSRF) tokens are unique tokens added to forms…

View Card →