Quick study sessions to strengthen memory and retain key concepts.
How does the Spring Security Filter Chain handle JWTs?
It includes filters that authenticate requests using JWTs. In Spring Security, filters are configured to intercept requests and…
View Card →What role do PreparedStatements play in preventing SQL Injection?
They separate SQL logic from data. Frame the concept in practical terms so you can explain it during…
View Card →Why is using a BCrypt Work Factor important for password security?
It controls the hashing algorithm's computational cost. The Work Factor determines how many times the BCrypt algorithm runs,…
View Card →What does the JWT Header contain?
The JWT Header contains metadata about the token. The Header typically includes the type of token and the…
View Card →How does a server verify a JWT without hitting the database?
The server verifies a JWT using its signature. When a JWT is received, the server uses a secret…
View Card →What are JSON Web Tokens (JWT) used for in Java applications?
JWTs are used for stateless authentication. JWTs allow secure information exchange between parties as a JSON object. In…
View Card →Why is long-lived access tokens risky in practice?
A stolen token remains usable for much longer. Token lifetime is an operational security choice. A long expiration…
View Card →Why not store secrets in the JWT payload?
Because the payload is readable claim data, not encrypted secure storage. JWT payloads are base64-encoded, not hidden. Anyone…
View Card →How would you explain a safer token lifecycle in an interview?
Short-lived access tokens plus controlled refresh and revocation strategy. JWT design is not finished once token creation works.…
View Card →What are potential pitfalls of misusing java.time.LocalDateTime?
LocalDateTime lacks timezone info. Frame the concept in practical terms so you can explain it during interview discussion.…
View Card →