I am using Spring MVC and I want to encrypt the password that gets saved in dB, I had a look into other threads and they suggest going with MD5. Is it a good practice to go with MD5 or is there any other method in Spring to achieve it?

I’m learning spring security and feeling confused by the order of multiple SecurityFilterChain.

I have a problem with security configuration. When the application starts, there is a GlobalSecurityConfiguration where KeyCloakConfig distributes requests between offline and online modes,
public GlobalSecurityConfiguration(BeanFactory beanFactory, KeyCloakConfig keyCloakConfig) { this.beanFactory = beanFactory; this.keyCloakConfig = keyCloakConfig; }
Where keyCloakConfigdistributes requests between offline/online false-need to check token/true-don`t

i was working with spring 2.x.x without any problem until today. Now im trying to create a rest API with spring security enabled (spring boot 3.3.1) and i want to use HttpBasic authentication. So i just set up my project and started to test security things. However, spring is throwing this exception all the time and im not being able to find out what is the source of this.

I have a few methods in my spring application, that execute sensitive operations on data that should only be invoked by specific roles.

I need to migrate a legacy Spring Security configuration to Spring 6. It includes several .sessionManagement() parts, which are hard to understand for a beginner. Maybe they can be simplified? The old code also uses and(), which is deprecated. (all other deprecated parts are easy to migrate to Spring 6)

Example of my controller:

Using Spring Security 3.6.3, setting up SecurityFilterChain as follows:

I have service A which configured using spring security, config:

In method i need return page with info(else condition)