Back to Details

304-frameworks-spring-boot-security

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Spring Boot Security Guidelines

Spring Boot 安全指南

Apply Spring Boot security best practices with secure-by-default API boundaries.
What is covered in this Skill?
  • Spring Security configuration and SecurityFilterChain setup
  • Authentication and authorization policies for endpoints
  • Method-level security (@PreAuthorize / @Secured)
  • Principle of least privilege for roles and scopes
  • Secure error handling and denial responses
  • Sensitive data handling in logs and responses
Scope: Apply recommendations based on the reference rules and good/bad examples.
应用Spring Boot安全最佳实践,构建默认安全的API边界。
本Skill涵盖哪些内容?
  • Spring Security 配置与 SecurityFilterChain 搭建
  • 端点的认证与授权策略
  • 方法级安全(@PreAuthorize / @Secured)
  • 角色与权限的最小权限原则
  • 安全错误处理与拒绝响应
  • 日志与响应中的敏感数据处理
范围: 根据参考规则和优劣示例应用建议。

Constraints

约束条件

Before applying security changes, ensure the project compiles. After improvements, run full verification.
  • MANDATORY: Run 
    ./mvnw compile
    or 
    mvn compile
    before applying any change
  • SAFETY: If compilation fails, stop immediately
  • VERIFY: Run 
    ./mvnw clean verify
    or 
    mvn clean verify
    after applying improvements
  • BEFORE APPLYING: Read the reference for detailed rules and examples
在应用安全变更前,确保项目可编译。改进完成后,执行完整验证。
  • MANDATORY: 在应用任何变更前运行 
    ./mvnw compile
    mvn compile
  • SAFETY: 如果编译失败,立即停止操作
  • VERIFY: 在应用改进后运行 
    ./mvnw clean verify
    mvn clean verify
  • BEFORE APPLYING: 阅读参考文档了解详细规则和示例

When to use this skill

何时使用本Skill

  • Add Spring Boot security support
  • Review Spring Boot security configuration
  • Improve API authorization in Spring Boot
  • Add JWT resource server security in Spring Boot
  • Harden Spring Boot security headers and CSRF settings
  • Implement method security with @PreAuthorize in Spring Boot
  • 添加Spring Boot安全支持
  • 审查Spring Boot安全配置
  • 改进Spring Boot中的API授权
  • 在Spring Boot中添加JWT资源服务器安全
  • 强化Spring Boot安全头和CSRF设置
  • 在Spring Boot中使用@PreAuthorize实现方法安全

Workflow

工作流程

  1. Read reference and assess project context
Read 
references/304-frameworks-spring-boot-security.md
and inspect the current project setup before proposing changes.
  1. Gather scope and decide target improvements
Identify requested outcomes, constraints, and the minimum safe set of changes to apply.
  1. Apply framework-aligned changes
Implement or refactor security-related configuration/code following the reference patterns and project conventions.
  1. Run verification and report results
Execute appropriate build/tests and summarize what changed, what was verified, and any follow-up actions.
  1. 阅读参考文档并评估项目上下文
在提出变更前,阅读 
references/304-frameworks-spring-boot-security.md
并检查当前项目设置。
  1. 确定范围并决定目标改进点
明确预期结果、约束条件,以及需要应用的最小安全变更集。
  1. 应用符合框架规范的变更
遵循参考模式和项目约定,实现或重构安全相关配置/代码。
  1. 执行验证并报告结果
执行相应的构建/测试,总结变更内容、验证情况以及后续行动。

Reference

参考文档

For detailed guidance, examples, and constraints, see references/304-frameworks-spring-boot-security.md.
如需详细指导、示例和约束条件,请查看 references/304-frameworks-spring-boot-security.md