Spring security provides a minimal setup required to implement the JWT authentication in a resource server
Spring Bean Scope defines the lifecycle and the visibility of the instances created from the bean definitions
@Transactional provides rollbackOn and noRollbackOn options to control the rollback for exceptions
Firebase custom tokens allows us to authenticate users with JWT tokens generated in our own servers.
JPA based AuthenticationProvider to provider username and password authentication
DaoAuthenticationProvider uses UserDetailsService and a password encoder to authentication username password based authentication
Username and password authentication is one of most commonly used methods. Spring security provides API's to configure form-based login, basic authentication and many more with storage options such as JDBC authentication, in-memory authentication as well as custom authentication providers
Spring Security provides a ready to use framework for authentication as well as authorization. It provides AuthenticationProviders for Username and password and basic authentication, LDAP authentication, JWT authentication and provides apis for building custom AuthenticationProviders