Learn MICRONAUT-SECURITY with Real Code Examples

Install Micronaut via SDKMAN or build tools

Create a new Micronaut project with security feature: `mn create-app myapp --features security-jwt`

Configure security settings in `application.yml`

Implement controllers and secure endpoints with annotations

Run application via `./gradlew run` or `mvn mn:run`

Install Java 17+

Install Micronaut CLI or SDKMAN

Create project with security features

Configure authentication and authorization

Run app locally and verify secured endpoints

application.yml - security configuration

build.gradle / pom.xml - dependencies

src/main/java/controllers/ - secured endpoints

src/main/java/security/ - custom auth providers

src/test/java/ - security tests

mn create-app myapp --features security-jwt - create project

mn run - start application

mn test - run tests

./gradlew build - build project

mn add-feature security-oauth2 - add OAuth2 support

Security messages can be localized

JWT claims are language-agnostic

Integrates with Micronaut i18n features

Custom error messages can be externalized

Supports UTF-8 payloads

APIs accessible to authenticated clients

Supports CORS for web applications

Integrates with SSO and external identity providers

Role-based access ensures endpoint protection

Testable via automated security tests

Primarily API security (JSON)

Can integrate with front-end via OAuth2 login

Optional server-side rendering secured via annotations

Secure static resources with filters

Front-end frameworks handle auth flows via JWT/OAuth2

JWT or OAuth2 tokens manage session state

Authentication providers manage user identity

Roles and permissions define access state

Filters handle per-request security state

Reactive streams ensure concurrent state handling safely

User credentials stored in database or LDAP

Roles and permissions mapped to users

JWT tokens carry claims and expiry

Audit logs track authentication and authorization

Token validation caches for performance