springboot-security

Name: springboot-security
Author: affaan-m

Spring Security best practices for authn/authz, validation, CSRF, secrets, headers, rate limiting, and dependency security in Java Spring Boot services.

springboot security

Content Preview

---
name: springboot-security
description: Spring Security best practices for authn/authz, validation, CSRF, secrets, headers, rate limiting, and dependency security in Java Spring Boot services.
---

# Spring Boot セキュリティレビュー

認証の追加、入力処理、エンドポイント作成、またはシークレット処理時に使用します。

## 認証

- ステートレスJWTまたは失効リスト付き不透明トークンを優先
- セッションには `httpOnly`、`Secure`、`SameSite=Strict` クッキーを使用
- `OncePerRequestFilter` またはリソースサーバーでトークンを検証

```java
@Component
public class JwtAuthFilter extends OncePerRequestFilter {
  private fin

How to Use

Recommended: Install to project (local)

mkdir -p .claude/skills
curl -o .claude/skills/springboot-security.md \
  https://raw.githubusercontent.com/affaan-m/everything-claude-code/main/docs/ja-JP/skills/springboot-security/SKILL.md

Skill is scoped to this project only. Add .claude/skills/ to your .gitignoreif you don't want to commit it.

Alternative: Clone full repo

git clone https://github.com/affaan-m/everything-claude-code

Then reference at docs/ja-JP/skills/springboot-security/SKILL.md