Spring Security Objective Questions and Answers - Set 2

This Spring Security quiz contains carefully curated objective questions with correct answers and clear explanations. It is designed for developers, security learners, and interview preparation, covering authentication, authorization, encryption, JWT, OAuth2, and advanced Spring Security concepts. This is part 2 of the series.

Practice Spring Security MCQs with Detailed Explanations

Answer at least 12 questions to submit and verify answers.

16 Which of the following filters runs before UsernamePasswordAuthenticationFilter in Spring Security filter chain? High

17 What does the method hasAuthority('ADMIN') check in Spring Security? Medium

18 Which of the following statements about Remember-Me functionality is correct? Medium

19 Which authentication manager implementation allows multiple AuthenticationProviders in Spring Security? High

20 What is the default session creation policy in Spring Security? Medium

21 Which filter validates JWT tokens for REST APIs in Spring Security? High

22 What is the purpose of SecurityContextHolder in a multi-threaded environment? High

23 Which of the following statements about @PostAuthorize is correct? High

24 Which encryption algorithm is recommended for storing passwords in Spring Security? Medium

25 Which Spring Security component handles logout requests automatically? Medium

26 In a stateless REST API using Spring Security, which SessionCreationPolicy is recommended? High

27 Which of the following is true for OAuth2 Authorization Server in Spring Security? High

28 Which of the following is true about SecurityContextPersistenceFilter? High

29 Which annotation in Spring Security restricts method access to users with specific roles? Medium

30 What is the default behavior of BasicAuthenticationFilter? Medium