Have a personal or library account? Click to login
Spring Security Cover

Spring Security

Secure your web applications, RESTful services, and microservice architectures

Publisher:Packt Publishing Limited
By:
Paid access
|Dec 2017

Learn how to secure your Java applications from hackers using Spring Security 4.2

Key Features

  • Architect solutions that leverage the power of Spring Security while being loosely coupled
  • Implement existing user stores, user sign up, authentication, and supporting AJAX requests
  • Integrate with popular Cloud services such as Zookeeper, Eureka, and Consul, along with advanced techniques, including OAuth, JSON Web Token's (JWS), Hashing, and encryption algorithms

Book Description

Knowing that experienced hackers are itching to test your skills makes security one of the most difficult and high-pressured concerns of creating an application. The complexity of properly securing an application is compounded when you must also integrate this factor with existing code, new technologies, and other frameworks. Use this book to easily secure your Java application with the tried and trusted Spring Security framework, a powerful and highly customizable authentication and access-control framework.
The book starts by integrating a variety of authentication mechanisms. It then demonstrates how to properly restrict access to your application. It also covers tips on integrating with some of the more popular web frameworks. An example of how Spring Security defends against session fixation, moves into concurrency control, and how you can utilize session management for administrative functions is also included.
It concludes with advanced security scenarios for RESTful webservices and microservices, detailing the issues surrounding stateless authentication, and demonstrates a concise, step-by-step approach to solving those issues. And, by the end of the book, readers can rest assured that integrating version 4.2 of Spring Security will be a seamless endeavor from start to finish.

What you will learn

  • Understand common security vulnerabilities and how to resolve them
  • Perform initial penetration testing to uncover common security vulnerabilities
  • Utilize existing corporate infrastructure such as LDAP, Active Directory, Kerberos, OpenID, and OAuth
  • Integrate with popular frameworks such as Spring, Spring-Boot, Spring-Data, jQuery, and AngularJS
  • Deep understanding of the security challenges with RESTful webservices and microservice architectures
  • Integrate Spring with other security infrastructure components like LDAP, Apache Directory server and SAML

Who this book is for

This book is intended for Java Web and/or RESTful webservice developers and assumes a basic understanding of creating Java 8, Java Web and/or RESTful webservice applications, XML, and the Spring Framework. You are not expected to have any previous experience with Spring Security.

Table of Contents

  1. Anatomy of an Unsafe Application
  2. Getting Started with Spring Security
  3. Custom Authentication
  4. JDBC-based Authentication
  5. Authentication with Spring-Data
  6. LDAP Directory Services
  7. Remember-me Services
  8. Client Certificate Authentication with TLS
  9. Opening up to OpenID
  10. Single Sign-on with Central Authentication Service
  11. Fine-grained Access Control
  12. Access Control Lists
  13. Custom Authorization
  14. Session Management
  15. Additional Spring Security Features
  16. Microservice security with OAuth2 and JSON Web Tokens
  17. Migration to Spring Security 4.2
https://github.com/packtpublishing/spring-security
PDF ISBN: 978-1-78712-646-6
Publisher: Packt Publishing Limited
Copyright owner: © 2017 Packt Publishing Limited
Publication date: 2017
Language: English
Pages: 542
Related subjects:
Computer sciences,
Programming and languages

People also read