Ebook1,160 pages11 hours
Spring Security in Action
Rating: 0 out of 5 stars
()
About this ebook
Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you'll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you're done, you'll have a customized Spring Security configuration that protects against threats both common and extraordinary.
Summary
While creating secure applications is critically important, it can also be tedious and time-consuming to stitch together the required collection of tools. For Java developers, the powerful Spring Security framework makes it easy for you to bake security into your software from the very beginning. Filled with code samples and practical examples, Spring Security in Action teaches you how to secure your apps from the most common threats, ranging from injection attacks to lackluster monitoring. In it, you'll learn how to manage system users, configure secure endpoints, and use OAuth2 and OpenID Connect for authentication and authorization.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the technology
Security is non-negotiable. You rely on Spring applications to transmit data, verify credentials, and prevent attacks. Adopting "secure by design" principles will protect your network from data theft and unauthorized intrusions.
About the book
Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you'll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you're done, you'll have a customized Spring Security configuration that protects against threats both common and extraordinary.
What's inside
Encoding passwords and authenticating users
Securing endpoints
Automating security testing
Setting up a standalone authorization server
About the reader
For experienced Java and Spring developers.
About the author
Laurentiu Spilca is a dedicated development lead and trainer at Endava, with over ten years of Java experience.
Table of Contents
PART 1 - FIRST STEPS
1 Security Today
2 Hello Spring Security
PART 2 - IMPLEMENTATION
3 Managing users
4 Dealing with passwords
5 Implementing authentication
6 Hands-on: A small secured web application
7 Configuring authorization: Restricting access
8 Configuring authorization: Applying restrictions
9 Implementing filters
10 Applying CSRF protection and CORS
11 Hands-on: A separation of responsibilities
12 How does OAuth 2 work?
13 OAuth 2: Implementing the authorization server
14 OAuth 2: Implementing the resource server
15 OAuth 2: Using JWT and cryptographic signatures
16 Global method security: Pre- and postauthorizations
17 Global method security: Pre- and postfiltering
18 Hands-on: An OAuth 2 application
19 Spring Security for reactive apps
20 Spring Security testing
Summary
While creating secure applications is critically important, it can also be tedious and time-consuming to stitch together the required collection of tools. For Java developers, the powerful Spring Security framework makes it easy for you to bake security into your software from the very beginning. Filled with code samples and practical examples, Spring Security in Action teaches you how to secure your apps from the most common threats, ranging from injection attacks to lackluster monitoring. In it, you'll learn how to manage system users, configure secure endpoints, and use OAuth2 and OpenID Connect for authentication and authorization.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the technology
Security is non-negotiable. You rely on Spring applications to transmit data, verify credentials, and prevent attacks. Adopting "secure by design" principles will protect your network from data theft and unauthorized intrusions.
About the book
Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you'll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you're done, you'll have a customized Spring Security configuration that protects against threats both common and extraordinary.
What's inside
Encoding passwords and authenticating users
Securing endpoints
Automating security testing
Setting up a standalone authorization server
About the reader
For experienced Java and Spring developers.
About the author
Laurentiu Spilca is a dedicated development lead and trainer at Endava, with over ten years of Java experience.
Table of Contents
PART 1 - FIRST STEPS
1 Security Today
2 Hello Spring Security
PART 2 - IMPLEMENTATION
3 Managing users
4 Dealing with passwords
5 Implementing authentication
6 Hands-on: A small secured web application
7 Configuring authorization: Restricting access
8 Configuring authorization: Applying restrictions
9 Implementing filters
10 Applying CSRF protection and CORS
11 Hands-on: A separation of responsibilities
12 How does OAuth 2 work?
13 OAuth 2: Implementing the authorization server
14 OAuth 2: Implementing the resource server
15 OAuth 2: Using JWT and cryptographic signatures
16 Global method security: Pre- and postauthorizations
17 Global method security: Pre- and postfiltering
18 Hands-on: An OAuth 2 application
19 Spring Security for reactive apps
20 Spring Security testing
Author
Laurentiu Spilca
Laurentiu Spilca is a skilled Java and Spring developer and an experienced technology instructor. He is the author of Manning’s Spring Start Here and Spring Security in Action.
Read more from Laurentiu Spilca
Spring Start Here: Learn what you need and learn it well Rating: 0 out of 5 stars0 ratingsTroubleshooting Java: Read, debug, and optimize JVM applications Rating: 0 out of 5 stars0 ratings
Related to Spring Security in Action
Related ebooks
Spring in Action, Sixth Edition Rating: 5 out of 5 stars5/5Enterprise Java Microservices Rating: 0 out of 5 stars0 ratingsBootstrapping Microservices with Docker, Kubernetes, and Terraform: A project-based guide Rating: 3 out of 5 stars3/5API Security in Action Rating: 5 out of 5 stars5/5Microservices Security in Action Rating: 0 out of 5 stars0 ratingsSpring Microservices in Action, Second Edition Rating: 0 out of 5 stars0 ratingsIstio in Action Rating: 0 out of 5 stars0 ratingsSpring Microservices Rating: 0 out of 5 stars0 ratingsDependency Injection: Design patterns using Spring and Guice Rating: 0 out of 5 stars0 ratingsVue.js in Action Rating: 0 out of 5 stars0 ratingsVert.x in Action: Asynchronous and Reactive Java Rating: 0 out of 5 stars0 ratingsMicroservices in .NET, Second Edition Rating: 0 out of 5 stars0 ratingsAmazon Web Services in Action Rating: 0 out of 5 stars0 ratingsOAuth 2 in Action Rating: 0 out of 5 stars0 ratingsPipeline as Code: Continuous Delivery with Jenkins, Kubernetes, and Terraform Rating: 3 out of 5 stars3/5Spring Microservices in Action Rating: 0 out of 5 stars0 ratingsSpring in Action Rating: 4 out of 5 stars4/5Modern Java in Action: Lambdas, streams, functional and reactive programming Rating: 0 out of 5 stars0 ratingsMicroservices in Action Rating: 0 out of 5 stars0 ratingsSpring Data Rating: 0 out of 5 stars0 ratingsTesting Java Microservices: Using Arquillian, Hoverfly, AssertJ, JUnit, Selenium, and Mockito Rating: 0 out of 5 stars0 ratingsAPI Design Patterns Rating: 5 out of 5 stars5/5Node.js in Action Rating: 0 out of 5 stars0 ratingsMastering Spring 5.0 Rating: 5 out of 5 stars5/5Seriously Good Software: Code that works, survives, and wins Rating: 5 out of 5 stars5/5Microservices Patterns: With examples in Java Rating: 5 out of 5 stars5/5Testing JavaScript Applications Rating: 5 out of 5 stars5/5JUnit in Action Rating: 0 out of 5 stars0 ratingsElasticsearch in Action Rating: 0 out of 5 stars0 ratingsGraphQL in Action Rating: 2 out of 5 stars2/5
Internet & Web For You
The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5The Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Coding For Dummies Rating: 5 out of 5 stars5/5Beginner's Guide To Starting An Etsy Print-On-Demand Shop Rating: 0 out of 5 stars0 ratingsMore Porn - Faster!: 50 Tips & Tools for Faster and More Efficient Porn Browsing Rating: 3 out of 5 stars3/5The $1,000,000 Web Designer Guide: A Practical Guide for Wealth and Freedom as an Online Freelancer Rating: 5 out of 5 stars5/5SEO For Dummies Rating: 4 out of 5 stars4/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5C++ Learn in 24 Hours Rating: 0 out of 5 stars0 ratingsWireless Hacking 101 Rating: 4 out of 5 stars4/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5From Nothing Rating: 5 out of 5 stars5/5Six Figure Blogging In 3 Months Rating: 4 out of 5 stars4/5How To Make Money Blogging: How I Replaced My Day-Job With My Blog and How You Can Start A Blog Today Rating: 4 out of 5 stars4/5The Mega Box: The Ultimate Guide to the Best Free Resources on the Internet Rating: 4 out of 5 stars4/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Six Figure Blogging Blueprint Rating: 5 out of 5 stars5/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State Rating: 4 out of 5 stars4/5Podcasting For Dummies Rating: 4 out of 5 stars4/5How To Start A Podcast Rating: 4 out of 5 stars4/5
Reviews for Spring Security in Action
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
Spring Security in Action - Laurentiu Spilca
|1a book_preview_excerpt.html }ۮGd9 u,Rrd.:UQI2H̤rhуyk""3)Uyǰˎ}]{ŧ?]UCj=ᛧ^UåmB.ٍfچXP_,
Ep+8M7n?v,PvMQ5-zmámiچm=a_5M~(:ө6%YlCӑfpWh͡<
'ZVf{<O=/!qũk76&}]q
*^пi#=sZ@WDKW#hm͛5v6jiiT?)]8Ӵ]юl1ҟw'=8v-E?a)mX-pjErAHZv}#muz1cוpn7wֲ<Pw^7MKh%G5!Nly1džJ4_SGhin9Y®!trɉz⏢9n8%_CM6-zOv6$h}[?Ə,`O蓟2=Krn3/d'|A+H{&tR`'DlڱSS:JL,KoCeÛ6bvrJ|XvX0cSg8d+I) ,
ãMѨNKUA ' 80nlaS)`Wv#=ѬGLOU6wآעO5!OR=(\ϩP8BV}?^'no2z-c9`g*`:;U!V4/W3uHiЗU=-MiGL'f/XXu8m8OyʹPjsutP-FKNG#(Y@@
TC٫r9ŔC&zXMKwW>Tu3h]BmGZo!BCV|VfPl[z٤:*ݑg=V2F\Uܶ*tzp;]pDϣi?J;-l6tMY*?U/̅@z9Nc
=hbS^@:ϴ0r-րtUfQ YL[2
KxRA'b{np{M-̖-+ф}GmX,JCW4-LS^:
d߱y!>WuͲJ2YmFjzz/A[ZNWБܲdXLOoqSBtVb
m:4{Go"oWP 0Hс5ETxѫ2{UILɱU5tu;ŕ001@#<94
^&eݡM.q=,̻
2Zﮯ vdelzXFzpN/{?揪8h'm;xߚEt:|ʻHٲaiBYBV1= H%X-뮥!U>IV'sĤì0E^!]zIgQfJ"g|]agD/n[v |dqj=?hu1:>YP]Ez2WRM;פHmCc{VQV<
T!T$(\+/ctHIUFZzvq)cRP<-I3eV?Cj>
XƎ(Di!"m9Oa"Yd߇skwHqLC-A>CUl=MԤTi'N.=iq}G31u-&rH)c<Rƞ}y.* t
kzegJ$_HciLjCa9?SQ|,Qj#t'_$qXFOsxȂ ^gt/x1}Ւb6uHHZm5Ulčp,&M у=G#Əv!,f>ÊsAG?3̜4$i70t|LީlM(ecIӲѮ,?\9-Qߏ~'1>41ޒ@xX[MkyI}R
.x='pӗ3VcNSM0RZ!_Q`a!0OS.a,A~99,D8Tu۷Es/J>XRK¯m ]6ET%\pYw]NwE3=-ɲ!o!~%¡Ryi]IQ俢uS?'yKbB bCSK:Ʈ<ۭ,Br[z>wE#Ѧj]nR?ѪϿ~d./pp V}2 Yfy|w"(/YraMUDqS.HJ.bUEjZI>^NzCJBXy=q6歗- Ac'o%F vHmݸj_RdjR:( ʶ{eD87sS7COr4Ut@ol-qH4vvIzkEGQSs{/s \J:ǣaVi䤂&f(@H}OXeWYϲ.I:rU %[I[ݕuˎ01d`Ҟ0PASvak^fin?"B a©>/4w+!vBb=g)xo,ex-TS4V[( vG֫WhfsXR$Y\EU%ɜx$!c:UAjjwV݊ 0k|Cχ$~WRjdq7Uj]%gR/l-;QSA)T][NpZ
K"Z/3ѿsC1X/Оa&)J"?⊸\buZh88dG "$3ړ'
tL:TU$ʰpCsΔX&F6qilV4n4|;S1lM?D镒;q<
γb^ Iyݠ?jjli4[훅J9A%"ۥrD(,K<@?nntH"26<T\,N>5|ITh+2^-" U|"d u/I7 ?0Vv˲HJXV2Pa#)u4Q&l7M9u~KBEmcÎ+vGD