More Information
  • Understand two-phase authentication
  • Secure methods in the backend
  • Write integration tests with access control
  • Secure the backend for REST services and single-page applications

When it comes to security, you need a proven but easy to understand solution. Spring Security is a highly customizable authentication and access-control JVM framework with a 10 year history. It has most of the answers to your security questions ready out of the box, while still allowing you to customize and configure everything you need.

Instant Spring Security Starter will help you get started with Spring Security in one evening of reading and one day of programming. Focusing only on the aspects of Spring Security that are most useful in practice, this book explains the architectural concepts of the framework in a simple and straightforward manner.

You will start off by learning the big picture and how to set up Spring Security, which will give you a better understanding of the fundamentals of the framework. You will be introduced to the authentication and authorization flows and the different possible models of security. The book will then teach you how to secure methods and web resources with business rules and will discuss the reasons for using two-phase authentication. You will also learn about aspects that you need to watch out for, and how to deal with them in integration tests. Furthermore, we will also cover the common pitfalls, mistakes, and open Single Sign-on solutions. By the end of the book, you will have learned how to use Spring Security effectively, and the book will also show you a few advanced but very popular solutions to modern problems.

  • Learn something new in an Instant! A short, fast, focused guide delivering immediate results
  • Learn basic login/password and two-phase authentication
  • Secure access all the way from frontend to backend
  • Learn about the available security models, SPEL, and pragmatic considerations
Page Count 70
Course Length 2 hours 6 minutes
ISBN 9781782168843
Date Of Publication 24 Jun 2013


Piotr Jagielski

Piotr Jagielski graduated in Computer Science from Warsaw University, where he encountered functional (SML) and logic (Prolog) programming 10 years before Seven Languages by Bruce A. Tate was published. He started coding for money with C++, and after two years, switched to Java, which he still uses to this day (with a little help from Groovy) in both integration middleware and frontends as a senior developer at TouK. In his spare time, he discovers tech startups and trending open source frameworks, which has led him to create a framework rating system at He spent the last couple of months hacking Raspberry Pi and Arduino, with some quite successful proofs-of-concept (he won second place in Hackwaw for a teddy bear baby monitor). He is also a husband and the geek dad of a 2-year-old geek boy.

Jakub Nabrdalik

Jakub Nabrdalik was born a year before Commodore 64 was introduced, and soon started programming text-based adventure computer games for that machine. He got his B.Sc. from the University of Warmia and Mazury, and his M.Sc. from Military University of Technology, both in Poland. Sucked up by the world's transition to the Web, he started building ERP, e-commerce, and enterprise systems on a thin client with PHP, C#, Java, and Groovy. In 2005, his life was changed dramatically by Test Driven Development. As a strong believer in the Agile Manifesto and Craftsmanship, he started sharing his passion by speaking at conferences (33rd Degree, TopConf, Confitura, and Javarsowia), Warsaw Java User Group meetings, Agile Warsaw meetings, and mentoring/coding at several workshops and Hackathons. Since 2007, he has been working as a Solution Architect at TouK, a medium-sized Agile company, making dedicated software for telcos, banks, and smaller customers. His main goal is to build highly maintainable services, in a very time-and-money-constrained environment. He blogs a bit at