Spring Security - Third Edition

More Information
Learn
  • Understand common security vulnerabilities and how to resolve them
  • Learn to perform initial penetration testing to uncover common security vulnerabilities
  • Implement authentication and authorization
  • Learn to utilize existing corporate infrastructure such as LDAP, Active Directory, Kerberos, CAS, OpenID, and OAuth
  • Integrate with popular frameworks such as Spring, Spring-Boot, Spring-Data, JSF, Vaaden, jQuery, and AngularJS.
  • Gain deep understanding of the security challenges with RESTful webservices and microservice architectures
  • Integrate Spring with other security infrastructure components like LDAP, Apache Directory server and SAML
About

Knowing that experienced hackers are itching to test your skills makes security one of the most difficult and high-pressured concerns of creating an application. The complexity of properly securing an application is compounded when you must also integrate this factor with existing code, new technologies, and other frameworks. Use this book to easily secure your Java application with the tried and trusted Spring Security framework, a powerful and highly customizable authentication and access-control framework.

The book starts by integrating a variety of authentication mechanisms. It then demonstrates how to properly restrict access to your application. It also covers tips on integrating with some of the more popular web frameworks. An example of how Spring Security defends against session fixation, moves into concurrency control, and how you can utilize session management for administrative functions is also included.

It concludes with advanced security scenarios for RESTful webservices and microservices, detailing the issues surrounding stateless authentication, and demonstrates a concise, step-by-step approach to solving those issues. And, by the end of the book, readers can rest assured that integrating version 4.2 of Spring Security will be a seamless endeavor from start to finish.

Features
  • Architect solutions that leverage the full power of Spring Security while remaining loosely coupled.
  • Implement various scenarios such as supporting existing user stores, user sign up, authentication, and supporting AJAX requests,
  • Integrate with popular Microservice and Cloud services such as Zookeeper, Eureka, and Consul, along with advanced techniques, including OAuth, JSON Web Token's (JWS), Hashing, and encryption algorithms
Page Count 542
Course Length 16 hours 15 minutes
ISBN 9781787129511
Date Of Publication 28 Nov 2017

Authors

Peter Mularien

Peter Mularien is an experienced software architect and engineer and the author of the book Spring Security 3, Packt Publishing. Peter currently works for a large financial services company and has over 12 years of consulting and product experience in Java, Spring, Oracle, and many other enterprise technologies. He is also the reviewer of this book.

Mick Knutson

Mick Knutson has over 25 years of experience in the IT industry. As a passionate and experienced enterprise technology consultant, Java architect, and software developer, he looks forward to using his unique professional experience to help students learn about software development in an effective, practical, and convenient manner.

_x000D_

Mick's real-world expertise comes from providing individuals and mid-to-large-size businesses with advanced software consulting and training. He has collaborated with many notable clients and partners including VMware, Spring Source, FuseSource, Global Knowledge, and Knowledge United. His technical expertise includes OOA/OOD/OOP, Java, Java EE, Spring Security, Oracle, Enterprise Integration, and Message-Oriented Middleware (MOM).

_x000D_

As a veteran of the IT industry, Mick is determined to help as many people as possible and show that anyone can become a software developer. He has spoken around the world at training seminars, luncheons, book publishing engagements, and white paper engagements. He has authored several technical books and articles on Spring Security, Java EE 6, HTTP, and VisualVM. He is also a featured blogger at DZone, where he is part of the curated Most Valuable Blogger (MVB) group.

_x000D_

Having lived and breathed software development for over two decades, Mick enjoys translating complex technical concepts into plain English for different audiences. Whether he is helping an experienced software professional or someone who is new to the field, he can simplify even the most intricate IT concepts.

_x000D_

Mick's mission is to use his seasoned professional experience to help anyone who wants to learn about software development. As an expert and professional, Mick designs his training courses to make the learning experience as enriching, seamless, and convenient as possible so that you can master software development in the shortest amount of time.

_x000D_

Learn from an expert. Mick warmly looks forward to helping you learn software development in the right way so that you can maximize both your money and your time.

_x000D_

You can also refer to his following books:

_x000D_
    _x000D_
  • Spring Security Third Edition
  • _x000D_
  • Distributed Configuration with Spring Cloud Config
  • _x000D_
  • Java EE6 Cookbook
  • _x000D_
  • HTTP Reference Card (DZone)
  • _x000D_
  • VisualVM Reference Card (DZone)
  • _x000D_
  • You can also refer to his video on BASELogic available on YouTube.
  • _x000D_
_x000D_

You can also connect with him on the following social media sites:

_x000D_
    _x000D_
  • LinkedIn (mickknutson)
  • _x000D_
  • Twitter (mickknutson)
  • _x000D_
  • GitHub (mickknutson)
  • _x000D_
  • Bitbucket (mickknutson)
  • _x000D_
  • Udemy video series (MickKnutson)
  • _x000D_
  • Facebook (BASELogic)
  • _x000D_
  • Google+ (BASElogic)
  • _x000D_

Robert Winch

Robert Winch is currently a senior software engineer at VMware and is the project lead of the Spring Security framework. In the past, he has worked as a software architect at Cerner, the largest provider of electronic medical systems in the US, securing healthcare applications. Throughout his career, he has developed hands-on experience integrating Spring Security with an array of security standards (that is, LDAP, SAML, CAS, OAuth, and so on). Before he was employed at Cerner, he worked as an independent web contractor in proteomics research at Loyola University Chicago and on the Globus Toolkit at Argonne National Laboratory.