Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Spring Security
  • Table Of Contents Toc
  • Feedback & Rating feedback
Spring Security

Spring Security

By : Badr Nasslahsen
5 (4)
close
close
Spring Security

Spring Security

5 (4)
By: Badr Nasslahsen

Overview of this book

With experienced hackers constantly targeting apps, properly securing them becomes challenging when you integrate this factor with legacy code, new technologies, and other frameworks. Written by a Lead Cloud and Security Architect as well as CISSP, this book helps you easily secure your Java apps with Spring Security, a trusted and highly customizable authentication and access control framework. The book shows you how to implement different authentication mechanisms and properly restrict access to your app. You’ll learn to integrate Spring Security with popular web frameworks like Thymeleaf and Microservice and Cloud services like Zookeeper and Eureka, along with architecting solutions that leverage its full power while staying loosely coupled. You’ll also see how Spring Security defends against session fixation, moves into concurrency control, and how you can use session management for administrative functions. This fourth edition aligns with Java 17/21 and Spring Security 6, covering advanced security scenarios for RESTful web services and microservices. This ensures you fully understand the issues surrounding stateless authentication and discover a concise approach to solving those issues. By the end of this book, you’ll be able to integrate Spring Security 6 with GraalVM native images seamlessly, from start to finish.
Table of Contents (28 chapters)
close
close
Free Chapter
1
Part 1: Fundamentals of Application Security
5
Part 2: Authentication Techniques
11
Part 3: Exploring OAuth 2 and SAML 2
14
Part 4: Enhancing Authorization Mechanisms
18
Part 5: Advanced Security Features and Deployment Optimization

Summary

In this chapter, we examined the architecture, flow, and Spring Security support for client certificate-based authentication. We have covered the concepts and overall flow of client certificate (mutual) authentication. We explored the important steps required to configure Apache Tomcat for a self-signed SSL and client certificate scenario.

We also learned about configuring Spring Security to understand certificate-based credentials presented by clients. We covered the architecture of Spring Security classes related to certificate authentication. We also know how to configure a Spring bean-style client certificate environment. We also covered the pros and cons of this type of authentication.

It’s quite common for developers unfamiliar with client certificates to be confused by many of the complexities of this type of environment. We hope that this chapter has made this complicated subject a bit easier to understand and implement!

In the next chapter, we will...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY