Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Spring Security
  • Table Of Contents Toc
  • Feedback & Rating feedback
Spring Security

Spring Security

By : Badr Nasslahsen
5 (4)
close
close
Spring Security

Spring Security

5 (4)
By: Badr Nasslahsen

Overview of this book

With experienced hackers constantly targeting apps, properly securing them becomes challenging when you integrate this factor with legacy code, new technologies, and other frameworks. Written by a Lead Cloud and Security Architect as well as CISSP, this book helps you easily secure your Java apps with Spring Security, a trusted and highly customizable authentication and access control framework. The book shows you how to implement different authentication mechanisms and properly restrict access to your app. You’ll learn to integrate Spring Security with popular web frameworks like Thymeleaf and Microservice and Cloud services like Zookeeper and Eureka, along with architecting solutions that leverage its full power while staying loosely coupled. You’ll also see how Spring Security defends against session fixation, moves into concurrency control, and how you can use session management for administrative functions. This fourth edition aligns with Java 17/21 and Spring Security 6, covering advanced security scenarios for RESTful web services and microservices. This ensures you fully understand the issues surrounding stateless authentication and discover a concise approach to solving those issues. By the end of this book, you’ll be able to integrate Spring Security 6 with GraalVM native images seamlessly, from start to finish.
Table of Contents (28 chapters)
close
close
Free Chapter
1
Part 1: Fundamentals of Application Security
5
Part 2: Authentication Techniques
11
Part 3: Exploring OAuth 2 and SAML 2
14
Part 4: Enhancing Authorization Mechanisms
18
Part 5: Advanced Security Features and Deployment Optimization

Configuring the UserDetailsContextMapper object

As we noted earlier, an instance of the o.s.s.ldap.userdetails.UserDetailsContextMapper interface is used to map a user’s entry into the LDAP server to a UserDetails object in memory. The default UserDetailsContextMapper object behaves similarly to JpaDaoImpl, given the level of detail that is populated on the returned UserDetails object—that is to say, not a lot of information is returned besides the username and password.

However, an LDAP directory potentially contains many more details about individual users than usernames, passwords, and roles. Spring Security ships with two additional methods of pulling more user data from two of the standard LDAP object schemas—person and inetOrgPerson.

Implicit configuration of UserDetailsContextMapper

In order to configure a different UserDetailsContextMapper implementation than the default, we simply need to declare which LdapUserDetails class we want LdapAuthenticationProvider...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY