Spring Security. Effectively secure your web apps, RESTful services, cloud apps, and microservice architectures - Fourth Edition

Spring Security. Effectively secure your web apps, RESTful services, cloud apps, and microservice architectures - Fourth Edition - Opis

With experienced hackers constantly targeting apps, properly securing them becomes challenging when you integrate this factor with legacy code, new technologies, and other frameworks. Written by a Lead Cloud and Security Architect as well as CISSP, this book helps you easily secure your Java apps with Spring Security, a trusted and highly customizable authentication and access control framework.The book shows you how to implement different authentication mechanisms and properly restrict access to your app. You’ll learn to integrate Spring Security with popular web frameworks like Thymeleaf and Microservice and Cloud services like Zookeeper and Eureka, along with architecting solutions that leverage its full power while staying loosely coupled. You’ll also see how Spring Security defends against session fixation, moves into concurrency control, and how you can use session management for administrative functions. This fourth edition aligns with Java 17/21 and Spring Security 6, covering advanced security scenarios for RESTful web services and microservices. This ensures you fully understand the issues surrounding stateless authentication and discover a concise approach to solving those issues.By the end of this book, you’ll be able to integrate Spring Security 6 with GraalVM native images seamlessly, from start to finish. Spis treści: 1. Anatomy of an Unsafe Application2. Getting Started with Spring Security3. Custom Authentication4. JDBC-based Authentication5. Authentication with Spring Data6. LDAP Directory Services7. Remember-me Services8. Client Certificate (...) więcej Authentication with TLS9. Opening up to OAuth 210. SAML 2 Support11. Fine-Grained Access Control12. Access Control Lists13. Custom Authorization14. Session Management15. Additional Spring Security Features16. Migration to Spring Security 617. Microservice Security with OAuth 2 and JSON Web Tokens18. Single Sign-On with the Central Authentication Service 19. Build GraalVM Native Images20. Appendix – Additional Reference Material O autorze: Badr NASS LAHSEN is a CyberArk DevSecOps Specialist, with over 15 years' experience. Badr graduated with a degree in Engineering degree in Information Systems at Telecom SudParis in 2008 and later earned a Executive Master degree in project management at Centrale Paris in 2011. His work history includes companies like BNP Paribas, Société Générale, Thomson Reuters, Accenture and Oracle. He spent most of his experience in IT modernization in the banking industry and security architecture.Badr is also the author of the springdoc-openapi project to automate the generation of OpenAPI documentation using spring projects. Currently, Badr is heavily involved in the application security landscape. mniej