Leverage the power of Spring Security 6 to protect your modern Java applications from hackersKey FeaturesArchitect solutions that leverage Spring Security while remaining loosely coupledImplement authentication and authorization with SAML2, OAuth 2, hashing, and encryption algorithmsIntegrate Spring Security with technologies such as microservices, Kubernetes, the cloud, and GraalVM native imagesPurchase of the print or Kindle book includes a free PDF eBookBook DescriptionKnowing that experienced hackers are constantly on the prowl to attack your apps can make security one of the most challenging concerns of creating an app. The complexity of properly securing an app is compounded when you must also integrate this factor with legacy code, new technologies, and other frameworks.

This book will help you easily secure your Java apps with Spring Security, a trusted and highly customizable authentication and access control framework. The book starts by showing you how to implement different authentication mechanisms before demonstrating how to properly restrict access to your app.

You’ll then cover tips for integrating Spring Security with popular web frameworks such as Thymeleaf. The book also features an example of how Spring Security defends against session fixation, moves into concurrency control, and how you can use session management for administrative functions.

This fourth edition aligns with Java 17/21 and Spring Security 6, covering advanced security scenarios for RESTful web services and microservices. This ensures you gain a complete understanding of the issues surrounding stateless authentication and discover a concise approach to solving those issues.

By the end of this book, you’ll be able to integrate Spring Security 6 with GraalVM native images seamlessly, from start to finish. What you will learnUnderstand common security vulnerabilities and how to resolve themImplement authentication and authorization and learn how to map users to rolesIntegrate Spring Security with LDAP, Kerberos, SAML 2, OpenID, and OAuthGet to grips with the security challenges of RESTful web services and microservicesConfigure Spring Security to use Spring Data for authenticationIntegrate Spring Security with Spring Boot, Spring Data, and web applicationsProtect against common vulnerabilities like XSS, CSRF, and ClickjackingWho this book is forIf you’re a Java web developer or an architect with fundamental knowledge of Java 17/21, web services, and the Spring Framework, this book is for you.

No previous experience with Spring Security is needed to get started with this book. Table of ContentsAnatomy of an Unsafe ApplicationGetting Started with Spring SecurityCustom AuthenticationJDBC-based AuthenticationAuthentication with Spring DataLDAP Directory ServicesRemember-me ServicesClient Certificate Authentication with TLSOpening up to OAuth 2SAML 2 SupportFine-Grained Access ControlAccess Control ListsCustom AuthorizationSession ManagementAdditional Spring Security FeaturesMigration to Spring Security 6Microservice Security with OAuth 2 and JSON Web TokensSingle Sign-On with the Central Authentication ServiceBuild GraalVM Native ImagesAppendix – Additional Reference Material.