What do you get with Print?

Instant access to your digital copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Redeem a companion digital copy on all Print orders

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

Key benefits

Learn about all the mandatory security measures for modern day applications using Spring Security

Investigate different approaches to application level authentication and authorization

Master how to mount security on applications used by developers and organizations

Description

Web applications are exposed to a variety of threats and vulnerabilities at the authentication, authorization, service, and domain object levels. Spring Security can help secure these applications against those threats. Spring Security is a popular application security solution for Java applications. It is widely used to secure standalone web applications, portlets, and increasingly REST applications. It is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications and it is currently used to secure numerous demanding environments including government agencies, military applications, and central banks. "Spring Security 3.x Cookbook" is a repository of recipes to help you successfully secure web applications against threats and vulnerabilities at the authentication and session level layers using the Spring Security framework. We will not only explore Spring-based web applications, but also Java-based and Grails-based applications that can use Spring Security as their security framework. Apart from conventional web applications, we will also look at securing portlets, RESTful web service applications, and other non-web applications. This book will also take you through how to integrate Spring Security with other popular web frameworks/technologies such as Vaadin, EJB, and GWT. In addition to testing and debugging the implemented security measures, this book will also delve into finer aspects of Spring Security implementation such as how it deals with concurrency, multitenancy, and customization, and we will even show you how to disable it. This book gives you an overview of Spring Security and its implementation with various frameworks. It starts with container-based authentication before taking you on a tour of the main features of Spring Security. It demonstrates security concepts like BASIC, FORM, and DIGEST authentication and shows you how to integrate the Spring Security framework with various frameworks like JSF, struts2, Vaadin, and more. The book also demonstrates how to utilize container managed security without JAAS. Then, we move on to setting up a struts2 application before showing you how to integrate Spring Security with other frameworks like JSF, Groovy, Wicket, GWT, and Vaadin respectively. This book will serve as a highly practical guide and will give you confidence when it comes to applying security to your applications. It's packed with simple examples which show off each concept of Spring Security and which help you learn how it can be integrated with various frameworks.

Who is this book for?

This book is for all Spring-based application developers as well as Java web developers who wish to implement robust security mechanisms into web application development using Spring Security. Readers are assumed to have a working knowledge of Java web application development, a basic understanding of the Spring framework, and some knowledge of the fundamentals of the Spring Security framework architecture. Working knowledge of other web frameworks such as Grails and so on would be an added advantage to exploit the whole breadth of recipes provided in this book, but this is not mandatory.

What you will learn

Implement Form-based, HTTP Basic, Client, and Digest authentications

Bring in Groovy on Grails with Form-based Spring Security

Integrate Spring Security with Vaadin

Combine Spring Security with ORM and NoSQLDB

Use Spring Security in Spring-Social (Facebook and Twitter)

Learn about Spring Security for SOAP

Authenticate RESTful services with Spring Security

What do you get with Print?

Instant access to your digital copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Redeem a companion digital copy on all Print orders

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

Frequently bought together

$54.99

Total $ 54.99

FAQs

What is the digital copy I get with my Print order?

When you buy any Print edition of our Books, you can redeem (for free) the eBook edition of the Print Book you’ve purchased. This gives you instant access to your book when you make an order via PDF, EPUB or our online Reader experience.

What is the delivery time and cost of print book?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

What is custom duty/charge?

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order?

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges?

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.

How can I cancel my order?

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy?

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged?

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use?

You can pay with the following card types:

Visa Debit
Visa Credit
MasterCard
PayPal

What is the delivery time and cost of print books?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

John C. Gunvaldson Feb 18, 2014

I received Spring Security 3.x Cookbook as an eBook from Packt Publishing about a month ago. This was fortunate as I had prior to this point been struggling implementing Spring Security into our new Spring MVC sample developer’s web application at work (ultimately to become our standard Maven Archetype for new web development).The requirements at work insisted on Spring Security seamlessly meshing with our campus Shibboleth 2 Single Sign-On process. This is a bit like logging in without signing in – and not one of the core principles of Spring Security out of the box (generally concerned with classic Authentication via web form submission). It was therefore useful to see the information on Multiple Authentication in Chapter 11 (as I built a JPA example similar to Chapter 11 in this book).This book (as cookbook code format) immediately helped with understanding code syntax, formatting, location and common usage. Packt commonly uses headings like (Getting Ready, How to Do It, How It Works, There’s more and See Also) – but admittingly I was searching for code fragments that were similar to my needs – so it was the code (the How to Do It paragraphs) that I appreciated/needed the most.Also of note, many Maven related examples in the book and downloaded sample applications. Of note in the downloaded source (which may easily be the most valuable resource of this book, as the author produced an incredible amount of great code): * Useful examples of Maven POM dependency configurations * Nice to see hibernate configuration examples with classic persistence.xml settings (in contrast to Springs Pet Clinics XML based persistence layer API). * DAO objects, Glassfish JDBC configuration examples. * Nice interface and implementation services. * Example MVC controllers using Spring Security (very useful to see worked out examples). Again, largely XML based configuration versus annotation based. At the day job, we use a ton of annotation spring security objects as we needed a lot of overriding of core spring security API.Although some amount of examples utilize JDBC wired up with GlassFish (Chapter 7, 8, 9 and 11), and the commercial support for GlassFish has been halted by Oracle, the community version is still very active and working through these examples are largely unaffected by this issue.Chapter 1 of the Spring Security Cookbook dives into the topic of security with Java Authentication and Authorization Service (JAAS) - which I hadn't any experience with (typically using a framework of one type of another over the years to obtain these common services). The point I want to make here was this chapter didn't help me with the Spring Integration issues I has having – but did introduce me to some related and legacy core java services – and it was interesting reading. Having not known about these services to begin with, I admit I was a bit lost immediately and had me wondering what up, so to speak. Very interesting code in Chapter 11 examines implementing JAAS with Spring Security.Also, in review of many of the following chapters, (Spring Security with Struts, JSF, Grails, GWT, Vaadin, Wicket) I wanted to note that my development was classic JSP, Web 3.0 servlets and Spring MVC Core services through a standard Maven Eclipse project.Fortunately, the code fragments in the book of each of these frameworks required similar solutions to some of the problems I was having (and many were MVC based anyway) – and were useful. Even if the frameworks being discussed were not of particularly of interest to me (for my current job).Chapter 10 – Spring Security with Spring Web Services is a technology that I will be searching for solutions in about 2 months – as we begin to implement our ESB, as securing our Web services will be a hot topic for some time (very useful to see the cxf-servlet.xml example and generated Apache CXF WSDL here).To summarize, as there are a ton of issues I could write about (Java based configuration versus XML based configuration – both in the Spring MVC and Spring Security worlds for example), I wanted to close with an acknowledgment and recognition of the tremendous amount of work it took to build out all of the samples and code in Spring Security 3.x Cookbook – just wanted to say nice work!

Amazon Verified review

Florian Lopes Dec 12, 2013

First, I would like to thank Packt Publishing, for offering me this eBook.Here is my review about this book :It’s a great recipe of good practices, the reader can learn trough simple steps.It's a great way to learn spring security in combination with various frameworks, especially with spring social.I particulary appreciated the part where the author implements his own oauth access.Additionaly, you can download examples of code, given by the author, to complete your practice.At the end, it’s a great book to improve skills in security, and Spring Security developments.

Michael J Waluk Feb 15, 2014

This book has an interesting approach to the cookbook theme - most recipes describe integrating the Spring Security framework with a specific web framework. If you're just starting out with Spring Security, or applying it to a new framework, this book will save you a lot of time - well worth the book's price. These include Struts 2, JSF, Grails, GWT, Vaadin, Wicket and web services (REST and SOAP).There are also recipes on using it with Hibernate, MongoDB, JAAS, Captcha, multiple authentication providers, LDAP and Spring Social (OAuth, Facebook, Twitter). It doesn't go into extending Spring to do things like locking users out or counting invalid authentication attempts, etc. but covers basic authentication and authorization in the various use cases. There's probably room for another cookbook on extension recipes.I found this very useful for the Spring Social recipes, but if you're securing a new project this could save you days of work.

Amazon Customer Oct 17, 2014

Yep, it's OK. I bought it mainly for the Grails info. Basic and a bit thin. It should have twice as much material and be twice as expensive.Really we need a book with a good solid grounding in Spring Security Core and UI for Grails. This isn't quite it.

Spring Security 3.x Cookbook: Secure your Java applications against online threats by learning the powerful mechanisms of Spring Security. Presented as a cookbook full of recipes, this book covers a wide range of vulnerabilities and scenarios.

What do you get with Print?