You're reading from Spring Security Effectively secure your web apps, RESTful services, cloud apps, and microservice architectures

Product type Paperback

Published in Jun 2024

Publisher Packt

ISBN-13 9781835460504

Length 596 pages

Edition 4th Edition

Languages

Java

Tools

Spring

Concepts

Web Security

Author (1):

Badr Nasslahsen

View More author details

Table of Contents (28) Chapters

Preface

1. Part 1: Fundamentals of Application Security FREE CHAPTER

2. Chapter 1: Anatomy of an Unsafe Application

3. Chapter 2: Getting Started with Spring Security

4. Chapter 3: Custom Authentication

5. Part 2: Authentication Techniques

6. Chapter 4: JDBC-based Authentication

7. Chapter 5: Authentication with Spring Data

8. Chapter 6: LDAP Directory Services

9. Chapter 7: Remember-me Services

10. Chapter 8: Client Certificate Authentication with TLS

11. Part 3: Exploring OAuth 2 and SAML 2

12. Chapter 9: Opening up to OAuth 2

13. Chapter 10: SAML 2 Support

14. Part 4: Enhancing Authorization Mechanisms

15. Chapter 11: Fine-Grained Access Control

16. Chapter 12: Access Control Lists

17. Chapter 13: Custom Authorization

18. Part 5: Advanced Security Features and Deployment Optimization

19. Chapter 14: Session Management

20. Chapter 15: Additional Spring Security Features

21. Chapter 16: Migration to Spring Security 6

22. Chapter 17: Microservice Security with OAuth 2 and JSON Web Tokens

23. Chapter 18: Single Sign-On with the Central Authentication Service

24. Chapter 19: Build GraalVM Native Images

25. Index

Why subscribe?

26. Other Books You May Enjoy

Appendix – Additional Reference Material

Getting the UserDetails object from a CAS assertion

Up until this point, we have been authenticating with CAS by obtaining the roles from our InMemoryUserDetailsManager object. However, we can create the UserDetails object from the CAS assertion just as we did with OAuth2. The first step is to configure the CAS server to return the additional attributes.

Returning LDAP attributes in the CAS response

We know that CAS can return the username in the CAS response, but it can also return arbitrary attributes in the CAS response. Let’s see how we can update the CAS server to return additional attributes. Again, all the changes in this section are in the CAS server and not in the calendar application.

Mapping LDAP attributes to CAS attributes

The first step requires us to map LDAP attributes to attributes in the CAS assertion (including the role attribute, which we’re expecting to contain the user’s GrantedAuthority).

We’ll add another bit of configuration...