You're reading from Hands-On Spring Security 5 for Reactive Applications Learn effective ways to secure your applications with Spring and Spring WebFlux

Product type Paperback

Published in Jul 2018

Publisher

ISBN-13 9781788995979

Length 268 pages

Edition 1st Edition

Languages

Java

Tools

Spring

Concepts

Reactive Programming

Author (1):

Tomcy John

View More author details

Table of Contents (9) Chapters

Preface

1. Overview of Spring 5 and Spring Security 5 FREE CHAPTER

2. Deep Diving into Spring Security

3. Authentication Using SAML, LDAP, and OAuth/OIDC

4. Authentication Using CAS and JAAS

5. Integrating with Spring WebFlux

6. REST API Security

7. Spring Security Add-Ons

8. Other Books You May Enjoy

Leave a review - let other readers know what you think

OAuth2 and OpenID Connect

OAuth is an open standard/specification for achieving authorization. It works over HTTPS, and anyone can implement the specification. The specification works by validating access tokens, and then authorizes devices, APIs, servers, and so on.

Two versions—namely OAuth 1.0 (https://tools.ietf.org/html/rfc5849) and OAuth 2.0 (https://tools.ietf.org/html/rfc6749)—exist. These versions are not compatible with each other and cannot work together. We will use version 2.0 and it will be referred to as OAuth 2.0, throughout this book.

SAML, released in 2005, is a good fit for the web browser (still). But with modern web and native applications (mobile devices), SAML required a serious overhaul, and that's when OAuth came in. Single Page Applications (SPAs) and native applications are different from traditional server-side...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

John

Tomcy John lives in Dubai (United Arab Emirates), hailing from Kerala (India), and is an enterprise Java specialist with a degree in Engineering (B Tech) and over 14 years of experience in several industries. He's currently working as principal architect at Emirates Group IT, in their core architecture team. Prior to this, he worked with Oracle Corporation and Ernst & Young. His main specialization is in building enterprise-grade applications and he acts as chief mentor and evangelist to facilitate incorporating new technologies as corporate standards in the organization. Outside of his work, Tomcy works very closely with young developers and engineers as mentors and speaks at various forums as a technical evangelist on many topics ranging from web and middleware all the way to various persistence stores.

See other products by John