You're reading from Spring Security Effectively secure your web apps, RESTful services, cloud apps, and microservice architectures

Product type Paperback

Published in Jun 2024

Publisher Packt

ISBN-13 9781835460504

Length 596 pages

Edition 4th Edition

Languages

Java

Tools

Spring

Concepts

Web Security

Author (1):

Badr Nasslahsen

View More author details

Table of Contents (28) Chapters

Preface

1. Part 1: Fundamentals of Application Security FREE CHAPTER

2. Chapter 1: Anatomy of an Unsafe Application

3. Chapter 2: Getting Started with Spring Security

4. Chapter 3: Custom Authentication

5. Part 2: Authentication Techniques

6. Chapter 4: JDBC-based Authentication

7. Chapter 5: Authentication with Spring Data

8. Chapter 6: LDAP Directory Services

9. Chapter 7: Remember-me Services

10. Chapter 8: Client Certificate Authentication with TLS

11. Part 3: Exploring OAuth 2 and SAML 2

12. Chapter 9: Opening up to OAuth 2

13. Chapter 10: SAML 2 Support

14. Part 4: Enhancing Authorization Mechanisms

15. Chapter 11: Fine-Grained Access Control

16. Chapter 12: Access Control Lists

17. Chapter 13: Custom Authorization

18. Part 5: Advanced Security Features and Deployment Optimization

19. Chapter 14: Session Management

20. Chapter 15: Additional Spring Security Features

21. Chapter 16: Migration to Spring Security 6

22. Chapter 17: Microservice Security with OAuth 2 and JSON Web Tokens

23. Chapter 18: Single Sign-On with the Central Authentication Service

24. Chapter 19: Build GraalVM Native Images

25. Index

Why subscribe?

26. Other Books You May Enjoy

Appendix – Additional Reference Material

Microservice Security with OAuth 2 and JSON Web Tokens

In this chapter, we will look at microservices-based architectures and look at how OAuth 2 with JSON Web Tokens (JWT) plays a role in securing microservices in a Spring- based application.

The following is a list of topics that will be covered in this chapter:

The general difference between monolithic applications and microservices
Comparing Service-Oriented Architectures (SOA) with microservices
The conceptual architecture of OAuth 2 and how it provides your services with trustworthy client access
Types of OAuth 2 access tokens
Types of OAuth 2 grant types
Examining JWT and their general structure
Implementing a resource server and authentication server used to grant access rights to clients in order to access OAuth 2 resources
Implementing a RESTful client to gain access to resources through an OAuth 2 grant flow