You're reading from Spring Security Effectively secure your web apps, RESTful services, cloud apps, and microservice architectures

Product type Paperback

Published in Jun 2024

Publisher Packt

ISBN-13 9781835460504

Length 596 pages

Edition 4th Edition

Languages

Java

Tools

Spring

Concepts

Web Security

Author (1):

Badr Nasslahsen

View More author details

Table of Contents (28) Chapters

Preface

1. Part 1: Fundamentals of Application Security FREE CHAPTER

2. Chapter 1: Anatomy of an Unsafe Application

3. Chapter 2: Getting Started with Spring Security

4. Chapter 3: Custom Authentication

5. Part 2: Authentication Techniques

6. Chapter 4: JDBC-based Authentication

7. Chapter 5: Authentication with Spring Data

8. Chapter 6: LDAP Directory Services

9. Chapter 7: Remember-me Services

10. Chapter 8: Client Certificate Authentication with TLS

11. Part 3: Exploring OAuth 2 and SAML 2

12. Chapter 9: Opening up to OAuth 2

13. Chapter 10: SAML 2 Support

14. Part 4: Enhancing Authorization Mechanisms

15. Chapter 11: Fine-Grained Access Control

16. Chapter 12: Access Control Lists

17. Chapter 13: Custom Authorization

18. Part 5: Advanced Security Features and Deployment Optimization

19. Chapter 14: Session Management

20. Chapter 15: Additional Spring Security Features

21. Chapter 16: Migration to Spring Security 6

22. Chapter 17: Microservice Security with OAuth 2 and JSON Web Tokens

23. Chapter 18: Single Sign-On with the Central Authentication Service

24. Chapter 19: Build GraalVM Native Images

25. Index

Why subscribe?

26. Other Books You May Enjoy

Appendix – Additional Reference Material

Summary

In this chapter, you learned the general difference between monolithic applications and microservices and compared SOA with microservices. You also learned the conceptual architecture of OAuth 2 and how it provides your services with trustworthy client access, and learned about the types of OAuth 2 access tokens and the types of OAuth 2 client credentials types.

We examined the JWT and their general structure, implemented a resource server and authorization server used to grant access rights to clients to access OAuth 2 resources, and implemented a RESTful client to gain access to resources through an OAuth 2 grant flow.

We’ve concluded by demonstrating a practical OAuth 2 example implementation using spring-security. Moving forward, the next chapter will explore the integration with Central Authentication Service (CAS) to enable Single Sign-On (SSO) and Single Logout (SLO) functionalities for your Spring Security-enabled applications.