Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Newsletter Hub

Free Learning

You're reading from Spring Security Secure your web applications, RESTful services, and microservice architectures

Product type Paperback

Published in Nov 2017

Publisher Packt

ISBN-13 9781787129511

Length 542 pages

Edition 3rd Edition

Languages

Java

Tools

Spring

Concepts

Cybersecurity

Authors (3):

Robert Winch

Peter Mularien

Mick Knutson

View More author details

Table of Contents (19) Chapters

Preface

1. Anatomy of an Unsafe Application FREE CHAPTER

2. Getting Started with Spring Security

3. Custom Authentication

4. JDBC-Based Authentication

5. Authentication with Spring Data

6. LDAP Directory Services

7. Remember-Me Services

8. Client Certificate Authentication with TLS

9. Opening up to OAuth 2

10. Single Sign-On with the Central Authentication Service

11. Fine-Grained Access Control

12. Access Control Lists

13. Custom Authorization

14. Session Management

15. Additional Spring Security Features

16. Migration to Spring Security 4.2

17. Microservice Security with OAuth 2 and JSON Web Tokens

18. Additional Reference Material

Getting started with the JBCP calendar sample code

Microservice Security with OAuth 2 and JSON Web Tokens

In this chapter, we will take a look at microservices-based architectures and look at how OAuth 2 with JSON Web Tokens (JWT) plays a role in securing microservices in a Spring-based application.

The following is a list of topics that will be covered in this chapter:

The general difference between monolithic applications and microservices
Comparing service-oriented architectures (SOA) with microservices
The conceptual architecture of OAuth 2 and how it provides your services with trustworthy client access
Types of OAuth 2 access tokens
Types of OAuth 2 grant types
Examining JWT and their general structure
Implementing a resource server and authentication server used to grant access rights to clients in order to access OAuth 2 resources
Implementing a RESTful client to gain access to resources through an OAuth 2 grant flow

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (3)

Mick Knutson

With nearly two decades of experience working in the IT industry in various roles as Enterprise technology consultant, Java Architect, project leader, Engineer, Designer and Developer, Mr. Knutson has gained a wide variety of experience in disciplines including JavaEE, Web Services, Mobile Computing and Enterprise Integration Solutions. Over the course of his career, Mr. Knutson has enjoyed long lasting partnerships with many of the most recognizable names in the Health Care, Financial, Banking, Insurance, Manufacturing, Telecommunications, Utilities, Product Distribution, Industrial and Electronics industries employing industry standard full software life cycle methodologies including the Rational Unified Process (RUP), Agile, SCRUM, and Extreme Programming (XP). Mr. Knutson has also undertaken speaking engagements, training seminars, white paper and book publishing engagements world-wide.

See other products by Mick Knutson

Robert Winch

Robert Winch is currently a senior software engineer at VMware and is the project lead of the Spring Security framework. In the past, he has worked as a software architect at Cerner, the largest provider of electronic medical systems in the US, securing healthcare applications. Throughout his career, he has developed hands-on experience integrating Spring Security with an array of security standards (that is, LDAP, SAML, CAS, OAuth, and so on). Before he was employed at Cerner, he worked as an independent web contractor in proteomics research at Loyola University Chicago and on the Globus Toolkit at Argonne National Laboratory.

See other products by Robert Winch

Mularien

Peter Mularien is an experienced software architect and engineer, and the author of the book Spring Security 3, Packt Publishing. Peter currently works for a large financial services company and has over 12 years consulting and product experience in Java, Spring, Oracle, and many other enterprise technologies. He is also the reviewer of this book.

See other products by Mularien