Spring Security - Badr Nasslahsen

Spring Security

Effectively secure your web apps, RESTful services, cloud apps, and microservice architectures

(Autor)

Buch | Softcover
596 Seiten
2024 | 4th Revised edition
Packt Publishing Limited (Verlag)
978-1-83546-050-4 (ISBN)
37,40 inkl. MwSt
Leverage the power of Spring Security 6 to protect your modern Java applications from hackers

Key Features

Architect solutions that leverage Spring Security while remaining loosely coupled
Implement authentication and authorization with SAML2, OAuth 2, hashing, and encryption algorithms
Integrate Spring Security with technologies such as microservices, Kubernetes, the cloud, and GraalVM native images
Purchase of the print or Kindle book includes a free PDF eBook

Book DescriptionWith experienced hackers constantly targeting apps, properly securing them becomes challenging when you integrate this factor with legacy code, new technologies, and other frameworks. Written by a Lead Cloud and Security Architect as well as CISSP, this book helps you easily secure your Java apps with Spring Security, a trusted and highly customizable authentication and access control framework.
The book shows you how to implement different authentication mechanisms and properly restrict access to your app. You’ll learn to integrate Spring Security with popular web frameworks like Thymeleaf and Microservice and Cloud services like Zookeeper and Eureka, along with architecting solutions that leverage its full power while staying loosely coupled. You’ll also see how Spring Security defends against session fixation, moves into concurrency control, and how you can use session management for administrative functions. This fourth edition aligns with Java 17/21 and Spring Security 6, covering advanced security scenarios for RESTful web services and microservices. This ensures you fully understand the issues surrounding stateless authentication and discover a concise approach to solving those issues.
By the end of this book, you’ll be able to integrate Spring Security 6 with GraalVM native images seamlessly, from start to finish.What you will learn

Understand common security vulnerabilities and how to resolve them
Implement authentication and authorization and learn how to map users to roles
Integrate Spring Security with LDAP, Kerberos, SAML 2, OpenID, and OAuth
Get to grips with the security challenges of RESTful web services and microservices
Configure Spring Security to use Spring Data for authentication
Integrate Spring Security with Spring Boot, Spring Data, and web applications
Protect against common vulnerabilities like XSS, CSRF, and Clickjacking

Who this book is forIf you’re a Java web developer or an architect with fundamental knowledge of Java 17/21, web services, and the Spring Framework, this book is for you. No previous experience with Spring Security is needed to get started with this book.

Badr Nasslahsen is a lead security and cloud architect with over 17 years of experience. He holds an executive master's degree from Ecole Centrale Paris and an engineering degree from Telecom SudParis. He is an Oracle Certified Java SE 11 Professional, CISSP, TOGAF, CKA, and Scrum Master. Badr has extensive experience with public cloud providers such as AWS, Azure, GCP, Oracle, and IBM. He is also the author of the springdoc-openapi project.

Table of Contents

Anatomy of an Unsafe Application
Getting Started with Spring Security
Custom Authentication
JDBC-based Authentication
Authentication with Spring Data
LDAP Directory Services
Remember-me Services
Client Certificate Authentication with TLS
Opening up to OAuth 2
SAML 2 Support
Fine-Grained Access Control
Access Control Lists
Custom Authorization
Session Management
Additional Spring Security Features
Migration to Spring Security 6
Microservice Security with OAuth 2 and JSON Web Tokens
Single Sign-On with the Central Authentication Service
Build GraalVM Native Images
Appendix – Additional Reference Material

Erscheinungsdatum
Verlagsort Birmingham
Sprache englisch
Maße 191 x 235 mm
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Programmiersprachen / -werkzeuge
Informatik Software Entwicklung SOA / Web Services
Mathematik / Informatik Informatik Web / Internet
ISBN-10 1-83546-050-X / 183546050X
ISBN-13 978-1-83546-050-4 / 9781835460504
Zustand Neuware
Informationen gemäß Produktsicherheitsverordnung (GPSR)
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00