Spring Security 3.1

01/28/2013 · No Responses

Knowing that experienced hackers are itching to test your skills makes security one of the most difficult and high-pressure concerns of creating an application. The complexity of properly securing an application is compounded when you must also integrate this factor with existing code, new technologies, and other frameworks. Use this book to easily secure your Java application with the tried and trusted Spring Security framework, a powerful and highly customizable authentication and access-control framework.

“Spring Security 3.1” is an incremental guide that will teach you how to protect your application from malicious users. You will learn how to cleanly integrate Spring Security into your application using the latest technologies and frameworks with the help of detailed examples.

This book is centred around a security audit of an insecure application and then modifying the sample to resolve the issues found in the audit.

The book starts by integrating a variety of authentication mechanisms. It then demonstrates how to properly restrict access to your application. It concludes with tips on integrating with some of the more popular web frameworks. An example of how Spring Security defends against session fixation, moves into concurrency control, and how you can utilize session management for administrative functions is also included.

“Spring Security 3.1” will ensure that integrating with Spring Security is seamless from start to finish.

What you will learn from this book

Understand common security vulnerabilities and how to resolve them
Implement authentication and authorization
Learn to utilize existing corporate infrastructure such as LDAP, Active Directory, Kerberos, and CAS
Integrate with popular frameworks such as Spring, JSF, GWT, Maven, and Spring Roo
Architect solutions that leverage the full power of Spring Security while remaining loosely coupled
Implement common scenarios such as supporting existing user stores, user sign up, and supporting AJAX requests

Approach
This practical step-by-step tutorial has plenty of example code coupled with the necessary screenshots and clear narration so that grasping content is made easier and quicker.

Who this book is written for
This book is intended for Java web developers and assumes a basic understanding of creating Java web applications, XML, and the Spring Framework. You are not assumed to have any previous experience with Spring Security.