Spring Security in Action

Spring Security in Action 2nd Edition

by Laurentiu Spilca

Don’t let security be an afterthought. Spring Security in Action, Second Edition is your vital companion to robust, secure applications that are protected right from the first line of code.

Spring Security in Action, Second Edition is a revised version of the bestselling original, fully updated for Spring Boot 3 and Oauth2/OpenID Connect.

In Spring Security in Action, Second Edition you will learn essential security skills including how to:

• Implement and customize authentication and authorization
• Set up all components of an OAuth2/OpenID Connect system
• Utilize CRSF and CORS configurations
• Secure Spring reactive applications
• Write tests for security configurations

Whether you’re a beginner or a pro, Spring Security in Action, Second Edition teaches you how to secure your Java applications from the ground up. Author Laurentiu Spilca distills his years of experience as a skilled Java and Spring developer into an indispensable guide to everything security—from authentication and authorization, to testing security configurations. This new edition covers the latest patterns for application-level security in Spring apps, demonstrating how Spring Security simplifies every step of the security process.

About the technology

Spring Security makes it much, much easier to secure enterprise-scale Java applications. This powerful framework integrates with Spring apps end to end, with “secure by design” principles and ready-to-use features that help you implement robust authorization and authentication and protect against data theft and intrusions. And like everything else in the Spring ecosystem, it’s free, open source, and backed by the awesome team at VMWare.

About the book

Spring Security in Action, Second Edition updates this bestselling guide to Spring Security to include deep coverage of OAuth2/OpenID Connect and security configuration using the new SecurityFilterChain. The crystal clear explanations and relevant examples, teach you how to build your own authorization server, configure secure endpoints, and prevent cross-site scripting and request forgery attacks.

#  Web Services