Leverage the power of Spring Security 6 to protect your modern Java applications from hackers

Key Features:

• Architect solutions that leverage Spring Security while remaining loosely coupled

• Implement authentication and authorization with SAML2, OAuth 2, hashing, and encryption algorithms

• Integrate Spring Security with technologies such as microservices, Kubernetes, the cloud, and GraalVM native images

Book Description:

Knowing that experienced hackers are constantly on the prowl to attack your apps can make security one of the most challenging concerns of creating an app. The complexity of properly securing an app is compounded when you must also integrate this factor with legacy code, new technologies, and other frameworks. This book will help you easily secure your Java apps with Spring Security, a trusted and highly customizable authentication and access control framework.

The book starts by showing you how to implement different authentication mechanisms before demonstrating how to properly restrict access to your app. You'll then cover tips for integrating Spring Security with popular web frameworks such as Thymeleaf. The book also features an example of how Spring Security defends against session fixation, moves into concurrency control, and how you can use session management for administrative functions. This fourth edition aligns with Java 17/21 and Spring Security 6, covering advanced security scenarios for RESTful web services and microservices. This ensures you gain a complete understanding of the issues surrounding stateless authentication and discover a concise approach to solving those issues.

By the end of this book, you'll be able to integrate Spring Security 6 with GraalVM native images seamlessly, from start to finish.

What You Will Learn:

• Understand common security vulnerabilities and how to resolve them

• Implement authentication and authorization and learn how to map users to roles

• Integrate Spring Security with LDAP, Kerberos, SAML 2, OpenID, and OAuth

• Get to grips with the security challenges of RESTful web services and microservices

• Configure Spring Security to use Spring Data for authentication

• Integrate Spring Security with Spring Boot, Spring Data, and web applications

• Protect against common vulnerabilities like XSS, CSRF, and Clickjacking

Who this book is for:

If you're a Java web developer or an architect with fundamental knowledge of Java 17/21, web services, and the Spring Framework, this book is for you. No previous experience with Spring Security is needed to get started with this book.

Part 1: Fundamentals of Application Security

Chapter 1: Anatomy of an Unsafe Application

Chapter 2: Getting Started with Spring Security

Chapter 3: Custom Authentication

Part 2: Authentication Techniques

Chapter 4: JDBC-based Authentication

Chapter 5: Authentication with Spring Data

Chapter 6: LDAP Directory Services

Chapter 7: Remember-me Services

Chapter 8: Client Certificate Authentication with TLS

Part 3: Exploring OAuth 2 and SAML 2

Chapter 9: Opening up to OAuth 2

Chapter 10: SAML 2 Support

Part 4: Enhancing Authorization Mechanisms

Chapter 11: Fine-Grained Access Control

Chapter 12: Access Control Lists

Chapter 13: Custom Authorization

Part 5: Advanced Security Features and Deployment Optimization

Chapter 14: Session Management

Chapter 15: Additional Spring Security Features

Chapter 16: Migration to Spring Security 6

Chapter 17: Microservice Security with

Chapter 18: Single Sign-On with the Central Authentication Service

Chapter 19: Build GraalVM Native Images

Appendix - Additional Reference Material

About the Author

Badr Nasslahsen is a lead security and cloud architect with over 17 years of experience. He holds an executive master's degree from Ecole Centrale Paris and an engineering degree from Telecom SudParis. He is an Oracle Certified Java SE 11 Professional, CISSP, TOGAF, CKA, and Scrum Master. Badr has extensive experience with public cloud providers such as AWS, Azure, GCP, Oracle, and IBM. He is also the author of the springdoc-openapi project.