Sale!

Spring Security in Action 1st Edition by Laurentiu Spilca ISBN 1638350744 9781638350743

Name: Spring Security in Action 1st Edition by Laurentiu Spilca ISBN 1638350744 9781638350743
SKU: EB-12074000
Availability: InStock

Original price was: $50.00.Current price is: $25.00.

Spring Security in Action 1st Edition Laurentiu Spilca Digital Instant Download

Author(s): Laurentiu Spilca

ISBN(s): 9781617297731, 1617297739

Edition: 1

File Details: PDF, 13.59 MB

Year: 2020

Language: English

SKU: EB-12074000 Category: Computers - Networking Tag: Laurentiu Spilca

Description

Spring Security in Action 1st Edition by Laurentiu Spilca – Ebook PDF Instant Download/Delivery: 1638350744, 978- 1638350743

Full download Spring Security in Action 1st Edition after payment

Product details:

ISBN 10: 1638350744

ISBN 13: 978-1638350743

Author: Laurentiu Spilca

Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you’ll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you’re done, you’ll have a customized Spring Security configuration that protects against threats both common and extraordinary.
Summary
While creating secure applications is critically important, it can also be tedious and time-consuming to stitch together the required collection of tools. For Java developers, the powerful Spring Security framework makes it easy for you to bake security into your software from the very beginning. Filled with code samples and practical examples, Spring Security in Action teaches you how to secure your apps from the most common threats, ranging from injection attacks to lackluster monitoring. In it, you’ll learn how to manage system users, configure secure endpoints, and use OAuth2 and OpenID Connect for authentication and authorization.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the technology
Security is non-negotiable. You rely on Spring applications to transmit data, verify credentials, and prevent attacks. Adopting “secure by design” principles will protect your network from data theft and unauthorized intrusions.
About the book
Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you’ll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you’re done, you’ll have a customized Spring Security configuration that protects against threats both common and extraordinary.
What’s inside
Encoding passwords and authenticating users
Securing endpoints
Automating security testing
Setting up a standalone authorization server
About the reader
For experienced Java and Spring developers.
About the author
Laurentiu Spilca is a dedicated development lead and trainer at Endava, with over ten years of Java experience.

Spring Security in Action 1st Table of contents:

Part 1: First Steps

Chapter 1: Security Today
- Introduces Spring Security, explaining its significance and why security is critical in modern web applications.
- Common vulnerabilities like session fixation, XSS (Cross-Site Scripting), CSRF (Cross-Site Request Forgery), injection vulnerabilities, and improper access control are covered.
- The chapter also touches on different security architectures (e.g., backend/frontend separation, OAuth2) and how various techniques like API keys, cryptographic signatures, and IP validation help secure requests.
Chapter 2: Hello Spring Security
- Provides an introductory project, walking through setting up Spring Security, configuring defaults, and customizing configurations, such as overriding UserDetailsService and AuthenticationProvider.

Part 2: Implementation

Chapter 3: Managing Users
- Explains how to implement authentication with Spring Security and how to define the UserDetails and GrantedAuthority contracts.
- Describes how Spring manages users via UserDetailsService and UserDetailsManager implementations.
Chapter 4: Dealing with Passwords
- Focuses on password management, including the PasswordEncoder contract and how to implement and choose appropriate encoders.
- Also covers Spring Security’s Crypto module for encryption and decryption.
Chapter 5: Implementing Authentication
- Goes into details about custom authentication logic using the AuthenticationProvider interface and managing the SecurityContext in various contexts (e.g., asynchronous calls, standalone applications).
Chapter 6: Hands-on: A Small Secured Web Application
- A practical exercise building a small web application with user management, custom authentication, and a secured main page.

Authorization and Security Filters

Chapter 7 & 8: Configuring Authorization
- These chapters focus on restricting access using roles and authorities and applying authorization rules through different matchers (e.g., MVC, Ant, regex).
Chapter 9: Implementing Filters
- Describes how to add and configure filters within the Spring Security filter chain, including custom filters and provided implementations.
Chapter 10: Applying CSRF Protection and CORS
- Focuses on protecting against CSRF attacks and configuring CORS policies to manage cross-origin resource sharing.

Advanced Topics: OAuth2, JWT, and Method Security

Chapter 11-13: OAuth2 Authentication
- Provides a deep dive into OAuth2 and implementing different grant types (authorization code, password, client credentials) for secure authorization.
- Covers JWT tokens and cryptographic signatures, adding custom details to JWTs, and comparing symmetric/asymmetric signing.
Chapter 14-15: OAuth2 Resource Server
- Focuses on how to implement an OAuth2 resource server, checking tokens, implementing blacklisting, and using JWT with cryptographic signatures.
Chapter 16-17: Global Method Security
- Introduces global method security using @PreAuthorize and @PostAuthorize annotations, as well as pre- and post-filtering for method-level security.

Hands-on Projects and Testing

Chapter 18: An OAuth2 Application
- A real-world example of implementing OAuth2 in a system, including configuration with Keycloak as the authorization server, testing authorization, and defining roles.
Chapter 19: Spring Security for Reactive Apps
- Covers security in reactive applications, including user management, authorization rules, and OAuth2 integration in reactive environments.
Chapter 20: Spring Security Testing
- Focuses on testing Spring Security configurations using mock users, custom authentication, method security, CSRF, CORS, and reactive applications.

People also search for Spring Security in Action 1st :

manning spring security in action
spring security in action second edition github
amazon spring security in action
basic authentication spring security example
download spring security in action pdf