Pro Spring Security
Securing Spring Framework 5 and Boot 2-based Java Applications
2nd Edition
Published on 21. November 2019
XVIII, 410 pages
978-1-4842-5052-5 (ISBN)
Description
Build and deploy secure Spring Framework and Spring Boot-based enterprise Java applications with the Spring Security Framework. This book explores a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications.
Pro Spring Security, Second Edition has been updated to incorporate the changes in Spring Framework 5 and Spring Boot 2. It is an advanced tutorial and reference that guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground up.
This book also provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications.
What You Will Learn
Who This Book Is For Experienced Spring and Java developers with prior experience in building Spring Framework or Boot-based applications.
Pro Spring Security, Second Edition has been updated to incorporate the changes in Spring Framework 5 and Spring Boot 2. It is an advanced tutorial and reference that guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground up.
This book also provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications.
What You Will Learn
- Explore the scope of security and how to use the Spring Security Framework
- Master Spring security architecture and design
- Secure the web tier in Spring
- Work with alternative authentication providers
- Take advantage of business objects and logic security
- Extend Spring security with other frameworks and languages
- Secure the service layer
Who This Book Is For Experienced Spring and Java developers with prior experience in building Spring Framework or Boot-based applications.
More details
Series
Edition
Second Edition
Language
English
Place of publication
Berkeley
United States
Publishing group
APRESS
Target group
Professional and scholarly
Product notice
Reflowable
Illustrations
XVIII, 410 p. 148 illus.
File size
9,55 MB
ISBN-13
978-1-4842-5052-5 (9781484250525)
DOI
10.1007/978-1-4842-5052-5
Schweitzer Classification
Other editions
New editions
Massimo Nardone | Carlo Scarioni
Pro Spring Security
Securing Spring Framework 6 and Boot 3-based Java Applications
E-Book
12/2023
3rd Edition
APress
€56.99
Available for download
Additional editions
Carlo Scarioni | Massimo Nardone
Pro Spring Security
Securing Spring Framework 5 and Boot 2-based Java Applications
Book
11/2019
2nd Edition
Apress
€48.14
Shipment within 15-20 days
Previous edition
Persons
Carlo Scarioni
is a passionate software developer, motivated by learning and applying innovative and interesting software development tools, techniques and methodologies, his professional objectives are the following. To be in a technology-oriented enterprise where the technical staff is the soul of the company. To be in an important IT team. To be able to design and develop state of the art software. To be able to apply new knowledge every day, in innovative ways, and with a great degree of freedom. To architect, design and develop software that uses the best practices of the field. To play with the latest technologies, learn every day and participate in the research and innovation of software products. Specialties: TDD, object-oriented principles and design patterns, Java/JEE, Spring, application servers, SQL and NoSQL (MongoDB), multithreading, messaging, enterprise integration patterns, Ruby, and RoR. Certifications are Sun Certified Enterprise Architect (Part I), Sun Certified Java Programmer, Sun Certified Business Component Developer, SpringSource Certified Professional, and IBM SOA Certified Associate.
Massimo Nardone has more than 24 years of experience in security, web/mobile development, cloud, and IT architecture. His true IT passions are security and Android. He has been programming and teaching how to program with Android, Perl, PHP, Java, VB, Python, C/C++, and MySQL for more than 20 years. He holds an M.Sc. degree in computing science from the University of Salerno, Italy. During his career, he has worked as a project manager, software engineer, research engineer, chief security architect, information security manager, PCI/SCADA auditor, and senior lead IT security/cloud/SCADA architect.
His technical skills include security, Android, cloud, Java, MySQL, Drupal, Cobol, Perl, web and mobile development, MongoDB, D3, Joomla!, Couchbase, C/C++, WebGL, Python, Pro Rails, Django CMS, Jekyll, and Scratch. He has served as a visiting lecturer and supervisor for exercises at the Networking Laboratory of the Helsinki University of Technology (Aalto University). He holds four international patents (PKI, SIP, SAML, and Proxy areas). He currently works as chief information security officer (CISO) for Cargotec Oyj, and he is a member of the ISACA Finland Chapter Board. Massimo has reviewed more than 45 IT books for different publishers and has coauthored Pro JPA 2 in Java EE 8 (Apress, 2018), Beginning EJB in Java EE 8 (Apress, 2018), and Pro Android Games (Apress, 2015).
Massimo Nardone has more than 24 years of experience in security, web/mobile development, cloud, and IT architecture. His true IT passions are security and Android. He has been programming and teaching how to program with Android, Perl, PHP, Java, VB, Python, C/C++, and MySQL for more than 20 years. He holds an M.Sc. degree in computing science from the University of Salerno, Italy. During his career, he has worked as a project manager, software engineer, research engineer, chief security architect, information security manager, PCI/SCADA auditor, and senior lead IT security/cloud/SCADA architect.
His technical skills include security, Android, cloud, Java, MySQL, Drupal, Cobol, Perl, web and mobile development, MongoDB, D3, Joomla!, Couchbase, C/C++, WebGL, Python, Pro Rails, Django CMS, Jekyll, and Scratch. He has served as a visiting lecturer and supervisor for exercises at the Networking Laboratory of the Helsinki University of Technology (Aalto University). He holds four international patents (PKI, SIP, SAML, and Proxy areas). He currently works as chief information security officer (CISO) for Cargotec Oyj, and he is a member of the ISACA Finland Chapter Board. Massimo has reviewed more than 45 IT books for different publishers and has coauthored Pro JPA 2 in Java EE 8 (Apress, 2018), Beginning EJB in Java EE 8 (Apress, 2018), and Pro Android Games (Apress, 2015).
Content
1. The Scope of Security.- 2. Introducing Spring Security.- 3. Set up the scene.- 4. Spring Security Architecture and Design.- 5. Web Security.- 6. Configuring Alternative Authentication Providers.- 7. Business Objects Security with ACLs.- 8. Customizing and Extending Spring Security.- 9. Integrating Spring Security with Other Frameworks and Languages.- Appendix A: References.
