Card | Table | RUSMARC | |
John, Tomcy. Hands-on Spring Security 5 for Reactive applications: learn effective ways to secure your applications with Spring and Spring WebFlux / Tomcy John. — 1 online resource (1 volume) : illustrations — <URL:http://elib.fa.ru/ebsco/1862356.pdf>.Record create date: 8/29/2018 Subject: Web applications — Security measures.; Application software — Development.; Computer security.; COMPUTERS / Software Development & Engineering / General.; COMPUTERS / Web / Web Programming.; COMPUTERS / Security / General. Collections: EBSCO Allowed Actions: –
Action 'Read' will be available if you login or access site from another network
Action 'Download' will be available if you login or access site from another network
Group: Anonymous Network: Internet |
Document access rights
Network | User group | Action | ||||
---|---|---|---|---|---|---|
Finuniversity Local Network | All | |||||
Internet | Readers | |||||
Internet | Anonymous |
Table of Contents
- Cover
- Title Page
- Copyright and Credits
- Dedication
- Packt Upsell
- Contributors
- Table of Contents
- Preface
- Chapter 1: Overview of Spring 5 and Spring Security 5
- How examples are structured
- New-generation application requirements
- Reactive programming
- Reactive applications
- Reactive Manifesto
- Responsive
- Resilient
- Elastic
- Message-driven
- Reactive Manifesto
- Spring Framework
- Reactive Landscape in Java
- Reactive Streams and Reactive Streams Specifications
- Non-blocking
- Backpressure
- Reactive Extensions
- RxJava
- Reactive Streams and RxJava
- JDK 9 additions
- Important interfaces
- The Publisher Interface
- The Subscriber Interface
- The Subscription interface
- The Processor interface
- Important interfaces
- Reactive Streams and Reactive Streams Specifications
- Spring Framework and reactive applications
- Modules in Reactor
- Reactive types in Reactor Core
- The Flux reative type
- The Mono reactive type
- Data stream types
- Reactor and RxJava
- Reactive types in Reactor Core
- Reactive Web Application
- Spring WebFlux
- Reactive Spring Web
- WebClient
- WebSockets
- Spring WebFlux
- Modules in Reactor
- Application security
- Spring Security
- Spring Security terminologies
- Spring Security's core features
- Authentication
- Authorization
- Spring Security 5's new features
- Working of Spring Security
- Servlet Filter
- Filter Chain
- Security Interceptor (DelegatingFilterProxy)
- Core Spring Security modules
- Summary
- Chapter 2: Deep Diving into Spring Security
- Authentication
- Setting up AuthenticationManager
- AuthenticationProvider
- Custom AuthenticationProvider
- Multiple AuthenticationProvider
- Sample application
- Base project setup
- Step 1—Create a Maven project in IntelliJ IDEA
- Step 2—pom.xml changes
- Step 3—MySQL database schema setup
- Step 4—Setting up MySQL database properties in your project
- Step 5—Spring application configuration
- Step 6—Web application configuration
- Step 7—Spring MVC setup
- Step 8—Controller setup
- Step 9—JSP creation
- Spring Security setup
- Step 1—Spring Security configuration setup
- Step 2—Spring Security setup for a web application
- Running the application
- In-memory user storage
- Run as Spring Boot
- Base project setup
- Authorization
- Web URL
- Method invocation
- Domain instance
- Other Spring Security capabilities
- Summary
- Authentication
- Chapter 3: Authentication Using SAML, LDAP, and OAuth/OIDC
- Security Assertion Markup Language
- Setting up an SSO provider
- Setting up the project
- The pom.xml file setup
- The application.yml file setup
- The Spring Security configuration files
- The resources folder setup
- Running and testing the application
- Lightweight Directory Access Protocol
- Set up dependencies in the pom.xml file
- Spring Security configuration
- LDAP server setup
- Setting up users in the LDAP server
- Running the application
- Seeing the application in action on a browser
- OAuth2 and OpenID Connect
- Setting up a project
- Bootstrap Spring project using Spring Initializr
- Inclusion of OAuth libraries in pom.xml
- Setting up provider details in application.properties
- Provider setup
- Default application change
- The HomeController class
- The home.jsp file
- Spring Boot main application class change
- Running the application
- Setting up a project
- Summary
- Security Assertion Markup Language
- Chapter 4: Authentication Using CAS and JAAS
- CAS
- CAS server setup
- Git clone
- Adding additional dependencies
- Setting up the resources folder in the project
- Creating the application.properties file
- Creating a local SSL keystore
- Creating the .crt file to be used by the client
- Exporting the .crt file to Java and the JRE cacert keystore
- Building a CAS server project and running it
- Registering a client with the CAS server
- JSON service configuration
- Additional application.properties file changes
- CAS client setup
- Bootstrap Spring project using Spring Initializr
- Including CAS libraries in pom.xml
- Changing the application.properties file
- Additional bean configuration
- ServiceProperties bean
- AuthenticationEntryPoint bean
- TicketValidator bean
- CasAuthenticationProvider bean
- Setting up Spring Security
- Creating the CasAuthenticationFilter bean
- Setting up the controller
- Running the application
- CAS server setup
- Java Authentication and Authorization Service
- Setting up a project
- Setting up Maven project
- Setting up LoginModule
- Setting up a custom principal
- Setting up a custom AuthorityGranter
- Configuration files
- Application configuration
- Spring MVC configuration
- Spring Security configuration
- Controllers
- Setting up pages
- Running the application
- Setting up a project
- Kerberos
- Custom AuthenticationEntryPoint
- Multiple AuthenticationEntryPoint
- PasswordEncoder
- Salt
- Custom filters
- Summary
- CAS
- Chapter 5: Integrating with Spring WebFlux
- Spring MVC versus WebFlux
- When to choose what?
- Reactive support in Spring 5
- Reactive in Spring MVC
- Spring WebFlux
- HandlerFunction
- RouterFunction
- Spring WebFlux server support
- Reactive WebClient
- Reactive WebTestClient
- Reactive WebSocket
- Spring WebFlux authentication architecture
- Spring WebFlux authorization
- Sample project
- WebFlux project setup
- Maven setup
- Configuration class
- The SpringWebFluxConfig class
- Repository
- Handler and router
- Bootstrap application
- Running the application
- Adding security
- Configuration classes
- The UserDetailsService bean
- The SpringSecurityFilterChain bean
- Running the application
- CURL
- Browser
- Configuration classes
- WebClient
- Maven setup
- Creating a WebClient instance
- Handling errors
- Sending requests and retrieving responses
- Running and testing the application
- Unit testing (WebTestClient)
- Maven dependency
- Test class
- Spring Data
- Maven dependency
- MongoDB configuration
- Setting up a model
- Implementing a repository
- Implementing a controller
- Running the application
- Authorization
- Method security
- WebFlux project setup
- Customization
- Writing custom filters
- Using WebFilter
- Using HandlerFilterFunction
- Writing custom filters
- Summary
- Spring MVC versus WebFlux
- Chapter 6: REST API Security
- Important concepts
- REST
- JSON Web Token (JWT)
- Structure of a token
- Header
- Payload
- Signature
- Structure of a token
- Modern application architecture
- SOFEA
- Reactive REST API
- Simple REST API security
- Spring Security configuration
- Authentication success handler
- Custom WebFilter namely JWTAuthWebFilter
- New controller classes
- Running the application and testing
- Advanced REST API security
- OAuth2 roles
- Resource owner
- Resource server
- Client
- Authorization server
- Authorization grant types
- Authorization code flow
- Implicit flow
- Client credentials
- Resource owner password credentials
- Access Token and Refresh Token
- OAuth2 roles
- Spring Security OAuth project
- OAuth2 and Spring WebFlux
- Spring Boot and OAuth2
- Sample project
- Authorization server
- Maven dependencies
- Spring Boot run class
- Spring Security config
- Authorization server config
- Application properties
- Resource server
- Maven dependencies
- Spring Boot run class
- Resource server config
- Spring Security config
- Spring MVC config class
- Controller class
- Application properties
- Client application
- Maven dependencies
- Spring Boot class
- OAuth client config
- Spring Security config
- Controller classes
- Templates
- Application properties
- Running the project
- Authorization server
- Summary
- Important concepts
- Chapter 7
: Spring Security Add-Ons
- Remember-me authentication
- Creating a new table in MySQL database
- Spring Security configuration
- The custom login page
- Running the application and testing
- Session management
- CSRF
- CSP
- CSP using Spring Security
- Channel security
- CORS Support
- The Crypto module
- Password encoding
- Encryption
- Key generation
- Secret management
- Starting by unsealing Vault
- The Spring Boot project
- The Maven dependency
- HTTP Data Integrity Validator
- What is HDIV?
- The Bootstrap project
- Maven dependencies
- Spring Security configuration
- Spring MVC configuration
- HDIV configuration
- The Model class
- The Controller class
- Pages
- Running the application
- Custom DSL
- Summary
- Remember-me authentication
- Other Books You May Enjoy
- Index
Usage statistics
Access count: 0
Last 30 days: 0 Detailed usage statistics |