Secure Your Spring-Based Applications

Course details

Knowing that experienced hackers are itching to test your skills makes security one of the most difficult and high-pressure concerns of creating an application. That's where Spring Security comes into the picture to simplify things for developers. A lot has changed since version 3 and with version 4.1 in place, there have been several changes and improvements to the Java Configuration, Web Application Security, Authorization, Crypto Module as well as to Testing, along with some that have been deprecated in the current release. This course is an incremental guide that will teach you how to protect your application from malicious users.

You will learn how to cleanly integrate Spring Security into your application using the latest technologies and frameworks with the help of detailed examples. The scenario created in the book revolves around a security audit of an insecure application and then modifying the sample to resolve the issues found in the audit. It starts by integrating a variety of authentication mechanisms and then demonstrates how to properly restrict access to your application. It concludes with tips on integrating with some of the more popular web frameworks. An example of how Spring Security defends against session fixation moves into concurrency control, and how you can utilize session management for administrative functions, is also included.

About the Author

Ankit Mishra is a Senior Software Engineer with extensive IT experience in mission-critical development projects and architecture designs. He has worked for giants such as Ericsson, Fidelity, and others.

He has more than four years' experience in managing and delivering Spring MVC and Spring Security projects, Cloud deployment, and PaaS cloud administration. Currently, he is working on Spring micro services, Spring Security, cloud deployment, and tuning.

• Specialties: Red-Hat Certified engineer 
• Functional domains: Retail and Banking