What do you think?
Rate this book
Spring Security in Action, Second Edition
Don't let security be an afterthought.
Spring Security in Action, Second Edition
is your vital companion to robust, secure applications that are protected right from the first line of code.
Spring Security in Action, Second Edition is a revised version of the bestselling original, fully updated for Spring Boot 3 and Oauth2/OpenID Connect.
In Spring Security in Action, Second Edition you will learn essential security skills including how
Implement and customize authentication and authorization Set up all components of an OAuth2/OpenID Connect system Utilize CRSF and CORS configurations Secure Spring reactive applications Write tests for security configurations
Whether you’re a beginner or a pro, Spring Security in Action, Second Edition teaches you how to secure your Java applications from the ground up. Author Laurentiu Spilca distills his years of experience as a skilled Java and Spring developer into an indispensable guide to everything security—from authentication and authorization, to testing security configurations. This new edition covers the latest patterns for application-level security in Spring apps, demonstrating how Spring Security simplifies every step of the security process.
Foreword by Joe Grandja.
About the technology
Spring Security makes it much, much easier to secure enterprise-scale Java applications. This powerful framework integrates with Spring apps end to end, with “secure by design” principles and ready-to-use features that help you implement robust authorization and authentication and protect against data theft and intrusions. And like everything else in the Spring ecosystem, it’s free, open source, and backed by the awesome team at VMWare.
About the book
Spring Security in Action, Second Edition updates this bestselling guide to Spring Security to include deep coverage of OAuth2/OpenID Connect and security configuration using the new SecurityFilterChain. The crystal clear explanations and relevant examples, teach you how to build your own authorization server, configure secure endpoints, and prevent cross-site scripting and request forgery attacks.
What's inside
Custom authentication and authorization CRSF and CORS configurations Secure Spring reactive applications Write tests for security configurations
About the reader
For experienced Java and Spring developers.
About the author
Laurentiu Spilca is a skilled Java and Spring developer and an experienced technology instructor. He is also the author of Manning’s Spring Start Here and Troubleshooting Java.
Table of Contents
PART 1
1 Security today
2 Hello, Spring Security
PART 2
3 Managing users
4 Managing passwords
5 A web app’s security begins with filters
6 Implementing authentications
PART 3
7 Configuring endpoint-level Restricting access
8 Configuring endpoint-level Applying restrictions
Spring Security in Action, Second Edition is a revised version of the bestselling original, fully updated for Spring Boot 3 and Oauth2/OpenID Connect.
In Spring Security in Action, Second Edition you will learn essential security skills including how
Implement and customize authentication and authorization Set up all components of an OAuth2/OpenID Connect system Utilize CRSF and CORS configurations Secure Spring reactive applications Write tests for security configurations
Whether you’re a beginner or a pro, Spring Security in Action, Second Edition teaches you how to secure your Java applications from the ground up. Author Laurentiu Spilca distills his years of experience as a skilled Java and Spring developer into an indispensable guide to everything security—from authentication and authorization, to testing security configurations. This new edition covers the latest patterns for application-level security in Spring apps, demonstrating how Spring Security simplifies every step of the security process.
Foreword by Joe Grandja.
About the technology
Spring Security makes it much, much easier to secure enterprise-scale Java applications. This powerful framework integrates with Spring apps end to end, with “secure by design” principles and ready-to-use features that help you implement robust authorization and authentication and protect against data theft and intrusions. And like everything else in the Spring ecosystem, it’s free, open source, and backed by the awesome team at VMWare.
About the book
Spring Security in Action, Second Edition updates this bestselling guide to Spring Security to include deep coverage of OAuth2/OpenID Connect and security configuration using the new SecurityFilterChain. The crystal clear explanations and relevant examples, teach you how to build your own authorization server, configure secure endpoints, and prevent cross-site scripting and request forgery attacks.
What's inside
Custom authentication and authorization CRSF and CORS configurations Secure Spring reactive applications Write tests for security configurations
About the reader
For experienced Java and Spring developers.
About the author
Laurentiu Spilca is a skilled Java and Spring developer and an experienced technology instructor. He is also the author of Manning’s Spring Start Here and Troubleshooting Java.
Table of Contents
PART 1
1 Security today
2 Hello, Spring Security
PART 2
3 Managing users
4 Managing passwords
5 A web app’s security begins with filters
6 Implementing authentications
PART 3
7 Configuring endpoint-level Restricting access
8 Configuring endpoint-level Applying restrictions
799 pages, Kindle Edition
Published June 25, 2024
10 people are currently reading
33 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 8 of 8 reviews
June 8, 2024
I think this is a good primer for understanding Spring 6's security architecture. Although the text is a bit dry, I was able to survive even when reading it while commuting. This is a "in action" (ie code examples) series book, tough you don't have to be behind a computer to grasp the content.
I only think that the OAUTH section should have made a better introduction to the concept.
I would recommend this book to collogues who are working with Spring: this is a good book which guides on both high and low level. However, I'd also recommend supplementing this book with Daniel Garnier-Moiroux 's presentations on youtube. Java Brains channel has a good insight into Oauth2, you can watch him on youtube for an introduction to this specific topic.
I only think that the OAUTH section should have made a better introduction to the concept.
I would recommend this book to collogues who are working with Spring: this is a good book which guides on both high and low level. However, I'd also recommend supplementing this book with Daniel Garnier-Moiroux 's presentations on youtube. Java Brains channel has a good insight into Oauth2, you can watch him on youtube for an introduction to this specific topic.
September 22, 2024
Without any doubts, this is one of those books that you have to read before you will call yourself a Java developer. If you think that Spring Security is useless - this is due to the fact that you are not aware about its capabilities yet. The "Spring Security in Action (2nd edition)" should be your starting point when you want to learn Spring Security.
July 19, 2024
It is a good book and very detailed. Provider's a good primer into Spring Security and introduces best practices. Personally, I've learned a lot from it and feel more knowledgeable about Spring Security.
October 9, 2024
"Spring Security in Action" is an invaluable resource for developers looking to deepen their understanding of securing Java applications with Spring. The book offers a clear, hands-on approach, walking readers through core concepts like authentication, authorization, and securing APIs.
May 31, 2024
Have read both 1st and 2nd editions and keep them handy on my desk. Covers every aspect of Spring Security in great detail.
September 7, 2024
Easily one of the best gateway books to get a solid base on Spring Security.
December 16, 2024
If you want to learn Spring Security from scratch, I recommend this book. It's well-written and targets all levels of learners, from beginners to advanced users.
July 8, 2024
I like the fact that the book makes no assumptions about the readers experience with Spring Security. This book teaches all the basics of Spring Security such as Authentication Filters, Security Context, Authorization Filters, User Details, User Details Service, Password encoder. The book also covers advanced concepts like to OAuth2, resource and authorization servers.
This is the book to read if you need in depth knowledge of Spring Security and how to properly use it in a real world app.
This is the book to read if you need in depth knowledge of Spring Security and how to properly use it in a real world app.
Displaying 1 - 8 of 8 reviews