首頁(yè) > 計(jì)算機(jī)網(wǎng)絡(luò) >
計(jì)算機(jī)安全
> Hands-On Spring Security 5 for Reactive Applications最新章節(jié)目錄
舉報(bào) 
會(huì)員
Hands-On Spring Security 5 for Reactive Applications
Securityisoneofthemostvitalconcernsforanyorganization.Thecomplexityofanapplicationiscompoundedwhenyouneedtointegratesecuritywithexistingcode,newtechnology,andotherframeworks.ThisbookwillshowyouhowtoeffectivelywriteJavacodethatisrobustandeasytomaintain.Hands-OnSpringSecurity5forReactiveApplicationsstartswiththeessentialconceptsofreactiveprogramming,SpringFramework,andSpringSecurity.YouwillthenlearnaboutavarietyofauthenticationmechanismsandhowtointegratethemeasilywiththeSpringMVCapplication.YouwillalsounderstandhowtoachieveauthorizationinaSpringWebFluxapplicationusingSpringSecurity.YouwillbeabletoexplorethesecurityconfgurationsrequiredtoachieveOAuth2forsecuringRESTAPIsandintegratesecurityinmicroservicesandserverlessapplications.Thisbookwillguideyouinintegratingadd-onsthatwilladdvaluetoanySpringSecuritymodule.Bytheendofthebook,youwillbeproficientatintegratingSpringSecurityinyourJavaapplications.
目錄(319章)
倒序
- 封面
- Title Page
- Copyright and Credits
- Hands-On Spring Security 5 for Reactive Applications
- Dedication
- Packt Upsell
- Why subscribe?
- PacktPub.com
- Contributors
- About the author
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Overview of Spring 5 and Spring Security 5
- How examples are structured
- New-generation application requirements
- Reactive programming
- Reactive applications
- Reactive Manifesto
- Responsive
- Resilient
- Elastic
- Message-driven
- Spring Framework
- Reactive Landscape in Java
- Reactive Streams and Reactive Streams Specifications
- Non-blocking
- Backpressure
- Reactive Extensions
- RxJava
- Reactive Streams and RxJava
- JDK 9 additions
- Important interfaces
- The Publisher Interface
- The Subscriber Interface
- The Subscription interface
- The Processor interface
- Spring Framework and reactive applications
- Modules in Reactor
- Reactive types in Reactor Core
- The Flux reative type
- The Mono reactive type
- Data stream types
- Reactor and RxJava
- Reactive Web Application
- Spring WebFlux
- Reactive Spring Web
- WebClient
- WebSockets
- Application security
- Spring Security
- Spring Security terminologies
- Spring Security's core features
- Authentication
- Authorization
- Spring Security 5's new features
- Working of Spring Security
- Servlet Filter
- Filter Chain
- Security Interceptor (DelegatingFilterProxy)
- Core Spring Security modules
- Summary
- Deep Diving into Spring Security
- Authentication
- Setting up AuthenticationManager
- AuthenticationProvider
- Custom AuthenticationProvider
- Multiple AuthenticationProvider
- Sample application
- Base project setup
- Step 1—Create a Maven project in IntelliJ IDEA
- Step 2—pom.xml changes
- Step 3—MySQL database schema setup
- Step 4—Setting up MySQL database properties in your project
- Step 5—Spring application configuration
- Step 6—Web application configuration
- Step 7—Spring MVC setup
- Step 8—Controller setup
- Step 9—JSP creation
- Spring Security setup
- Step 1—Spring Security configuration setup
- Step 2—Spring Security setup for a web application
- Running the application
- In-memory user storage
- Run as Spring Boot
- Authorization
- Web URL
- Method invocation
- Domain instance
- Other Spring Security capabilities
- Summary
- Authentication Using SAML LDAP and OAuth/OIDC
- Security Assertion Markup Language
- Setting up an SSO provider
- Setting up the project
- The pom.xml file setup
- The application.yml file setup
- The Spring Security configuration files
- The resources folder setup
- Running and testing the application
- Lightweight Directory Access Protocol
- Set up dependencies in the pom.xml file
- Spring Security configuration
- LDAP server setup
- Setting up users in the LDAP server
- Running the application
- Seeing the application in action on a browser
- OAuth2 and OpenID Connect
- Setting up a project
- Bootstrap Spring project using Spring Initializr
- Inclusion of OAuth libraries in pom.xml
- Setting up provider details in application.properties
- Provider setup
- Default application change
- The HomeController class
- The home.jsp file
- Spring Boot main application class change
- Running the application
- Summary
- Authentication Using CAS and JAAS
- CAS
- CAS server setup
- Git clone
- Adding additional dependencies
- Setting up the resources folder in the project
- Creating the application.properties file
- Creating a local SSL keystore
- Creating the .crt file to be used by the client
- Exporting the .crt file to Java and the JRE cacert keystore
- Building a CAS server project and running it
- Registering a client with the CAS server
- JSON service configuration
- Additional application.properties file changes
- CAS client setup
- Bootstrap Spring project using Spring Initializr
- Including CAS libraries in pom.xml
- Changing the application.properties file
- Additional bean configuration
- ServiceProperties bean
- AuthenticationEntryPoint bean
- TicketValidator bean
- CasAuthenticationProvider bean
- Setting up Spring Security
- Creating the CasAuthenticationFilter bean
- Setting up the controller
- Running the application
- Java Authentication and Authorization Service
- Setting up a project
- Setting up Maven project
- Setting up LoginModule
- Setting up a custom principal
- Setting up a custom AuthorityGranter
- Configuration files
- Application configuration
- Spring MVC configuration
- Spring Security configuration
- Controllers
- Setting up pages
- Running the application
- Kerberos
- Custom AuthenticationEntryPoint
- Multiple AuthenticationEntryPoint
- PasswordEncoder
- Salt
- Custom filters
- Summary
- Integrating with Spring WebFlux
- Spring MVC versus WebFlux
- When to choose what?
- Reactive support in Spring 5
- Reactive in Spring MVC
- Spring WebFlux
- HandlerFunction
- RouterFunction
- Spring WebFlux server support
- Reactive WebClient
- Reactive WebTestClient
- Reactive WebSocket
- Spring WebFlux authentication architecture
- Spring WebFlux authorization
- Sample project
- WebFlux project setup
- Maven setup
- Configuration class
- The SpringWebFluxConfig class
- Repository
- Handler and router
- Bootstrap application
- Running the application
- Adding security
- Configuration classes
- The UserDetailsService bean
- The SpringSecurityFilterChain bean
- Running the application
- CURL
- Browser
- WebClient
- Maven setup
- Creating a WebClient instance
- Handling errors
- Sending requests and retrieving responses
- Running and testing the application
- Unit testing (WebTestClient)
- Maven dependency
- Test class
- Spring Data
- Maven dependency
- MongoDB configuration
- Setting up a model
- Implementing a repository
- Implementing a controller
- Running the application
- Authorization
- Method security
- Customization
- Writing custom filters
- Using WebFilter
- Using HandlerFilterFunction
- Summary
- REST API Security
- Important concepts
- REST
- JSON Web Token (JWT)
- Structure of a token
- Header
- Payload
- Signature
- Modern application architecture
- SOFEA
- Reactive REST API
- Simple REST API security
- Spring Security configuration
- Authentication success handler
- Custom WebFilter namely JWTAuthWebFilter
- New controller classes
- Running the application and testing
- Advanced REST API security
- OAuth2 roles
- Resource owner
- Resource server
- Client
- Authorization server
- Authorization grant types
- Authorization code flow
- Implicit flow
- Client credentials
- Resource owner password credentials
- Access Token and Refresh Token
- Spring Security OAuth project
- OAuth2 and Spring WebFlux
- Spring Boot and OAuth2
- Sample project
- Authorization server
- Maven dependencies
- Spring Boot run class
- Spring Security config
- Authorization server config
- Application properties
- Resource server
- Maven dependencies
- Spring Boot run class
- Resource server config
- Spring Security config
- Spring MVC config class
- Controller class
- Application properties
- Client application
- Maven dependencies
- Spring Boot class
- OAuth client config
- Spring Security config
- Controller classes
- Templates
- Application properties
- Running the project
- Summary
- Spring Security Add-Ons
- Remember-me authentication
- Creating a new table in MySQL database
- Spring Security configuration
- The custom login page
- Running the application and testing
- Session management
- CSRF
- CSP
- CSP using Spring Security
- Channel security
- CORS Support
- The Crypto module
- Password encoding
- Encryption
- Key generation
- Secret management
- Starting by unsealing Vault
- The Spring Boot project
- The Maven dependency
- HTTP Data Integrity Validator
- What is HDIV?
- The Bootstrap project
- Maven dependencies
- Spring Security configuration
- Spring MVC configuration
- HDIV configuration
- The Model class
- The Controller class
- Pages
- Running the application
- Custom DSL
- Summary
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時(shí)間:2021-07-23 19:00:11
推薦閱讀
- Rootkit和Bootkit:現(xiàn)代惡意軟件逆向分析和下一代威脅
- INSTANT Metasploit Starter
- 走進(jìn)新安全:讀懂網(wǎng)絡(luò)安全威脅、技術(shù)與新思想
- 網(wǎng)絡(luò)運(yùn)維親歷記 (網(wǎng)絡(luò)運(yùn)維紀(jì)實(shí)文學(xué))
- Spring Security(Third Edition)
- Web安全之深度學(xué)習(xí)實(shí)戰(zhàn)
- 解密數(shù)據(jù)恢復(fù)
- 網(wǎng)絡(luò)安全態(tài)勢(shì)感知
- 網(wǎng)絡(luò)關(guān)鍵設(shè)備安全檢測(cè)實(shí)施指南
- 捍衛(wèi)隱私
- 華為Anti-DDoS技術(shù)漫談
- 網(wǎng)絡(luò)空間安全導(dǎo)論
- Kali Linux無(wú)線網(wǎng)絡(luò)滲透測(cè)試詳解
- Developing Applications with Salesforce Chatter
- ATT&CK視角下的紅藍(lán)對(duì)抗實(shí)戰(zhàn)指南
- 中國(guó)網(wǎng)絡(luò)空間安全前沿科技發(fā)展報(bào)告(2018)
- 網(wǎng)絡(luò)安全攻防技術(shù)實(shí)戰(zhàn)
- 數(shù)據(jù)安全實(shí)踐:能力體系、產(chǎn)品實(shí)現(xiàn)與解決方案
- 深入探索區(qū)塊鏈
- Web安全與攻防實(shí)戰(zhàn)從新手到高手(微課超值版)
- INSTANT Penetration Testing:Setting Up a Test Lab How-to
- 從實(shí)踐中學(xué)習(xí)Fiddler Web應(yīng)用分析
- Mastering Identity and Access Management with Microsoft Azure
- 黑客攻防從入門到精通(加密與解密篇)
- Schneier的安全忠告
- 可信軟件若干關(guān)鍵技術(shù)的研究
- CTF實(shí)戰(zhàn):從入門到提升
- Mobile Security:How to Secure,Privatize,and Recover Your Devices
- Kali Linux 2018:Assuring Security by Penetration Testing
- 網(wǎng)絡(luò)安全防御技術(shù)與實(shí)踐
