舉報 
會員
Hands-On Spring Security 5 for Reactive Applications
Securityisoneofthemostvitalconcernsforanyorganization.Thecomplexityofanapplicationiscompoundedwhenyouneedtointegratesecuritywithexistingcode,newtechnology,andotherframeworks.ThisbookwillshowyouhowtoeffectivelywriteJavacodethatisrobustandeasytomaintain.Hands-OnSpringSecurity5forReactiveApplicationsstartswiththeessentialconceptsofreactiveprogramming,SpringFramework,andSpringSecurity.YouwillthenlearnaboutavarietyofauthenticationmechanismsandhowtointegratethemeasilywiththeSpringMVCapplication.YouwillalsounderstandhowtoachieveauthorizationinaSpringWebFluxapplicationusingSpringSecurity.YouwillbeabletoexplorethesecurityconfgurationsrequiredtoachieveOAuth2forsecuringRESTAPIsandintegratesecurityinmicroservicesandserverlessapplications.Thisbookwillguideyouinintegratingadd-onsthatwilladdvaluetoanySpringSecuritymodule.Bytheendofthebook,youwillbeproficientatintegratingSpringSecurityinyourJavaapplications.
最新章節
- Leave a review - let other readers know what you think
- Other Books You May Enjoy
- Summary
- Custom DSL
- Running the application
- Pages
品牌:中圖公司
上架時間:2021-07-23 17:41:38
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Leave a review - let other readers know what you think 更新時間:2021-07-23 19:00:11
- Other Books You May Enjoy
- Summary
- Custom DSL
- Running the application
- Pages
- The Controller class
- The Model class
- HDIV configuration
- Spring MVC configuration
- Spring Security configuration
- Maven dependencies
- The Bootstrap project
- What is HDIV?
- HTTP Data Integrity Validator
- The Maven dependency
- The Spring Boot project
- Starting by unsealing Vault
- Secret management
- Key generation
- Encryption
- Password encoding
- The Crypto module
- CORS Support
- Channel security
- CSP using Spring Security
- CSP
- CSRF
- Session management
- Running the application and testing
- The custom login page
- Spring Security configuration
- Creating a new table in MySQL database
- Remember-me authentication
- Spring Security Add-Ons
- Summary
- Running the project
- Application properties
- Templates
- Controller classes
- Spring Security config
- OAuth client config
- Spring Boot class
- Maven dependencies
- Client application
- Application properties
- Controller class
- Spring MVC config class
- Spring Security config
- Resource server config
- Spring Boot run class
- Maven dependencies
- Resource server
- Application properties
- Authorization server config
- Spring Security config
- Spring Boot run class
- Maven dependencies
- Authorization server
- Sample project
- Spring Boot and OAuth2
- OAuth2 and Spring WebFlux
- Spring Security OAuth project
- Access Token and Refresh Token
- Resource owner password credentials
- Client credentials
- Implicit flow
- Authorization code flow
- Authorization grant types
- Authorization server
- Client
- Resource server
- Resource owner
- OAuth2 roles
- Advanced REST API security
- Running the application and testing
- New controller classes
- Custom WebFilter namely JWTAuthWebFilter
- Authentication success handler
- Spring Security configuration
- Simple REST API security
- Reactive REST API
- SOFEA
- Modern application architecture
- Signature
- Payload
- Header
- Structure of a token
- JSON Web Token (JWT)
- REST
- Important concepts
- REST API Security
- Summary
- Using HandlerFilterFunction
- Using WebFilter
- Writing custom filters
- Customization
- Method security
- Authorization
- Running the application
- Implementing a controller
- Implementing a repository
- Setting up a model
- MongoDB configuration
- Maven dependency
- Spring Data
- Test class
- Maven dependency
- Unit testing (WebTestClient)
- Running and testing the application
- Sending requests and retrieving responses
- Handling errors
- Creating a WebClient instance
- Maven setup
- WebClient
- Browser
- CURL
- Running the application
- The SpringSecurityFilterChain bean
- The UserDetailsService bean
- Configuration classes
- Adding security
- Running the application
- Bootstrap application
- Handler and router
- Repository
- The SpringWebFluxConfig class
- Configuration class
- Maven setup
- WebFlux project setup
- Sample project
- Spring WebFlux authorization
- Spring WebFlux authentication architecture
- Reactive WebSocket
- Reactive WebTestClient
- Reactive WebClient
- Spring WebFlux server support
- RouterFunction
- HandlerFunction
- Spring WebFlux
- Reactive in Spring MVC
- Reactive support in Spring 5
- When to choose what?
- Spring MVC versus WebFlux
- Integrating with Spring WebFlux
- Summary
- Custom filters
- Salt
- PasswordEncoder
- Multiple AuthenticationEntryPoint
- Custom AuthenticationEntryPoint
- Kerberos
- Running the application
- Setting up pages
- Controllers
- Spring Security configuration
- Spring MVC configuration
- Application configuration
- Configuration files
- Setting up a custom AuthorityGranter
- Setting up a custom principal
- Setting up LoginModule
- Setting up Maven project
- Setting up a project
- Java Authentication and Authorization Service
- Running the application
- Setting up the controller
- Creating the CasAuthenticationFilter bean
- Setting up Spring Security
- CasAuthenticationProvider bean
- TicketValidator bean
- AuthenticationEntryPoint bean
- ServiceProperties bean
- Additional bean configuration
- Changing the application.properties file
- Including CAS libraries in pom.xml
- Bootstrap Spring project using Spring Initializr
- CAS client setup
- Additional application.properties file changes
- JSON service configuration
- Registering a client with the CAS server
- Building a CAS server project and running it
- Exporting the .crt file to Java and the JRE cacert keystore
- Creating the .crt file to be used by the client
- Creating a local SSL keystore
- Creating the application.properties file
- Setting up the resources folder in the project
- Adding additional dependencies
- Git clone
- CAS server setup
- CAS
- Authentication Using CAS and JAAS
- Summary
- Running the application
- Spring Boot main application class change
- The home.jsp file
- The HomeController class
- Default application change
- Provider setup
- Setting up provider details in application.properties
- Inclusion of OAuth libraries in pom.xml
- Bootstrap Spring project using Spring Initializr
- Setting up a project
- OAuth2 and OpenID Connect
- Seeing the application in action on a browser
- Running the application
- Setting up users in the LDAP server
- LDAP server setup
- Spring Security configuration
- Set up dependencies in the pom.xml file
- Lightweight Directory Access Protocol
- Running and testing the application
- The resources folder setup
- The Spring Security configuration files
- The application.yml file setup
- The pom.xml file setup
- Setting up the project
- Setting up an SSO provider
- Security Assertion Markup Language
- Authentication Using SAML LDAP and OAuth/OIDC
- Summary
- Other Spring Security capabilities
- Domain instance
- Method invocation
- Web URL
- Authorization
- Run as Spring Boot
- In-memory user storage
- Running the application
- Step 2—Spring Security setup for a web application
- Step 1—Spring Security configuration setup
- Spring Security setup
- Step 9—JSP creation
- Step 8—Controller setup
- Step 7—Spring MVC setup
- Step 6—Web application configuration
- Step 5—Spring application configuration
- Step 4—Setting up MySQL database properties in your project
- Step 3—MySQL database schema setup
- Step 2—pom.xml changes
- Step 1—Create a Maven project in IntelliJ IDEA
- Base project setup
- Sample application
- Multiple AuthenticationProvider
- Custom AuthenticationProvider
- AuthenticationProvider
- Setting up AuthenticationManager
- Authentication
- Deep Diving into Spring Security
- Summary
- Core Spring Security modules
- Security Interceptor (DelegatingFilterProxy)
- Filter Chain
- Servlet Filter
- Working of Spring Security
- Spring Security 5's new features
- Authorization
- Authentication
- Spring Security's core features
- Spring Security terminologies
- Spring Security
- Application security
- WebSockets
- WebClient
- Reactive Spring Web
- Spring WebFlux
- Reactive Web Application
- Reactor and RxJava
- Data stream types
- The Mono reactive type
- The Flux reative type
- Reactive types in Reactor Core
- Modules in Reactor
- Spring Framework and reactive applications
- The Processor interface
- The Subscription interface
- The Subscriber Interface
- The Publisher Interface
- Important interfaces
- JDK 9 additions
- Reactive Streams and RxJava
- RxJava
- Reactive Extensions
- Backpressure
- Non-blocking
- Reactive Streams and Reactive Streams Specifications
- Reactive Landscape in Java
- Spring Framework
- Message-driven
- Elastic
- Resilient
- Responsive
- Reactive Manifesto
- Reactive applications
- Reactive programming
- New-generation application requirements
- How examples are structured
- Overview of Spring 5 and Spring Security 5
- Reviews
- Get in touch
- Conventions used
- Download the color images
- Download the example code files
- To get the most out of this book
- What this book covers
- Who this book is for
- Preface
- Packt is searching for authors like you
- About the reviewer
- About the author
- Contributors
- PacktPub.com
- Why subscribe?
- Packt Upsell
- Dedication
- Hands-On Spring Security 5 for Reactive Applications
- Copyright and Credits
- Title Page
- 封面
- 封面
- Title Page
- Copyright and Credits
- Hands-On Spring Security 5 for Reactive Applications
- Dedication
- Packt Upsell
- Why subscribe?
- PacktPub.com
- Contributors
- About the author
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Overview of Spring 5 and Spring Security 5
- How examples are structured
- New-generation application requirements
- Reactive programming
- Reactive applications
- Reactive Manifesto
- Responsive
- Resilient
- Elastic
- Message-driven
- Spring Framework
- Reactive Landscape in Java
- Reactive Streams and Reactive Streams Specifications
- Non-blocking
- Backpressure
- Reactive Extensions
- RxJava
- Reactive Streams and RxJava
- JDK 9 additions
- Important interfaces
- The Publisher Interface
- The Subscriber Interface
- The Subscription interface
- The Processor interface
- Spring Framework and reactive applications
- Modules in Reactor
- Reactive types in Reactor Core
- The Flux reative type
- The Mono reactive type
- Data stream types
- Reactor and RxJava
- Reactive Web Application
- Spring WebFlux
- Reactive Spring Web
- WebClient
- WebSockets
- Application security
- Spring Security
- Spring Security terminologies
- Spring Security's core features
- Authentication
- Authorization
- Spring Security 5's new features
- Working of Spring Security
- Servlet Filter
- Filter Chain
- Security Interceptor (DelegatingFilterProxy)
- Core Spring Security modules
- Summary
- Deep Diving into Spring Security
- Authentication
- Setting up AuthenticationManager
- AuthenticationProvider
- Custom AuthenticationProvider
- Multiple AuthenticationProvider
- Sample application
- Base project setup
- Step 1—Create a Maven project in IntelliJ IDEA
- Step 2—pom.xml changes
- Step 3—MySQL database schema setup
- Step 4—Setting up MySQL database properties in your project
- Step 5—Spring application configuration
- Step 6—Web application configuration
- Step 7—Spring MVC setup
- Step 8—Controller setup
- Step 9—JSP creation
- Spring Security setup
- Step 1—Spring Security configuration setup
- Step 2—Spring Security setup for a web application
- Running the application
- In-memory user storage
- Run as Spring Boot
- Authorization
- Web URL
- Method invocation
- Domain instance
- Other Spring Security capabilities
- Summary
- Authentication Using SAML LDAP and OAuth/OIDC
- Security Assertion Markup Language
- Setting up an SSO provider
- Setting up the project
- The pom.xml file setup
- The application.yml file setup
- The Spring Security configuration files
- The resources folder setup
- Running and testing the application
- Lightweight Directory Access Protocol
- Set up dependencies in the pom.xml file
- Spring Security configuration
- LDAP server setup
- Setting up users in the LDAP server
- Running the application
- Seeing the application in action on a browser
- OAuth2 and OpenID Connect
- Setting up a project
- Bootstrap Spring project using Spring Initializr
- Inclusion of OAuth libraries in pom.xml
- Setting up provider details in application.properties
- Provider setup
- Default application change
- The HomeController class
- The home.jsp file
- Spring Boot main application class change
- Running the application
- Summary
- Authentication Using CAS and JAAS
- CAS
- CAS server setup
- Git clone
- Adding additional dependencies
- Setting up the resources folder in the project
- Creating the application.properties file
- Creating a local SSL keystore
- Creating the .crt file to be used by the client
- Exporting the .crt file to Java and the JRE cacert keystore
- Building a CAS server project and running it
- Registering a client with the CAS server
- JSON service configuration
- Additional application.properties file changes
- CAS client setup
- Bootstrap Spring project using Spring Initializr
- Including CAS libraries in pom.xml
- Changing the application.properties file
- Additional bean configuration
- ServiceProperties bean
- AuthenticationEntryPoint bean
- TicketValidator bean
- CasAuthenticationProvider bean
- Setting up Spring Security
- Creating the CasAuthenticationFilter bean
- Setting up the controller
- Running the application
- Java Authentication and Authorization Service
- Setting up a project
- Setting up Maven project
- Setting up LoginModule
- Setting up a custom principal
- Setting up a custom AuthorityGranter
- Configuration files
- Application configuration
- Spring MVC configuration
- Spring Security configuration
- Controllers
- Setting up pages
- Running the application
- Kerberos
- Custom AuthenticationEntryPoint
- Multiple AuthenticationEntryPoint
- PasswordEncoder
- Salt
- Custom filters
- Summary
- Integrating with Spring WebFlux
- Spring MVC versus WebFlux
- When to choose what?
- Reactive support in Spring 5
- Reactive in Spring MVC
- Spring WebFlux
- HandlerFunction
- RouterFunction
- Spring WebFlux server support
- Reactive WebClient
- Reactive WebTestClient
- Reactive WebSocket
- Spring WebFlux authentication architecture
- Spring WebFlux authorization
- Sample project
- WebFlux project setup
- Maven setup
- Configuration class
- The SpringWebFluxConfig class
- Repository
- Handler and router
- Bootstrap application
- Running the application
- Adding security
- Configuration classes
- The UserDetailsService bean
- The SpringSecurityFilterChain bean
- Running the application
- CURL
- Browser
- WebClient
- Maven setup
- Creating a WebClient instance
- Handling errors
- Sending requests and retrieving responses
- Running and testing the application
- Unit testing (WebTestClient)
- Maven dependency
- Test class
- Spring Data
- Maven dependency
- MongoDB configuration
- Setting up a model
- Implementing a repository
- Implementing a controller
- Running the application
- Authorization
- Method security
- Customization
- Writing custom filters
- Using WebFilter
- Using HandlerFilterFunction
- Summary
- REST API Security
- Important concepts
- REST
- JSON Web Token (JWT)
- Structure of a token
- Header
- Payload
- Signature
- Modern application architecture
- SOFEA
- Reactive REST API
- Simple REST API security
- Spring Security configuration
- Authentication success handler
- Custom WebFilter namely JWTAuthWebFilter
- New controller classes
- Running the application and testing
- Advanced REST API security
- OAuth2 roles
- Resource owner
- Resource server
- Client
- Authorization server
- Authorization grant types
- Authorization code flow
- Implicit flow
- Client credentials
- Resource owner password credentials
- Access Token and Refresh Token
- Spring Security OAuth project
- OAuth2 and Spring WebFlux
- Spring Boot and OAuth2
- Sample project
- Authorization server
- Maven dependencies
- Spring Boot run class
- Spring Security config
- Authorization server config
- Application properties
- Resource server
- Maven dependencies
- Spring Boot run class
- Resource server config
- Spring Security config
- Spring MVC config class
- Controller class
- Application properties
- Client application
- Maven dependencies
- Spring Boot class
- OAuth client config
- Spring Security config
- Controller classes
- Templates
- Application properties
- Running the project
- Summary
- Spring Security Add-Ons
- Remember-me authentication
- Creating a new table in MySQL database
- Spring Security configuration
- The custom login page
- Running the application and testing
- Session management
- CSRF
- CSP
- CSP using Spring Security
- Channel security
- CORS Support
- The Crypto module
- Password encoding
- Encryption
- Key generation
- Secret management
- Starting by unsealing Vault
- The Spring Boot project
- The Maven dependency
- HTTP Data Integrity Validator
- What is HDIV?
- The Bootstrap project
- Maven dependencies
- Spring Security configuration
- Spring MVC configuration
- HDIV configuration
- The Model class
- The Controller class
- Pages
- Running the application
- Custom DSL
- Summary
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-07-23 19:00:11
