What this book covers

Chapter 1, Overview of Spring 5 and Spring Security 5, introduces you to the new application requirements and then introduces you to reactive programming concepts. It touches on application security and what Spring Security brings to the table to address security concerns in an application. The chapter then gets into a bit more into Spring Security and then finally closes by explaining how the examples in this book are structured.

Chapter 2, Deep Diving into Spring Security, deep dives into the technical capability of core Spring Security; namely, Authentication and Authorization. The chapter then gets your hands dirty with some example code, in which we will set up a project using Spring Security. Then, in due course introduces you to the approach by which the code samples will be explained throughout the book.

Chapter 3, Authentication Using SAML, LDAP, and OAuth/OIDC, introduces you to three authentication mechanisms; namely, SAML, LDAP, and OAuth/OIDC. This is the first of two main chapters, in which we will dive deep into various authentication mechanisms supported by Spring Security using hands-on coding. We will be explaining each authentication mechanism using a simple example to cover the crux of the topic, and we'll be keeping the example simple for easy understanding.

Chapter 4, Authentication Using CAS and JAAS, introduces you to two more authentication mechanisms that are very much prevalent in enterprises—CAS and JAAS. This is the second of the two main chapters, similar to Chapter 3, Authentication Using SAML, LDAP, and OAuth/OIDC, which will initially cover the theoretical aspects of these authentication mechanisms. This chapter concludes the topic by implementing a fully-fledged example using Spring Security.

Chapter 5, Integrating with Spring WebFlux, introduces you to one of the new modules introduced as part of Spring 5—Spring WebFlux. Spring WebFlux is a web application framework in the Spring ecosystem that was built from the ground up to be fully reactive. We will bring the reactive parts of Spring Security out in this chapter and will also detail the Spring WebFlux framework itself. First we will introduce you to Spring WebFlux using an example and then we will build on the additional technical capabilities on top of the base application.

Chapter 6, REST API Security, starts off by introducing you to some of the important concepts in regards to REST and JWT. It then introduces OAuth concepts and, using hands-on coding examples, explains simple and advanced REST API security, focusing on utilizing Spring Security and Spring Boot modules in Spring Framework. The examples will use the OAuth protocol and will be using Spring Security to the fullest to secure REST APIs. In addition to that, JWT will be used to exchange claims between the server and client.

Chapter 7, Spring Security Add-Ons, introduces many products (open source and paid versions) that can be considered for use alongside Spring Security. These products are strong contenders that can be used to achieve the technical capability that you are looking for in your application to cover various security requirements. We will introduce a product to you by giving you the gist of the technical capability that needs addressing in your application, before taking a look at the product in question and explaining how it provides the solutions you require..