What do you think?
Rate this book
Spring Security 3
Secure your web applications against malicious intruders with this easy to follow practical guide In Detail Security is of critical importance to all web applications. Vulnerable applications are easy prey for hackers. This book is the perfect tool for Java developers looking to repel attacks against their web applications using the proven Spring Security library to achieve this. A comprehensive guide to Spring Security 3. You will learn through real world business scenarios how to guard against the latest threats. You will also learn to combine Spring Security 3 with external security providers such as LDAP, OpenID, CAS, Kerberos, and Active Directory. The book starts by giving an overview of security concepts and techniques, as well as setup and configuration. The book then gets you working with a JSP based web application that implements a simple e-commerce website. At this point you will progressively enhance the application giving you hands on experience implementing features of Spring Security 3 in real world business scenarios. The second half of the book is devoted to common integration scenarios that you will come accross every day. At this stage you will be in a position to solve specific, complex integration problems. The book will end by showing migration from Spring Security 2 to 3. This practical guide will show you how to implement Spring Security 3 and protect your applications from being breached using a combination of real world, straightforward examples. What you will learn from this book Approach The book starts by teaching the basic fundamentals of Spring Security 3 such as setup and configuration. Later it looks at more advanced topics showing the reader how to solve complex real world security issues. Who this book is written for This book is for Java developers who build web projects and applications. The book assumes basic familiarity with Java, XML and the Spring Framework. Newcomers to Spring Security will still be able to utilize all aspects of this book.
- GenresTechnicalProgramming
397 pages, Paperback
First published May 20, 2010
15 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 3 of 3 reviews
August 3, 2012
Spring Security 3 is a pretty decent book if you want to get started with Spring Security or want to know more of the internals or exotic features it has to offer.
The book starts with a brief explanation of the different parts of secutiry and after that explains how these are implemented/used in Spring Security. During the different chapters in the book they explain the different features of Spring Security with the use of a consistent sample (application) and security review. During the samples the issues of the security review are being solved, it is also explained why you should solve them and why they are a risk.
The sample application is being secured in a couple of chapters, each of the chapters explains a part of Spring Security. It starts simple and progresses to the more exotic features of the framework, however it doesn’t stop there. There is also a lot of explaining going on what is happening internally in the framework, which classes are used and why. In short you basically get an in depth explanation of the Spring Security namespace.
Another great thing about the book is that it covers, in quite some detail, some of the less well documented features of Spring Security. Spring Security has the notion of groups, which is pretty much unmentioned in the reference guide, this book explains it in quite a clear and concise way. Another feature explained quite well is the use of ACL, often asked in the forums and still undocumented in the reference guide. So this book also fills in those gaps. Next to those features it also explains how to use OpenID, SSO, Client Certificates and how to configure them (again in quite some detail).
So in short if you want to know how Spring Security 3 works internally, what the namespace actually does, how those undocumented features work, this book is a must read. I would say this book is a must read for all the Spring Security users out there.
The book starts with a brief explanation of the different parts of secutiry and after that explains how these are implemented/used in Spring Security. During the different chapters in the book they explain the different features of Spring Security with the use of a consistent sample (application) and security review. During the samples the issues of the security review are being solved, it is also explained why you should solve them and why they are a risk.
The sample application is being secured in a couple of chapters, each of the chapters explains a part of Spring Security. It starts simple and progresses to the more exotic features of the framework, however it doesn’t stop there. There is also a lot of explaining going on what is happening internally in the framework, which classes are used and why. In short you basically get an in depth explanation of the Spring Security namespace.
Another great thing about the book is that it covers, in quite some detail, some of the less well documented features of Spring Security. Spring Security has the notion of groups, which is pretty much unmentioned in the reference guide, this book explains it in quite a clear and concise way. Another feature explained quite well is the use of ACL, often asked in the forums and still undocumented in the reference guide. So this book also fills in those gaps. Next to those features it also explains how to use OpenID, SSO, Client Certificates and how to configure them (again in quite some detail).
So in short if you want to know how Spring Security 3 works internally, what the namespace actually does, how those undocumented features work, this book is a must read. I would say this book is a must read for all the Spring Security users out there.
July 23, 2014
ooots.
June 6, 2014
Easy to follow examples, good coverage. Liked it.
Displaying 1 - 3 of 3 reviews