Spring Security in Action

Don't let security be an afterthought. Spring Security in Action, Second Edition is your vital companion to robust, secure applications that are protected right from the first line of code.Spring Security in Action, Second Edition is a revised version of the bestselling original, fully updated for Spring Boot 3 and Oauth2/OpenID Connect.In Spring Security in Action, Second Edition you will learn essential security skills including how to:• Implement and customize authentication and authorization• Set up all components of an OAuth2/OpenID Connect system• Utilize CRSF and CORS configurations• Secure Spring reactive applications• Write tests for security configurationsWhether you’re a beginner or a pro, Spring Security in Action, Second Edition teaches you how to secure your Java applications from the ground up. Author Laurentiu Spilca distills his years of experience as a skilled Java and Spring developer[...]into an indispensable guide to everything security—from authentication and authorization, to testing security configurations. This new edition covers the latest patterns for application-level security in Spring apps, demonstrating how Spring Security simplifies every step of the security process.Foreword by Joe Grandja.About the technologySpring Security makes it much, much easier to secure enterprise-scale Java applications. This powerful framework integrates with Spring apps end to end, with “secure by design” principles and ready-to-use features that help you implement robust authorization and authentication and protect against data theft and intrusions. And like everything else in the Spring ecosystem, it’s free, open source, and backed by the awesome team at VMWare.About the bookSpring Security in Action, Second Edition updates this bestselling guide to Spring Security to include deep coverage of OAuth2/OpenID Connect and security configuration using the new SecurityFilterChain. The crystal clear explanations and relevant examples, teach you how to build your own authorization server, configure secure endpoints, and prevent cross-site scripting and request forgery attacks.What's inside• Custom authentication and authorization• CRSF and CORS configurations• Secure Spring reactive applications• Write tests for security configurationsAbout the readerFor experienced Java and Spring developers.About the authorLaurentiu Spilca is a skilled Java and Spring developer and an experienced technology instructor. He is also the author of Manning’s Spring Start Here and Troubleshooting Java.