Pro Spring security
Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and adv...
| Autor principal: | |
|---|---|
| Otros Autores: | |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
[Berkeley, CA] : New York :
Apress ; Springer
c2013.
|
| Edición: | 1st ed. 2013. |
| Colección: | Expert's voice in Spring.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009628678106719 |
Tabla de Contenidos:
- Cover; Title Page; Copyright Page; Contents at a Glance; Table of Contents; About the Author; About the Technical Reviewer; CHAPTER 1 The Scope of Security; The Network Security Layer; The Operating System Layer; The Application Layer; Authentication; Authorization; ACLs; Authentication and Authorization: General Concepts; What to Secure; More Security Concerns; Java Options for Security; Summary; CHAPTER 2 Introducing Spring Security; What Is Spring Security?; Where Does Spring Security Fit In?; Spring Security and Spring; Spring Framework: A Quick Overview; Dependency Injection
- Aspect Oriented Programming (AOP)An Initial Spring Security Secured Application; Adding Spring Security (and Spring Core Itself ) to the Project; Spring Security Source; Configuring the Web Project To Be Aware of Spring Security; Understanding the Simple Application; Summary; CHAPTER 3 Spring Security Architecture and Design; What Components Make Up Spring Security?; The 10,000-Foot View; The 1,000-Foot View; The 100-Foot View; The Security Interceptor; The XML Namespace; The Filters and Filter Chain; ConfigAttribute; The Authentication Object; SecurityContext and SecurityContextHolder
- AuthenticationProviderAccessDecisionManager; AffirmativeBased; ConsensusBased; UnanimousBased; AccessDecisionVoter; UserDetailsService and AuthenticationUserDetailsService; UserDetails; ACL; JSP Taglib; Good Design and Patterns in Spring Security; Strategy Pattern; Decorator Pattern; SRP; DI; Summary; CHAPTER 4 Web Security; Introducing the Simple Example Application; The Special URLs; Custom Login Form; Basic HTTP Authentication; Digest Authentication; Remember-Me Authentication; Allowing Remember-Me Access to Selected Parts of the Application; Logging Out
- The Session (javax.servlet.http.HttpSession) and the SecurityContextBeyond Simple User Roles: Using Spring Expression Language to Secure the Web Layer; Extend with Your Own Expressions; Switching to a Different User; Session Management; Using Different Pattern Matchers for Matching Requests; Forcing the Request to HTTPS; Using the JSP Taglib; Role Hierarchies; Summary; CHAPTER 5 Securing the Service Layer; The Limitations of Web-Level Security; What Is Business Service-Level Security?; Setting Up the Example for the Chapter; How the Described Actions Happen Under the Hood
- Creating a Business Layer in Your Application@RolesAllowed Annotation; Securing the Application Using SpEL Expressions; Securing the Data Returned from a Method; Filtering Collections Sent and Returned from Methods; Security Defined in XML; Security Without a Web Layer; Using AspectJ AOP instead of Spring AOP; Summary; CHAPTER 6 Configuring Alternative Authentication Providers; Database-Provided Authentication; Creating the Basic Tables; Using Groups; Using Existing Schemas; LDAP Authentication; Installing and Configuring LDAP
- Other Attributes and Elements in the LDAP Spring Security Namespace
