Spring Security
What is Spring Security?
It is a powerful and highly customizable authentication and access-control(RBAC) framework. It is the standard for securing Spring-based web applications. This framework focuses on providing both authentication and authorization to Java applications. Similar to other modules, You can easily extend the Spring Security module to meet custom requirements.
Features
Here are some of the features offered by spring security out of the box.
- Comprehensive and extensible support for both Authentication and Authorization.
- session fixation prevention
- Fights clickjacking, cross-site request forgery, etc
- Security-related Header integration
- Servlet API integration
- Optional integration with Spring Web MVC.
- Much more…
List of Tutorials
These Spring Security tutorials focus on securing applications. In this post, We have covered all security related tutorials with examples.
Learn about simple login and logout first. With that basic demonstration, proceed to learn some of the core concepts of security. These posts help you deal with the internals and of the framework.
Finally, take a look at Spring Session implementation with examples.
Login and Logout
This segment contains various ways to implement login and logout using Spring Security.
- How to implement form login
- Customizing Form log in with an Example
- How to implement Basic Authentication
Spring Security Concepts
We cover some of the important security concepts in this section.
- Understanding UserDetailsService : In-Memory implementation
- Load username and password from database
- Understanding PasswordEncoders with example
- Roles and Privileges (RBAC) with Example
Session Management and Security
Session management is one of the core concepts in Spring Security. Here we have instructions on how to implement a session store with redis as example.
- Customizing Session cookies
- Scalable Secure applications using Redis as a session store
- Scalable Secure applications using JDBC as a session store
- Using separate Database for Spring Sessions
You could find all of these examples in our github repositories list. If you would like to learn more about a specific feature of Spring Security, Then drop a comment below.