Finally, the book is here. Simplifying Spring Security.
As part of writing this blog, I also follow few communities on Facebook. Most of these communities are related to Spring Framework and Spring Boot. The number of users asks questions related to Spring Security. Hence, I wondered why not write a book about it.
Also as a developer, when I’m writing a Spring Boot application, I often use Spring Security. Accordingly, I always felt like I was using this mysterious library that solves my authentication problems. I wanted to understand the fundamentals and how Spring Security dealt with authentication and authorization.
In the book, I cover from fundamentals of authentication, authorization, and how to use Spring Security for different authentication flows. Also, I show these flows with examples. As part of the book, you will also get access to a source code repository that you can play with.
In short, I cover the following topics in the book:
- What is Spring Security?
- How Spring Security fits in with Spring Boot Application?
- Why you need Spring Security?
- What is authentication?
- Authentication Architecture
- Types of Authentication
- Implementation of Different Flows
- What is authorization?
- How does Spring Security handle authorization?
- What are GrantedAuthorities?
- Implementation of Authorization in an application
- Protection against common exploits
- Transport Layer Security
- Security HTTP Response Headers
- Clickjacking Attack
- Cross-site Request Forgery Attack (CSRF)
First, it is a technical book and if you are a developer, it will easily help you improve your career. You’ll learn a lot about authentication and can solve some crucial security problems that many applications face.
Most importantly, you can also build your own application and use any of these authentication mechanisms for the application.
Subsequently, if you are getting started for a job in Spring Boot or Spring Framework, the book will also help you in preparing for Spring Security interviews.