Instant Spring Security Starter
Piotr Jagielski, Jakub Nabrdalik
- 出版商: Packt Publishing
- 出版日期: 2013-06-14
- 售價: $1,000
- 貴賓價: 9.5 折 $950
- 語言: 英文
- 頁數: 70
- 裝訂: Paperback
- ISBN: 1782168834
- ISBN-13: 9781782168836
-
相關分類:
Java 相關技術、資訊安全
海外代購書籍(需單獨結帳)
相關主題
商品描述
Learn the fundamentals of web authentication and authorization using Spring Security
Overview
- Learn something new in an Instant! A short, fast, focused guide delivering immediate results
- Learn basic login/password and two-phase authentication
- Secure access all the way from frontend to backend
- Learn about the available security models, SPEL, and pragmatic considerations
In Detail
When it comes to security, you need a proven but easy to understand solution. Spring Security is a highly customizable authentication and access-control JVM framework with a 10 year history. It has most of the answers to your security questions ready out of the box, while still allowing you to customize and configure everything you need.
Instant Spring Security Starter will help you get started with Spring Security in one evening of reading and one day of programming. Focusing only on the aspects of Spring Security that are most useful in practice, this book explains the architectural concepts of the framework in a simple and straightforward manner.
You will start off by learning the big picture and how to set up Spring Security, which will give you a better understanding of the fundamentals of the framework. You will be introduced to the authentication and authorization flows and the different possible models of security. The book will then teach you how to secure methods and web resources with business rules and will discuss the reasons for using two-phase authentication. You will also learn about aspects that you need to watch out for, and how to deal with them in integration tests. Furthermore, we will also cover the common pitfalls, mistakes, and open Single Sign-on solutions. By the end of the book, you will have learned how to use Spring Security effectively, and the book will also show you a few advanced but very popular solutions to modern problems.
What you will learn from this book
- Understand two-phase authentication
- Secure methods in the backend
- Write integration tests with access control
- Secure the backend for REST services and single-page applications
Approach
Get to grips with a new technology, understand what it is and what it can do for you, and then get to work with the most important features and tasks. A concise guide written in an easy-to-follow format following the Starter guide approach.
Who this book is written for
This book is for people who have not used Spring Security before and want to learn how to use it effectively in a short amount of time. It is assumed that readers know both Java and HTTP protocol at the level of basic web programming. The reader should also be familiar with Inversion-of-Control/Dependency Injection, preferably with the Spring framework itself.
商品描述(中文翻譯)
學習使用Spring Security進行網路身份驗證和授權的基礎知識
概述:
- 快速、簡潔的指南,提供即時結果的學習方式
- 學習基本的登入/密碼和兩階段驗證
- 從前端到後端實現安全存取
- 了解可用的安全模型、SPEL和實用考量
詳細內容:
當談到安全性時,您需要一個經過驗證但易於理解的解決方案。Spring Security是一個高度可自定義的身份驗證和存取控制JVM框架,擁有10年的歷史。它幾乎可以立即回答您的安全問題,同時仍允許您自定義和配置所需的一切。
《Instant Spring Security Starter》將幫助您在一個晚上的閱讀和一天的編程中開始使用Spring Security。本書僅關注實踐中最有用的Spring Security方面,以簡單明瞭的方式解釋框架的架構概念。
您將首先學習整體架構和如何設置Spring Security,這將使您更好地理解框架的基礎知識。您將介紹身份驗證和授權流程以及不同的安全模型。本書還將教您如何使用業務規則保護方法和網路資源,並討論使用兩階段驗證的原因。您還將了解需要注意的方面,以及如何在整合測試中處理它們。此外,我們還將涵蓋常見的陷阱、錯誤和開放式單一登入解決方案。通過本書,您將學會如何有效使用Spring Security,並了解一些現代問題的高級但非常受歡迎的解決方案。
本書的學習重點:
- 理解兩階段驗證
- 保護後端方法
- 撰寫具有存取控制的整合測試
- 保護REST服務和單頁應用程式的後端
這本書的寫作對象:
本書適合那些以前沒有使用過Spring Security並希望在短時間內有效使用它的人。假設讀者對Java和HTTP協議有基本的網路程式設計水平。讀者還應該熟悉控制反轉/依賴注入,最好是Spring框架本身。