Spring Security has a number of capabilities apart from core security features, authentication and authorization. Some of the most important ones are listed here. In Chapter 7, Spring Security Add-Ons, we will go through each of these in more detail using hands-on coding. We will build on the example that we have created in this chapter and explain each of these very important Spring Security capabilities:
- Remember-me authentication: This is also known as persistent-login, and it allows websites to remember a user's identity in between multiple sessions. Spring Security provides a couple of implementations (hashed-token-based and persistent-token-based) that make this easy.
- Cross Site Request Forgery (CSRF): This is a very common security exploit employed by hackers to do unethical operations, whereby unauthorized commands are sent on behalf of the user. Spring Security allows us to fix this exploit easily with configurations.
- Cross-Origin Resource Sharing...