Book Image

SPRING COOKBOOK

By : Jerome Jaglale, Yilmaz
Book Image

SPRING COOKBOOK

By: Jerome Jaglale, Yilmaz

Overview of this book

This book is for you if you have some experience with Java and web development (not necessarily in Java) and want to become proficient quickly with Spring.
Table of Contents (14 chapters)
13
Index

Introduction


In this chapter, we'll cover the basics of managing the security of a Spring web application using user authentication, user authorization, and HTTPS.

User authentication is all about identifying a user: usually through a username and a password. User authorization is about assigning roles to users. These roles are then used at runtime to determine whether a user is allowed to perform a given action or view some specific contents. User authentication and authorization are handled by Spring.

HTTPS is all about encrypting the communication between our web server and the user's browser using Secure Sockets Layer (SSL). HTTPS needs to be enabled at the server level. We'll see how to do this with Tomcat.

Note

The first recipe, Enabling Spring Security, is required for any of the other recipes to work.