Book Image

Hands-On Spring Security 5 for Reactive Applications

By : Tomcy John
Book Image

Hands-On Spring Security 5 for Reactive Applications

By: Tomcy John

Overview of this book

Spring Security enables developers to seamlessly integrate authorization, authentication, and a range of security features for complex enterprise applications. This book provides a hands-on approach to developing reactive applications using Spring and will help you get up and running in no time. Complete with step-by-step explanations, practical examples, and self-assessment questions, the book begins by explaining the essential concepts of reactive programming, Spring Framework, and Spring Security. You’ll then learn about a variety of authentication mechanisms and how to integrate them easily with a Spring MVC application. You’ll also understand how to achieve authorization in a Spring WebFlux application using Spring Security. Furthermore, the book will take you through the configuration required to implement OAuth2 for securing REST APIs, and guide you in integrating security in microservices and serverless applications. Finally, you’ll be able to augment add-ons that will enhance any Spring Security module. By the end of the book, you’ll be equipped to integrate Spring Security into your Java enterprise applications proficiently.
Table of Contents (15 chapters)
Title Page
Copyright and Credits
Packt Upsell

Custom filters

As explained earlier, Spring Security works on servlet filters. There are number of built-in servlet filters that do almost all the necessary functionalities. If needed, Spring Security does provide a mechanism to write your own custom filter and can be plugged in at the right point in the filter chain execution. Create your own filter by extending org.springframework.web.filter.GenericFilterBean as shown in the following code snippet:

public class NewLogicFilter extends GenericFilterBean {
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException {
        // Custom logic
        chain.doFilter(request, response);

Once you create your own filter, plug it into the filter chain in the Spring Security configuration file as follows:

public class SpringSecurityConfiguration extends WebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity...