Book Image

Hands-On Spring Security 5 for Reactive Applications

By : Tomcy John
Book Image

Hands-On Spring Security 5 for Reactive Applications

By: Tomcy John

Overview of this book

Spring Security enables developers to seamlessly integrate authorization, authentication, and a range of security features for complex enterprise applications. This book provides a hands-on approach to developing reactive applications using Spring and will help you get up and running in no time. Complete with step-by-step explanations, practical examples, and self-assessment questions, the book begins by explaining the essential concepts of reactive programming, Spring Framework, and Spring Security. You’ll then learn about a variety of authentication mechanisms and how to integrate them easily with a Spring MVC application. You’ll also understand how to achieve authorization in a Spring WebFlux application using Spring Security. Furthermore, the book will take you through the configuration required to implement OAuth2 for securing REST APIs, and guide you in integrating security in microservices and serverless applications. Finally, you’ll be able to augment add-ons that will enhance any Spring Security module. By the end of the book, you’ll be equipped to integrate Spring Security into your Java enterprise applications proficiently.
Table of Contents (15 chapters)
Title Page
Copyright and Credits
Packt Upsell

Spring MVC versus WebFlux

Spring WebFlux was brought in as part of Spring 5 to bring in a new alternative to existing Spring MVC. Spring WebFlux brings in non-blocking event loop style programming to provide asynchronicity.


Event loop was brought in and made famous by Node.js. Node.js was able to perform non-blocking operations using single-threaded JavaScript by offloading operations to the system kernel whenever possible. The kernel, being multithreaded, is able to do these offloaded operations and after successful execution notifies Node.js through callbacks. There is a constantly running process that checks the call stack (where operations are stacked which need to be executed) and keeps executing processes in First In, First Out (FIFO) manner. If the call stack is empty, it looks into the Event Queue for operations. It picks them up and then moves them to the call stack to be further picked for execution.

The following diagram shows what is in both web application frameworks:

Figure 1...