Book Image

Hands-On Spring Security 5 for Reactive Applications

By : Tomcy John
Book Image

Hands-On Spring Security 5 for Reactive Applications

By: Tomcy John

Overview of this book

Spring Security enables developers to seamlessly integrate authorization, authentication, and a range of security features for complex enterprise applications. This book provides a hands-on approach to developing reactive applications using Spring and will help you get up and running in no time. Complete with step-by-step explanations, practical examples, and self-assessment questions, the book begins by explaining the essential concepts of reactive programming, Spring Framework, and Spring Security. You’ll then learn about a variety of authentication mechanisms and how to integrate them easily with a Spring MVC application. You’ll also understand how to achieve authorization in a Spring WebFlux application using Spring Security. Furthermore, the book will take you through the configuration required to implement OAuth2 for securing REST APIs, and guide you in integrating security in microservices and serverless applications. Finally, you’ll be able to augment add-ons that will enhance any Spring Security module. By the end of the book, you’ll be equipped to integrate Spring Security into your Java enterprise applications proficiently.
Table of Contents (15 chapters)
Title Page
Copyright and Credits
Packt Upsell

Reactive REST API

In the Chapter 4, Authentication Using CAS and JAAS, we went through the reactive Spring WebFlux web application framework in detail. We also looked into a lot of the reactive programming support provided by the Spring Framework and other Spring modules. Knowingly or unknowingly, we created a reactive REST API in the previous chapter's example sections. We used a handler and router mechanism for creating a RESTful application and also secured it using the BASIC authentication mechanism.



We saw the workings of WebClient (a reactive way of calling REST APIs, as opposed to using a blocking RestTemplate) and WebTestClient (a reactive way of writing test cases). We also saw the workings of Spring Data in a reactive way using MongoDB as the persistent store.

We will not go through these aspects here; we will only mention that, if you wish, you can make yourself comfortable with this topic by going through the section in Chapter 4, Authentication Using CAS and JAAS. In this chapter...