Book Image

Hands-On Spring Security 5 for Reactive Applications

By : Tomcy John
Book Image

Hands-On Spring Security 5 for Reactive Applications

By: Tomcy John

Overview of this book

Spring Security enables developers to seamlessly integrate authorization, authentication, and a range of security features for complex enterprise applications. This book provides a hands-on approach to developing reactive applications using Spring and will help you get up and running in no time. Complete with step-by-step explanations, practical examples, and self-assessment questions, the book begins by explaining the essential concepts of reactive programming, Spring Framework, and Spring Security. You’ll then learn about a variety of authentication mechanisms and how to integrate them easily with a Spring MVC application. You’ll also understand how to achieve authorization in a Spring WebFlux application using Spring Security. Furthermore, the book will take you through the configuration required to implement OAuth2 for securing REST APIs, and guide you in integrating security in microservices and serverless applications. Finally, you’ll be able to augment add-ons that will enhance any Spring Security module. By the end of the book, you’ll be equipped to integrate Spring Security into your Java enterprise applications proficiently.
Table of Contents (15 chapters)
Title Page
Copyright and Credits
Packt Upsell

Spring Security OAuth project

Currently in the Spring ecosystem, OAuth support has spread to a number of projects, including Spring Security Cloud, Spring Security OAuth, Spring Boot, and the edition of Spring Security (5.x+). This has created a lot of confusion within the community and no single source of ownership. The approach taken by the Spring team is to consolidate this and start maintaining everything regarding to OAuth with Spring Security. Important components that are part of OAuth, namely the authorization server, the resource server, and next-level support for OAuth2, as well as OpenID Connect 1.0, are expected to be added to Spring Security by the end of 2018. The Spring Security roadmap clearly states that by mid-2018, support for the resource server would be added, and the authorization server by the end of 2018.

The Spring Security OAuth project, as it stands at the time of writing this book, is in maintenance mode. This means that there will be a release for bug/security...