Book Image

Hands-On Spring Security 5 for Reactive Applications

By : Tomcy John
Book Image

Hands-On Spring Security 5 for Reactive Applications

By: Tomcy John

Overview of this book

Spring Security enables developers to seamlessly integrate authorization, authentication, and a range of security features for complex enterprise applications. This book provides a hands-on approach to developing reactive applications using Spring and will help you get up and running in no time. Complete with step-by-step explanations, practical examples, and self-assessment questions, the book begins by explaining the essential concepts of reactive programming, Spring Framework, and Spring Security. You’ll then learn about a variety of authentication mechanisms and how to integrate them easily with a Spring MVC application. You’ll also understand how to achieve authorization in a Spring WebFlux application using Spring Security. Furthermore, the book will take you through the configuration required to implement OAuth2 for securing REST APIs, and guide you in integrating security in microservices and serverless applications. Finally, you’ll be able to augment add-ons that will enhance any Spring Security module. By the end of the book, you’ll be equipped to integrate Spring Security into your Java enterprise applications proficiently.
Table of Contents (15 chapters)
Title Page
Copyright and Credits
Packt Upsell

Sample project

In our sample project, we will set up our own authorization server, against which we will authorize the APIs exposed through our resource server. We have movie APIs exposed on our resource server, and the client application will authenticate with the application (the client application is Spring Security protected) and then try accessing one of the movie APIs, at which point the OAuth flow will kick in. After a successful authorization check with the authorization server, the client will be given access to the requested movie APIs.


We will have a parent project containing three Spring Boot projects: oauth-authorization-server, oauth-resource-server, and oauth-client-app:

Figure 11: Project structure in IntelliJ

We will now look at each of the individual Spring Boot projects in the subsequent sections. The full source code is available on the book's GitHub page under the spring-boot-spring-security-oauth project.

Authorization server

This is a conventional Spring Boot project,...