Book Image

Hands-On Spring Security 5 for Reactive Applications

By : Tomcy John
Book Image

Hands-On Spring Security 5 for Reactive Applications

By: Tomcy John

Overview of this book

Spring Security enables developers to seamlessly integrate authorization, authentication, and a range of security features for complex enterprise applications. This book provides a hands-on approach to developing reactive applications using Spring and will help you get up and running in no time. Complete with step-by-step explanations, practical examples, and self-assessment questions, the book begins by explaining the essential concepts of reactive programming, Spring Framework, and Spring Security. You’ll then learn about a variety of authentication mechanisms and how to integrate them easily with a Spring MVC application. You’ll also understand how to achieve authorization in a Spring WebFlux application using Spring Security. Furthermore, the book will take you through the configuration required to implement OAuth2 for securing REST APIs, and guide you in integrating security in microservices and serverless applications. Finally, you’ll be able to augment add-ons that will enhance any Spring Security module. By the end of the book, you’ll be equipped to integrate Spring Security into your Java enterprise applications proficiently.
Table of Contents (15 chapters)
Title Page
Copyright and Credits
Packt Upsell

The Crypto module

The Spring Security Crypto module allows you to do password encoding, symmetric encryption, and key generation. The module is bundled as part of the core Spring Security offering with no dependency upon other Spring Security code.

Password encoding

Modernized password encoding is one of the new features of Spring Security 5. Spring Security's PasswordEncoder interface is central to it and does one-way hashing of passwords using various algorithms, which can then be stored securely. Spring Security supports a number of password-encoding algorithms:

  • BcryptPasswordEncoder: This uses the Bcrypt strong hash function. You can optionally supply the strength parameter (default value is 10); the higher the value, the more work has to be done to hash the password.
  • Pbkdf2PasswordEncoder: This uses Password-Based Key Derivation Function 2 (PKDF2) with a configurable number of iterations and an 8-byte random salt value.
  • ScryptPasswordEncoder: This uses the Scrypt hashing function. While...