Index
A
- Access Control List (ACL) / Domain instance
- addons
- URL / Modules in Reactor
- advanced REST API security
- about / Advanced REST API security
- OAuth2 roles / OAuth2 roles
- Access Token / Access Token and Refresh Token
- Refresh Token / Access Token and Refresh Token
- annotation
- voting-based annotations / Method invocation
- JSR-250 security annotations / Method invocation
- expression-based annotation / Method invocation
- annotation-based / Handler and router
- application
- about / Sample application
- base project setup / Base project setup
- Spring Security setup / Spring Security setup
- executing / Running the application
- executing, in-memory user storage / In-memory user storage
- executing, as Spring Boot application / Run as Spring Boot
- application security / Application security
- Aspect-Oriented Programming (AOP) / Core Spring Security modules, Method invocation
- authentication
- about / Authentication
- AuthenticationManager, setting up / Setting up AuthenticationManager
- AuthenticationProvider / AuthenticationProvider
- AuthenticationManager
- setting up / Setting up AuthenticationManager
- AuthenticationProvider
- about / AuthenticationProvider
- custom AuthenticationProvider / Custom AuthenticationProvider
- multiple AuthenticationProvider / Multiple AuthenticationProvider
- authorization
- about / Authorization, Authorization
- web URL / Web URL
- method invocation / Method invocation
- domain instance / Domain instance
- method security / Method security
- authorization grant, types
- authorization code flow / Authorization code flow
- implicit flow / Implicit flow
- authorization server
- Maven dependencies / Maven dependencies
- Spring Boot run class / Spring Boot run class
- Spring Security config / Spring Security config
- application properties / Application properties
B
- backpressure / Backpressure
- bean configuration, CAS client setup
- ServiceProperties bean / ServiceProperties bean
- AuthenticationEntryPoint bean / AuthenticationEntryPoint bean
- TicketValidator bean / TicketValidator bean
- CasAuthenticationProvider bean / CasAuthenticationProvider bean
C
- CAS client setup
- about / CAS client setup
- Bootstrap Spring project using Spring Initializr / Bootstrap Spring project using Spring Initializr
- CAS libraries, including in pom.xml / Including CAS libraries in pom.xml
- application.properties file, changing / Changing the application.properties file
- bean configuration / Additional bean configuration
- Spring Security, setting up / Setting up Spring Security
- CasAuthenticationFilter bean, creating / Creating the CasAuthenticationFilter bean
- controller, setting up / Setting up the controller
- CAS server setup
- Git clone / Git clone
- additional dependencies, adding / Adding additional dependencies
- resource folder, setting up / Setting up the resources folder in the project
- application.properties file, creating / Creating the application.properties file
- local SSL keystore, creating / Creating a local SSL keystore
- .crt file, creating / Creating the .crt file to be used by the client
- .crt file, exporting to Java / Exporting the .crt file to Java and the JRE cacert keystore
- project, executing / Building a CAS server project and running it
- Central Authentication Service (CAS)
- about / CAS
- server setup / CAS server setup
- client, setting up / CAS client setup
- executing / Running the application
- channel security / Channel security
- claim / Payload
- Clickjacking / Spring Security
- client application
- about / Client application
- Spring Boot class / Spring Boot class
- OAuth client config / OAuth client config
- Spring Security config / Spring Security config
- controller classes / Controller classes
- templates / Templates
- properties / Application properties
- client registration, with CAS server
- JSON service configuration / JSON service configuration
- Cold Observable / Data stream types
- Cold Publisher / Data stream types
- Cold Source / Data stream types
- configuration files, JAAS
- application configuration / Configuration files
- Spring MVC configuration / Spring MVC configuration
- Spring Security configuration / Spring Security configuration
- controllers / Controllers
- pages, setting up / Setting up pages
- Content Security Policy (CSP)
- about / CSP
- URL / CSP
- Spring Security, using / CSP using Spring Security
- core features, Spring Security
- authentication / Authentication
- authorization / Authorization
- Cross-Origin Resource Sharing (CORS)
- URL / CORS Support
- about / CORS Support
- Cross-Site Request Forgery (CSRF)
- about / Spring Security, CSRF
- URL / CSRF
- Cross Site Scripting (XSS) / CSP
- Crypto module
- about / The Crypto module
- password encoding / Password encoding
- encryption / Encryption
- key generation / Key generation
- custom AuthenticationEntryPoint
- about / Custom AuthenticationEntryPoint
- multiple AuthenticationEntryPoint / Multiple AuthenticationEntryPoint
- custom DSL / Custom DSL
- custom filters / Custom filters
- customization
- about / Customization
- custom filters, writing / Writing custom filters
- WebFilter, using / Using WebFilter
- HandlerFilterFunction, using / Using HandlerFilterFunction
D
- data stream, types
- about / Data stream types
- cold data streams / Data stream types
- hot data streams / Data stream types
- Development + Operations (DevOps) / Application security
- DevSecOps / Application security
- Domain Specific Language (DSL) / Custom DSL
E
- Enterprise JavaBeans 3.0 (EJB 3) / Method invocation
- European Union (EU) / New-generation application requirements
- eXtensible Markup Language (XML) / REST
F
- Filter Chain / Filter Chain
- First In, First Out (FIFO) / Spring MVC versus WebFlux
- Flow Concurrency / JDK 9 additions
- functional-based / Handler and router
G
- General Data Protection Regulation (GDPR) / New-generation application requirements
H
- HandlerFunction / HandlerFunction
- HDIV Security
- URL / What is HDIV?
- Hot Observable / Data stream types
- Hot Publisher / Data stream types
- Hot Source / Data stream types
- HTTP Data Integrity Validator (HDIV)
- about / HTTP Data Integrity Validator, What is HDIV?
- Bootstrap project / The Bootstrap project
- Maven dependencies / Maven dependencies
- Spring Security configuration / Spring Security configuration
- Spring MVC configuration / Spring MVC configuration
- configuration / HDIV configuration
- model class / The Model class
- controller class / The Controller class
- pages / Pages
- application, executing / Running the application
- Hypertext Transfer Protocol (HTTP) / REST
I
- Identity Provider (IdP) / Security Assertion Markup Language
J
- Java Authentication and Authorization Service (JAAS)
- about / Java Authentication and Authorization Service
- reference / Java Authentication and Authorization Service
- project, setting up / Setting up a project
- Maven project, setting up / Setting up Maven project
- LoginModule, setting up / Setting up LoginModule
- custom principal, setting up / Setting up a custom principal
- custom AuthorityGranter, setting up / Setting up a custom AuthorityGranter
- configuration files / Configuration files
- executing / Running the application
- Java Community Process (JCP) / Reactive Streams and Reactive Streams Specifications
- Java Compatibility Kit (JCK) / Reactive Streams and Reactive Streams Specifications
- JavaScript Object Notation (JSON) / REST
- Java Server Faces (JSF) / Modern application architecture
- Java Server Page (JSP) / CSRF
- Java Specification Request (JSR) / Reactive Streams and Reactive Streams Specifications
- JDK 9, additions
- about / JDK 9 additions
- interfaces / Important interfaces
- Publisher interface / The Publisher Interface
- Subscriber Interface / The Subscriber Interface
- Subscription interface / The Subscription interface
- Processor interface / The Processor interface
- JSON Web Token (JWT)
- about / JSON Web Token (JWT)
- advantages / JSON Web Token (JWT)
K
- Kafka
- URL / Modules in Reactor
- Kerberos / Core Spring Security modules, Kerberos
L
- Lightweight Directory Access Protocol (LDAP)
- about / Core Spring Security modules, Lightweight Directory Access Protocol
- dependencies, setting up in pom.xml file / Set up dependencies in the pom.xml file
- Spring Security configuration / Spring Security configuration
- server, setting up / LDAP server setup
- users, setting up in server / Setting up users in the LDAP server
- URL / Setting up users in the LDAP server
- application, executing / Running the application
- application in action / Seeing the application in action on a browser
M
- manifesto
- URL / Reactive Manifesto
- Maven
- setting up / Maven setup
- modern application architecture
- about / Modern application architecture
- modules, Project Reactor
- Reactor Core / Modules in Reactor
- Reactor IO / Modules in Reactor
- addons / Modules in Reactor
- Reactive Streams Commons / Modules in Reactor
N
- Netty
- URL / Modules in Reactor
- new-generation application
- prerequisites / New-generation application requirements
- non-blocking / Non-blocking
- NullPointerException (NPE) / Reactive Streams and Reactive Streams Specifications
O
- OAuth
- about / OAuth2 and OpenID Connect
- Bootstrap Spring project, with Spring Initializr / Bootstrap Spring project using Spring Initializr
- libraries, inclusion in pom.xml / Inclusion of OAuth libraries in pom.xml
- provider details, setting up in application.properties / Setting up provider details in application.properties
- provider setup / Provider setup
- default application change / Default application change
- HomeController class / The HomeController class
- home.jsp file / The home.jsp file
- Spring Boot main application class change / Spring Boot main application class change
- application, executing / Running the application
- OAuth 1.0
- OAuth2 / OAuth2 and Spring WebFlux
- OAuth2, roles
- about / OAuth2 roles
- resource owner / Resource owner
- OAuth 2.0
- Open ID Connect (OIDC) / OAuth2 and OpenID Connect
- Open Web Application Security Project (OWASP) / CSRF
P
- Password-Based Key Derivation Function 2 (PKDF2) / Password encoding
- PasswordEncoder
- about / PasswordEncoder
- salt string / Salt
- Pluggable Authentication Module (PAM) framework / Java Authentication and Authorization Service
- Project Reactor
- modules / Modules in Reactor
- reactive types, in Reactor Core / Reactive types in Reactor Core
- data stream types / Data stream types
- reactor / Reactor and RxJava
- RxJava / Reactor and RxJava
- project setup
- about / Base project setup
- Maven project, creating in IntelliJ IDEA / Step 1—Create a Maven project in IntelliJ IDEA
- pom.xml changes / Step 2—pom.xml changes
- MySQL database schema setup / Step 3—MySQL database schema setup
- MySQL database properties, setting up / Step 4—Setting up MySQL database properties in your project
- Spring application configuration / Step 5—Spring application configuration
- web application configuration / Step 6—Web application configuration
- Spring MVC setup / Step 7—Spring MVC setup
- controller setup / Step 8—Controller setup
- JSP creation / Step 9—JSP creation
Q
- Quality of Service (QoS) / Responsive
R
- reactive applications
- about / Reactive applications, Spring Framework and reactive applications
- Reactive Manifesto / Reactive Manifesto
- Reactive Extensions (Rx)
- references / Reactive Extensions
- about / Reactive Extensions
- URL / Reactive Extensions
- Reactive Landscape
- in Java / Reactive Landscape in Java
- Reactive Streams / Reactive Streams and Reactive Streams Specifications
- Reactive Streams Specifications / Reactive Streams and Reactive Streams Specifications
- non-blocking / Non-blocking
- backpressure / Backpressure
- Reactive Extensions / Reactive Extensions
- Reactive Manifesto
- URL / Reactive Manifesto
- about / Reactive Manifesto
- responsive / Responsive
- resilience /
- elastic / Elastic
- message-driven / Message-driven
- reactive programming / Reactive programming
- reactive REST API / Reactive REST API
- Reactive Streams
- Reactive Streams Commons
- URL / Modules in Reactor
- Reactive Streams Specification / Reactive Streams and Reactive Streams Specifications
- Reactive Web Application
- about / Reactive Web Application
- Spring WebFlux / Spring WebFlux
- Reactive Spring Web / Reactive Spring Web
- WebClient / WebClient
- WebSockets / WebSockets
- Reactor Core
- URL / Modules in Reactor
- Reactor Core, types
- about / Reactive types in Reactor Core
- Flux reactive type / The Flux reative type
- mono reactive type / The Mono reactive type
- Reactor Core library / Spring Framework
- Reactor Flux
- URL / The Flux reative type
- Reactor IO
- URL / Modules in Reactor
- Remember-me authentication
- about / Remember-me authentication
- table, creating in MySQL database / Creating a new table in MySQL database
- Spring Security configuration / Spring Security configuration
- custom login page / The custom login page
- application, executing / Running the application and testing
- application, testing / Running the application and testing
- Representational State Transfer (REST) / REST
- resource server
- about / Resource server
- Maven dependencies / Maven dependencies
- Spring Boot run class / Spring Boot run class
- configuration / Resource server config
- Spring Security config / Spring Security config
- Spring MVC config class / Spring MVC config class
- controller class / Controller class
- application properties / Application properties
- REST API security
- about / Simple REST API security
- Spring Security configuration / Spring Security configuration
- authentication success handler / Authentication success handler
- custom WebFilter / Custom WebFilter namely JWTAuthWebFilter
- controller classes / New controller classes
- application, executing / Running the application and testing
- application, testing / Running the application and testing
- RouterFunction / RouterFunction
- Runtime Application Self Protection (RASP) / What is HDIV?
- RxJava
- URL / RxJava
- about / Reactive Streams and RxJava
S
- sample project
- about / Sample project
- WebFlux project, setting up / WebFlux project setup
- security, adding / Adding security
- WebClient / WebClient
- WebTestClient / Unit testing (WebTestClient)
- Spring Data / Spring Data
- authorization / Authorization
- authorization server / Authorization server
- resource server / Resource server
- client application / Client application
- executing / Running the project
- secret management
- about / Secret management
- Vault, unsealing / Starting by unsealing Vault
- Spring Boot project / The Spring Boot project
- Maven dependency / The Maven dependency
- Secure Sockets Layer (SSL) / REST
- security
- adding / Adding security
- configuration classes / Configuration classes
- UserDetailsService bean / The UserDetailsService bean
- SpringSecurityFilterChain bean / The SpringSecurityFilterChain bean
- application, executing / Running the application
- CURL / CURL
- browser / Browser
- Security Assertion Markup Language (SAML)
- about / Core Spring Security modules, Security Assertion Markup Language
- SSO provider, setting up / Setting up an SSO provider
- project, setting up / Setting up the project
- pom.xml file, setting up / The pom.xml file setup
- application.yml file, setting up / The application.yml file setup
- Spring Security configuration files / The Spring Security configuration files
- resources folder, setting up / The resources folder setup
- application, executing / Running and testing the application
- application, testing / Running and testing the application
- Security Identity (SID) / Domain instance
- Security Interceptor / Security Interceptor (DelegatingFilterProxy)
- Service Provider (SP) / Security Assertion Markup Language
- Servlet Filter
- session-related functions
- session timeout / Other Spring Security capabilities
- concurrent session / Other Spring Security capabilities
- session fixation / Other Spring Security capabilities
- Session Fixation / Spring Security
- session management / Session management
- Single Page Applications (SPAs) / OAuth2 and OpenID Connect
- single sign-on (SSO) / CAS
- Spring Cloud Vault Config
- URL / The Spring Boot project
- Spring Data
- about / Reactive support in Spring 5, Spring Data
- Maven dependency / Maven dependency
- MongoDB configuration / MongoDB configuration
- model, setting up / Setting up a model
- repository, implementing / Implementing a repository
- controller, implementing / Implementing a controller
- application, executing / Running the application
- Spring Expression Language (SpEL) / Method invocation
- Spring Framework
- about / Spring Framework, Spring Framework and reactive applications
- modules, in Project Reactor / Modules in Reactor
- Reactive Web Application / Reactive Web Application
- Spring Framework 5
- reactive support / Reactive support in Spring 5
- reactive program, using in Spring MVC / Reactive in Spring MVC
- Spring Initializr
- Spring MVC
- versus WebFlux / Spring MVC versus WebFlux
- selection, determining / When to choose what?
- Spring Security
- about / Spring Security, Reactive support in Spring 5
- terminologies / Spring Security terminologies
- core features / Spring Security's core features
- working on / Working of Spring Security
- Servlet Filter / Servlet Filter
- Filter Chain / Filter Chain
- Security Interceptor / Security Interceptor (DelegatingFilterProxy)
- URL / Core Spring Security modules
- Spring Security 5
- features / Spring Security 5's new features
- Spring Security capabilities
- remember-me authentication / Other Spring Security capabilities
- Cross Site Request Forgery (CSRF) / Other Spring Security capabilities
- Cross-Origin Resource Sharing (CORS) / Other Spring Security capabilities
- session management / Other Spring Security capabilities
- Spring Security modules
- about / Core Spring Security modules
- core / Core Spring Security modules
- remoting / Core Spring Security modules
- aspect / Core Spring Security modules
- config / Core Spring Security modules
- crypto / Core Spring Security modules
- data / Core Spring Security modules
- OAuth2 / Core Spring Security modules
- OpenID / Core Spring Security modules
- Spring Security setup
- about / Spring Security setup
- configuration setup / Step 1—Spring Security configuration setup
- for web application / Step 2—Spring Security setup for a web application
- Spring Session / SOFEA
- Spring WebFlux
- versus Spring MVC / Spring MVC versus WebFlux
- selection, determining / When to choose what?
- about / Spring WebFlux, OAuth2 and Spring WebFlux
- annotations, using / Spring WebFlux
- functional style, using / Spring WebFlux
- HandlerFunction / HandlerFunction
- RouterFunction / RouterFunction
- server support / Spring WebFlux server support
- Reactive WebClient / Reactive WebClient
- Reactive WebTestClient / Reactive WebTestClient
- Reactive WebSocket / Reactive WebSocket
- Spring WebFlux authentication architecture / Spring WebFlux authentication architecture
- Spring WebFlux authorization / Spring WebFlux authorization
- Spring Web Module
- URL / Reactive Spring Web
- SQL Injection (SQLi) / What is HDIV?
T
- Technology Compatibility Kit (TCK) / Reactive Streams and Reactive Streams Specifications
- terminologies, Spring Security
- principal / Spring Security terminologies
- authentication / Spring Security terminologies
- credentials / Spring Security terminologies
- authorization / Spring Security terminologies
- secured item/resource / Spring Security terminologies
- GrantedAuthority / Spring Security terminologies
- SecurityContext / Spring Security terminologies
- Thymeleaf / Reactive support in Spring 5
- ticket-granting-ticket (TGT) / CAS
- token, structure
- about / Structure of a token
- header / Header
- payload / Payload
- signature / Signature
- Transport Layer Security (TLS) / REST
U
- unsealing
V
- Vault
W
- WebClient
- about / Reactive WebClient, WebClient
- Maven, setting up / Maven setup
- instance, creating / Creating a WebClient instance
- errors, handling / Handling errors
- requests, sending / Sending requests and retrieving responses
- responses, retrieving / Sending requests and retrieving responses
- application, testing / Running and testing the application
- application, executing / Running and testing the application
- WebFlux project
- setting up / WebFlux project setup
- Maven, setting up / Maven setup
- configuration class / Configuration class
- SpringWebFluxConfig class / The SpringWebFluxConfig class
- repository / Repository
- router / Handler and router
- handler / Handler and router
- Bootstrap application / Bootstrap application
- application, executing / Running the application
- WebSocket / Reactive WebSocket
- WebTestClient / Reactive WebTestClient
- about / Unit testing (WebTestClient)
- Maven dependency / Maven dependency
- test class / Test class