Book Image

Building RESTful Web Services with Spring 5 - Second Edition

By : Raja CSP Raman, Ludovic Dewailly
Book Image

Building RESTful Web Services with Spring 5 - Second Edition

By: Raja CSP Raman, Ludovic Dewailly

Overview of this book

REST is an architectural style that tackles the challenges of building scalable web services. In today's connected world, APIs have taken a central role on the web. APIs provide the fabric through which systems interact, and REST has become synonymous with APIs.The depth, breadth, and ease of use of Spring makes it one of the most attractive frameworks in the Java ecosystem. Marrying the two technologies is therefore a very natural choice.This book takes you through the design of RESTful web services and leverages the Spring Framework to implement these services. Starting from the basics of the philosophy behind REST, you'll go through the steps of designing and implementing an enterprise-grade RESTful web service. Taking a practical approach, each chapter provides code samples that you can apply to your own circumstances.This second edition brings forth the power of the latest Spring 5.0 release, working with MVC built-in as well as the front end framework. It then goes beyond the use of Spring to explores approaches to tackle resilience, security, and scalability concerns. Improve performance of your applications with the new HTTP 2.0 standards. You'll learn techniques to deal with security in Spring and discover how to implement unit and integration test strategies.Finally, the book ends by walking you through building a Java client for your RESTful web service, along with some scaling techniques using the new Spring Reactive libraries.
Table of Contents (21 chapters)
Title Page
Copyright and Credits
Packt Upsell
Spring Security and JWT (JSON Web Token)

Spring Security

Spring Security is a powerful authentication and authorization framework, which will help us to provide a secure application. By using Spring Security, we can keep all of our REST APIs secured and accessible only by authenticated and authorized calls.

Authentication and authorization

Let's look at an example to explain this. Assume you have a library with many books. Authentication will provide a key to enter the library; however, authorization will give you permission to take a book. Without a key, you can't even enter the library. Even though you have a key to the library, you will be allowed to take only a few books.

JSON Web Token (JWT)

Spring Security can be applied in many forms, including XML configurations using powerful libraries such as JWT. As most companies use JWT in their security, we will focus more on JWT-based security than simple Spring Security, which can be configured in XML.

JWT tokens are URL-safe and web browser-compatible especially for Single Sign-On ...