Book Image

Learning Spring Boot 3.0 - Third Edition

By : Greg L. Turnquist
Book Image

Learning Spring Boot 3.0 - Third Edition

By: Greg L. Turnquist

Overview of this book

Spring Boot 3 brings more than just the powerful ability to build secure web apps on top of a rock-solid database. It delivers new options for testing, deployment, Docker support, and native images for GraalVM, along with ways to squeeze out more efficient usage of existing resources. This third edition of the bestseller starts off by helping you build a simple app, and then shows you how to secure, test, bundle, and deploy it to production. Next, you’ll familiarize yourself with the ability to go “native” and release using GraalVM. As you advance, you’ll explore reactive programming and get a taste of scalable web controllers and data operations. The book goes into detail about GraalVM native images and deployment, teaching you how to secure your application using both routes and method-based rules and enabling you to apply the lessons you’ve learned to any problem. If you want to gain a thorough understanding of building robust applications using the core functionality of Spring Boot, then this is the book for you. By the end of this Spring Boot book, you’ll be able to build an entire suite of web applications using Spring Boot and deploy them to any platform you need.
Table of Contents (17 chapters)
1
Part 1: The Basics of Spring Boot
3
Part 2: Creating an Application with Spring Boot
8
Part 3: Releasing an Application with Spring Boot
12
Part 4: Scaling an Application with Spring Boot

Creating our own users with a custom security policy

Spring Security has a highly pluggable architecture, which we shall take full advantage of throughout this chapter.

The key aspects of securing any application are as follows:

  • Defining the source of users
  • Creating access rules for the users
  • Associating various parts of the app with the access rules
  • Applying the policy to all aspects of the application

Let’s start with the first step and create a source of users. Spring Security comes with an interface for just this task: UserDetailsService.

To leverage this, we’ll start by creating a SecurityConfig Java class with the following code:

@Configuration
public class SecurityConfig {
  @Bean
  public UserDetailsService userDetailsService() {
    UserDetailsManager userDetailsManager = 
      new InMemoryUserDetailsManager();
    userDetailsManager...