Pro Spring Security

Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications by using the Spring Security Framework. Provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications. What you'll learn What the basics of securing a Java application, including core security concepts and the step-by-step configuration to include the Spring Security Framework in your web application What tools are available in Spring security to provide login and logout capabilities, with add-ons such as remember-me and password change functionalities. What are the types of authentication mechanisms tailored for enterprise-level Java applications, including LDAP, the Central Authentication Service, OpenID and X.509. How to dive into each of the application layers to control user access to the different architectural elements of your Java application. You will first apply authorization control to each of the components of the Model-View-Controller tier. How to work with Domain Objects and RESTful web services in our authorization queue in order to fully secure our application by using Access Control Lists, along with Object Level and Method Level authorization. How to explore the powerful Grails framework and how to use Spring security in the context of a Groovy on Grails application. You will earn about the core secu

安全性是開發任何非平凡應用程式的關鍵要素。Spring Security 框架提供了一套全面的功能，用於實現 Java 應用程式的行業標準身份驗證和授權機制。《Pro Spring Security》將成為一本參考書和進階教程，將完成以下任務：
- 通過從頭開始構建一致的示例，引導您實現 Java Web 應用程式的安全功能。
- 通過使用 Spring Security 框架，演示不同的身份驗證和授權方法，以保護企業級應用程式。
- 通過包括構建 RESTful Web 服務和 Grails 應用程式的安全層等最新用例，提供更廣泛的 Spring 安全性概述。

您將學到以下內容：
- 如何保護 Java 應用程式的基礎知識，包括核心安全概念和逐步配置以在 Web 應用程式中包含 Spring Security 框架。
- Spring Security 提供的工具，用於提供登錄和登出功能，以及其他附加功能，如記住我和密碼更改功能。
- 適用於企業級 Java 應用程式的身份驗證機制類型，包括 LDAP、中央身份驗證服務、OpenID 和 X.509。
- 如何深入探索應用程式的每個層級，以控制用戶對 Java 應用程式的不同架構元素的訪問。首先，您將對模型-視圖-控制器層的每個組件應用授權控制。
- 如何在授權隊列中使用領域物件和 RESTful Web 服務，以通過使用存取控制清單、物件層和方法層授權，完全保護我們的應用程式。
- 如何在 Groovy on Grails 應用程式的上下文中探索強大的 Grails 框架，以及如何使用 Spring Security。

您將瞭解核心安全性概念，並學習如何在 Java 應用程式中實施安全性。