LEADER 05724nam 2200685Ia 450 001 9910438096803321 005 20200520144314.0 010 $a9781430248194 010 $a143024819X 024 7 $a10.1007/978-1-4302-4819-4 035 $a(OCoLC)845404636 035 $a(MiFhGG)GVRL6VOO 035 $a(CaSebORM)9781430248187 035 $a(OCoLC)848884034 035 $a(OCoLC)ocn848884034 035 $a(CKB)2670000000387780 035 $a(MiAaPQ)EBC1317476 035 $a(EXLCZ)992670000000387780 100 $a20130524d2013 uy 0 101 0 $aeng 135 $aurun|---uuuua 181 $ctxt 182 $cc 183 $acr 200 10$aPro Spring security /$fCarlo Scarioni ; technical reviewer, Manuel Jordan Elera 205 $a1st ed. 2013. 210 $a[Berkeley, CA] $cApress ;$aNew York $cSpringer$dc2013 215 $a1 online resource (xx, 318 pages) $cillustrations (some color) 225 1 $aThe expert's voice in Spring 300 $aIncludes index. 311 08$a9781430248187 311 08$a1430248181 327 $aCover; Title Page; Copyright Page; Contents at a Glance; Table of Contents; About the Author; About the Technical Reviewer; CHAPTER 1 The Scope of Security; The Network Security Layer; The Operating System Layer; The Application Layer; Authentication; Authorization; ACLs; Authentication and Authorization: General Concepts; What to Secure; More Security Concerns; Java Options for Security; Summary; CHAPTER 2 Introducing Spring Security; What Is Spring Security?; Where Does Spring Security Fit In?; Spring Security and Spring; Spring Framework: A Quick Overview; Dependency Injection 327 $aAspect Oriented Programming (AOP)An Initial Spring Security Secured Application; Adding Spring Security (and Spring Core Itself ) to the Project; Spring Security Source; Configuring the Web Project To Be Aware of Spring Security; Understanding the Simple Application; Summary; CHAPTER 3 Spring Security Architecture and Design; What Components Make Up Spring Security?; The 10,000-Foot View; The 1,000-Foot View; The 100-Foot View; The Security Interceptor; The XML Namespace; The Filters and Filter Chain; ConfigAttribute; The Authentication Object; SecurityContext and SecurityContextHolder 327 $aAuthenticationProviderAccessDecisionManager; AffirmativeBased; ConsensusBased; UnanimousBased; AccessDecisionVoter; UserDetailsService and AuthenticationUserDetailsService; UserDetails; ACL; JSP Taglib; Good Design and Patterns in Spring Security; Strategy Pattern; Decorator Pattern; SRP; DI; Summary; CHAPTER 4 Web Security; Introducing the Simple Example Application; The Special URLs; Custom Login Form; Basic HTTP Authentication; Digest Authentication; Remember-Me Authentication; Allowing Remember-Me Access to Selected Parts of the Application; Logging Out 327 $aThe Session (javax.servlet.http.HttpSession) and the SecurityContextBeyond Simple User Roles: Using Spring Expression Language to Secure the Web Layer; Extend with Your Own Expressions; Switching to a Different User; Session Management; Using Different Pattern Matchers for Matching Requests; Forcing the Request to HTTPS; Using the JSP Taglib; Role Hierarchies; Summary; CHAPTER 5 Securing the Service Layer; The Limitations of Web-Level Security; What Is Business Service-Level Security?; Setting Up the Example for the Chapter; How the Described Actions Happen Under the Hood 327 $aCreating a Business Layer in Your Application@RolesAllowed Annotation; Securing the Application Using SpEL Expressions; Securing the Data Returned from a Method; Filtering Collections Sent and Returned from Methods; Security Defined in XML; Security Without a Web Layer; Using AspectJ AOP instead of Spring AOP; Summary; CHAPTER 6 Configuring Alternative Authentication Providers; Database-Provided Authentication; Creating the Basic Tables; Using Groups; Using Existing Schemas; LDAP Authentication; Installing and Configuring LDAP 327 $aOther Attributes and Elements in the LDAP Spring Security Namespace 330 $aSecurity is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications by using the Spring Security Framework. Provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications. 410 0$aExpert's voice in Spring. 606 $aApplication software$xSecurity measures 606 $aApplication software$xDevelopment 606 $aJava (Computer program language) 606 $aWeb site development 606 $aComputer networks$xSecurity measures 615 0$aApplication software$xSecurity measures. 615 0$aApplication software$xDevelopment. 615 0$aJava (Computer program language) 615 0$aWeb site development. 615 0$aComputer networks$xSecurity measures. 676 $a005.3 700 $aScarioni$b Carlo$0998907 701 $aElera$b Manuel Jordan$01751820 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a9910438096803321 996 $aPro Spring security$94186931 997 $aUNINA