Pro Spring security / / Carlo Scarioni ; technical reviewer, Manuel Jordan Elera
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Autore: |
Scarioni Carlo
|
| Titolo: |
Pro Spring security / / Carlo Scarioni ; technical reviewer, Manuel Jordan Elera
|
| Pubblicazione: | [Berkeley, CA], : Apress |
| New York, : Springer, c2013 | |
| Edizione: | 1st ed. 2013. |
| Descrizione fisica: | 1 online resource (xx, 318 pages) : illustrations (some color) |
| Disciplina: | 005.3 |
| Soggetto topico: | Application software - Security measures |
| Application software - Development | |
| Java (Computer program language) | |
| Web site development | |
| Computer networks - Security measures | |
| Altri autori: |
EleraManuel Jordan
|
| Note generali: | Includes index. |
| Nota di contenuto: | Cover; Title Page; Copyright Page; Contents at a Glance; Table of Contents; About the Author; About the Technical Reviewer; CHAPTER 1 The Scope of Security; The Network Security Layer; The Operating System Layer; The Application Layer; Authentication; Authorization; ACLs; Authentication and Authorization: General Concepts; What to Secure; More Security Concerns; Java Options for Security; Summary; CHAPTER 2 Introducing Spring Security; What Is Spring Security?; Where Does Spring Security Fit In?; Spring Security and Spring; Spring Framework: A Quick Overview; Dependency Injection |
| Aspect Oriented Programming (AOP)An Initial Spring Security Secured Application; Adding Spring Security (and Spring Core Itself ) to the Project; Spring Security Source; Configuring the Web Project To Be Aware of Spring Security; Understanding the Simple Application; Summary; CHAPTER 3 Spring Security Architecture and Design; What Components Make Up Spring Security?; The 10,000-Foot View; The 1,000-Foot View; The 100-Foot View; The Security Interceptor; The XML Namespace; The Filters and Filter Chain; ConfigAttribute; The Authentication Object; SecurityContext and SecurityContextHolder | |
| AuthenticationProviderAccessDecisionManager; AffirmativeBased; ConsensusBased; UnanimousBased; AccessDecisionVoter; UserDetailsService and AuthenticationUserDetailsService; UserDetails; ACL; JSP Taglib; Good Design and Patterns in Spring Security; Strategy Pattern; Decorator Pattern; SRP; DI; Summary; CHAPTER 4 Web Security; Introducing the Simple Example Application; The Special URLs; Custom Login Form; Basic HTTP Authentication; Digest Authentication; Remember-Me Authentication; Allowing Remember-Me Access to Selected Parts of the Application; Logging Out | |
| The Session (javax.servlet. http.HttpSession) and the SecurityContextBeyond Simple User Roles: Using Spring Expression Language to Secure the Web Layer; Extend with Your Own Expressions; Switching to a Different User; Session Management; Using Different Pattern Matchers for Matching Requests; Forcing the Request to HTTPS; Using the JSP Taglib; Role Hierarchies; Summary; CHAPTER 5 Securing the Service Layer; The Limitations of Web-Level Security; What Is Business Service-Level Security?; Setting Up the Example for the Chapter; How the Described Actions Happen Under the Hood | |
| Creating a Business Layer in Your Application@RolesAllowed Annotation; Securing the Application Using SpEL Expressions; Securing the Data Returned from a Method; Filtering Collections Sent and Returned from Methods; Security Defined in XML; Security Without a Web Layer; Using AspectJ AOP instead of Spring AOP; Summary; CHAPTER 6 Configuring Alternative Authentication Providers; Database-Provided Authentication; Creating the Basic Tables; Using Groups; Using Existing Schemas; LDAP Authentication; Installing and Configuring LDAP | |
| Other Attributes and Elements in the LDAP Spring Security Namespace | |
| Sommario/riassunto: | Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications by using the Spring Security Framework. Provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications. |
| Titolo autorizzato: | Pro Spring security |
| ISBN: | 9781430248194 |
| 143024819X | |
| Formato: | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 9910438096803321 |
| Lo trovi qui: | Univ. Federico II |
| Opac: | Controlla la disponibilità qui |
Serie:
Expert's voice in Spring.