Chapter 11. Protecting your application

 

This chapter covers

  • What security means
  • How to protect against common attacks
  • How to implement access control
  • Advanced security techniques

Hubbub looks good now, so perhaps it’s ready to go public. The problem with going public, however, is that it’s a big bad world out there with plenty of agents who might want to hack user accounts, steal passwords, or perform a denial of service on your site. It’s a sad fact of life, but you need to make sure that Hubbub can survive in the wild, which means hardening it against attacks.

Security is a huge field that includes business processes, identification, network hardening, systems setup, and more. We mention this because it’s worth bearing in mind that what you’ll focus on in this chapter is a small, Grails-centric bit.

We’ll cover the two most important aspects of security for Grails developers: handling user input and implementing access control. These represent the most common vulnerabilities and the most common requirement of web applications, respectively. You’ll also learn about Secure Sockets Layer (SSL) and how to set that up.

11.1. Dealing with untrusted data and networks

11.2. Access control

11.3. Further exploration of Spring Security

11.4. Summary and best practices

sitemap