5 Securing Spring Boot applications

This chapter covers

An overview of Spring Security and common security threats
Enabling Spring Security in a Spring Boot application and understanding Spring Security autoconfiguration
Customizing Spring Security with in-memory, JDBC, and LDAP authentication
Implementing HTTP basic authentication in a Spring Boot project

In past chapters, you learned several essential techniques to build Spring Boot applications, and you are now well-versed in core Spring Boot concepts, understand several techniques to communicate to the database, can monitor Spring Boot applications with Spring Boot Actuator, and are in a position to start building enterprise-grade Spring Boot applications. However, before you get super excited and announce to the world your newly acquired skills, there is another essential technique that you need to master. What about the security of our Spring Boot applications? In this chapter, you’ll explore several techniques to secure Spring Boot applications with Spring Security.

5.1 Introducing Spring Security

5.2 Hello Spring Security with Spring Boot

5.2.1 Technique: Enabling application security with Spring Security in a Spring Boot application

5.2.2 Filter, FilterChain, and Spring Security

5.2.3 Spring Security architecture

5.2.4 Authenticating a user

5.2.5 Spring Security autoconfiguration

5.3 Using Spring Security

5.3.1 Technique: Customizing the default Spring Security login page of a Spring Boot application

5.3.2 Technique: Configuring in-memory authentication with custom users in Spring Security in a Spring Boot application

5.3.3 Technique: Configuring JDBC authentication with Spring Security in a Spring Boot application

5.3.4 Technique: Implementing JDBC authentication with custom UserDetailsService in a Spring Boot application

5.3.5 Technique: Implementing LDAP authentication in a Spring Boot application

5.3.6 Technique: Implementing HTTP basic authentication in a Spring Boot application

Summary