This chapter covers
- Configuring advanced security configurations, including securing passwords with Spring Cloud Vault, Remember Me, and Google reCAPTCHA
- Enabling multi-factor authentication, including email verification and two-factor authentication with Google Authenticator
- Implementing login with OAuth2 in a Spring Boot application
- Securing Spring Boot Actuator endpoints with Spring Security
In chapter 5, we introduced you to Spring Security and provided an introduction to various Spring Security concepts. Further, we’ve explored several techniques for using Spring Security in a Spring Boot application. In this chapter, you’ll use the foundational concepts from the previous chapter and implement several advanced security features in your Spring Boot application using Spring Security. Some of these features include enabling HTTPS; storing passwords in HashiCorp Vault; and implementing Remember Me, reCAPTCHA, email verification, two-factor authentication, and more.
You can use Spring Security to implement several advanced application security features in a Spring Boot application. Some of these features are widely used in production applications, and implementing these in your Spring Boot application can certainly enhance application security. Let’s summarize the features you’ll implement in this chapter: