6 Implementing additional security with Spring Security
This chapter covers:
- Configuring advanced security configurations – Securing passwords with Spring Cloud Vault, Remember Me, and Google reCAPTCHA
- Enabling Multi-Factor Authentication – Email Verification, Two Factor Authentication with Google Authenticator
- Implementing login with OAuth2 in a Spring Boot application
- Securing Spring Boot Actuator endpoints with Spring Security
In chapter 5, we’ve introduced you to Spring Security and provided an introduction to the various Spring Security concepts. Further, we’ve explored several techniques to use Spring Security in a Spring Boot application. In this chapter, you’ll use the foundational concepts from the previous chapter and implement several advanced security features in your Spring Boot application using Spring Security. Some of these features include enabling HTTPS, storing passwords in Hashicorp Vault, implementing Remember me, reCAPTCHA, Email verification, Two Factor Authentication etc.
You can use Spring Security to implement several advanced application security features in a Spring Boot application. Some of these features are widely used in production applications and implementing these in your Spring Boot application can certainly enhance the application security. Let us summarizes the features that you’ll implement in this chapter: