1 Security today
This chapter covers
- What Spring Security is and what you can solve by using it
- What security is for a software application
- Why software security is essential and why you should care
- Common vulnerabilities that you’ll encounter at the application level
Today more and more developers are becoming aware of security. It’s not, unfortunately, a common practice to take responsibility for security from the beginning of the development of a software application. This attitude should change, and everyone involved in developing a software system should learn to consider security from the start.
Generally, as developers, we start by learning that the purpose of an application is to solve business cases. This purpose refers to something where data could be processed somehow, persisted, and eventually displayed to the user in a specific way as specified by some requirements. This overview of software development, which is somehow imposed from the early ages of learning development, has the unfortunate disadvantage of hiding practices that are also part of the process. While the application works correctly from the user’s perspective, and in the end, it does what the user expects in terms of functionalities, there are lots of aspects hidden in the final result.