Spring Security Its predecessor is Acegi Security, In being stored as Spring The subproject was officially renamed Spring
Security. When the author finished the book ,Spring
Security Has been upgraded to 5.1.3.RELEASE edition , Added native OAuth2.0 frame , Support more modern password encryption .
Predictable , stay Java Application security field ,Spring Security Will be the first solution to be respected , Just like when we see the server, we think of it Linux Just as natural General catalogue :
statement :Spring Security King promotion document And related brain maps
Due to space, etc , Most are shown in screenshots , Therefore, the source file can be provided to each interested partner , You can directly view the collection method at the end of the document 100% Free share and download , To the king together ! The first 1 part
*
First acquaintance Spring Security
*
Form authentication
*
Certification and authorization
The first 2 part
*
Implement graphic verification code
*
Automatic login and logout ,
*
session management
*
Password encryption
*
Cross domain and CORS
*
Protection against cross domain Request Forgery
*
Single sign on and CAS
*
HTTP authentication
*
@EnableWebSecurity And filter chain mechanism
The first 3 part
*
use Spring Social realization OAuth Docking
The first 4 part use Spring Security OAuth realization OAuth Docking
For the convenience of teaching , A background management system for semi-finished products has been prepared here in advance , And want to improve another part , You need it SpringSecurity Yes ! The first 5 part : Realization of authentication function
*
Case introduction
*
First knowledge of authority management
*
First acquaintance Spring Security
*
Spring Security Filter chain
*
SpringSecurity Use custom authentication page
*
SpringSecurity Use database data to complete authentication
The first 6 part : to grant authorization
*
Set user status
*
Log out
*
remember me
*
Displays the current authenticated user name
*
Authorization preparation
*
Dynamic display menu
*
Authorized operation
*
Insufficient permission exception handling
The first 7 part : integration SpringBoot
*
SpringSecurity integration SpringBoot Centralized version
*
Technology selection
*
Initial integration certification First Edition
*
Integrated certification Second Edition 【 join jsp Use custom authentication page 】
*
Integrated certification Third Edition 【 Database authentication 】
*
Integrate and implement authorization functions
*
SpringSecurity integration SpringBoot Distributed version
*
Distributed authentication concept description
*
Distributed authentication flow chart
*
JWT introduce
*
SpringSecurity+JWT+RSA Analysis of distributed authentication
*
SpringSecurity+JWT+RSA Distributed authentication implementation
The first 8 part :OAuth2.0
*
Concept description
*
Usage scenario
*
explain
*
Create table statement
*
Table field description
*
Create parent project and import jar package
*
Create resource module
*
Create authorization module
*
test
*
Manually add client information to the database
*
Authorization code mode test
*
Simplified mode test
*
Password mode test
*
Client mode test
Many times , The security of a system completely depends on the security awareness of system developers . for example , We've never heard of it before SQL Injection time , How do you realize to be right SQL Injection for protection ? about Web There are many attacks on system security , such as
XSS,CSRF etc. , More attack methods will be exposed in the future , Only after we fully understand its attack principle , In order to put forward perfect and effective protection strategies . study Spring
Security Not limited to reduction Java Application security development cost , adopt SpringSecurity It is also important to understand common security attack methods and corresponding protection methods , These exist without specific development languages .
statement :Spring Security King promotion document And related brain maps
Due to space, etc , Most are shown in screenshots , Therefore, the source file can be provided to each interested partner , After you like it, leave me a message and get it for free .
Technology
Daily Recommendation