Spring Security 3 - Mularien_ Peter.pdf

(5520 KB) Pobierz
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
878797494.021.png
Spring Security 3
Secure your web applications against malicious
intruders with this easy to follow practical guide
Peter Mularien
BIRMINGHAM - MUMBAI
878797494.022.png 878797494.023.png 878797494.024.png 878797494.001.png 878797494.002.png 878797494.003.png 878797494.004.png 878797494.005.png 878797494.006.png 878797494.007.png 878797494.008.png 878797494.009.png 878797494.010.png 878797494.011.png 878797494.012.png 878797494.013.png 878797494.014.png 878797494.015.png
Spring Security 3
Copyright © 2010 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval
system, or transmitted in any form or by any means, without the prior written
permission of the publisher, except in the case of brief quotations embedded in
critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of
the information presented. However, the information contained in this book is sold
without warranty, either express or implied. Neither the author, Packt Publishing,
nor its dealers or distributors will be held liable for any damages caused or alleged
to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all the
companies and products mentioned in this book by the appropriate use of capitals.
However, Packt Publishing cannot guarantee the accuracy of this information.
First published: May 2010
Production Reference: 1190510
Published by Packt Publishing Ltd.
32 Lincoln Road
Olton
Birmingham, B27 6PA, UK.
ISBN 978-1-847199-74-4
www.packtpub.com
Cover Image by Asher Wishkerman ( a.wishkerman@mpic.de )
Credits
Author
Editorial Team Leader
Gagandeep Singh
Peter Mularien
Reviewers
Project Team Leader
Scott Battaglia
Carlos Sanchez
Lata Basantani
Project Coordinator
Acquisition Editor
Poorvi Nair
Steven Wilding
Proofreader
Development Editor
Lesley Harrison
Neha Patwari
Graphics
Technical Editors
Geetanjali Sawant
Meeta Rajani
Sandesh Modhe
Production Coordinator
Aparna Bhagat
Indexer
Hemangini Bari
Cover Work
Aparna Bhagat
878797494.016.png 878797494.017.png 878797494.018.png 878797494.019.png 878797494.020.png
Foreword
Spring Security was started by Ben Alex in 2003, when it was called "The Acegi
Security System for Spring" or more commonly just "Acegi Security". Over the years,
it developed under Ben's leadership into a sophisticated authentication and access-
control system and became widely adopted as the standard solution for securing
Spring Framework based applications. In the early days, there was always a small
band of contributors scattered about the globe, some of whom came and went,
some of whom are still active committers. I irst became involved in 2004. Project
discussions took place at strange hours of the day, due to the time differences and
it was at least a couple of years before I met Ben in person, when he was on a trip
to Europe from his native Australia. Now we both work full-time for SpringSource,
and Spring Security, which is an oficial Spring Portfolio project, used in critical
applications all over the planet.
Spring Security always had trouble shaking off the reputation of being dificult
to learn. It is a "hands-on" framework where people are encouraged to customize
or extend the code to fulill requirements that go beyond the basic out of the box
options. Most things are possible, but sometimes an in-depth understanding of the
internals is needed to satisfy a requirement, and that understanding mainly comes
with experience. The XML namespace coniguration options that were introduced in
Spring Security 2.0 allow users to get started with simple use cases, but the learning
curve can be frustrating for those who want to take advantage of the full power of
the framework. This is compounded by the fact that security is a complex subject in
general, with a whole new set of unfamiliar concepts and, of course, any software
developer involved in securing an application must also be a competent engineer
with knowledge of technologies and protocols, which many developers are barely
aware of. For anyone faced with a deadline, the prospect of getting up-to-speed can
be daunting.
This is the irst book dedicated to Spring Security and it will provide all the help
you need to get started, illustrated with plenty of concrete practical examples, as
well as detailed coverage of more advanced topics such as internal Spring Security
architecture, customization, and integration with single sign-on systems such as
CAS, OpenID, and Kerberos. Its publication is well-timed as it covers the recent
Spring Security 3.0 release, which involved a major restructuring of the project.

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin