Spring Security


  • Spring security overview 
  • Security configuration 
  • Password encoding 
  • Remember me 
  • CSRF

Spring Security Overview

  • Spring Security Features 
  • Provides portable and comprehensive security services for Javabased enterprise software applications 
  • Handles “authentication” and “authorization” 
    • “Authentication” is the process of establishing “a principal is who he claim to be” (a “principal” could be a user, device or some other system) 
    • “Authorization” (“access-control”) refers to the process of deciding “whether a principal is allowed to perform an action or access a resource

Spring Authentication Support 

  • HTTP BASIC authentication headers 
  • Form-based authentication (for simple user interface needs) 
  • HTTP Digest authentication headers 
  • HTTP X.509 client certificate exchange 
  • LDAP (a very common approach to cross-platform authentication needs, especially in large environments) 
  • OpenID authentication 
    • OpenID allows you to use an existing account to sign in to multiple websites, without needing to create new passwords 
  • Authentication based on pre-established request headers (such as Computer Associates SiteMinder)


You must have an active subscription to download PDF and Lab Zip of this course topic.Please click the "Subscribe" button or the "Login" button if you already have an account.