12 Security: Authorization and auditing

This chapter covers

Authorization and roles with Spring Cloud Gateway and OAuth2
Protecting APIs with Spring Security and OAuth2 (imperative)
Protecting APIs with Spring Security and OAuth2 (reactive)
Protecting and auditing data with Spring Security and Spring Data

In the previous chapter, I introduced access control systems for cloud native applications. You saw how to add authentication to Edge Service with Spring Security and OpenID Connect, manage the user session life cycle, and address CORS and CSRF concerns when integrating an Angular frontend with Spring Boot.

By delegating the authentication step to Keycloak, Edge Service is not affected by the specific authentication strategy. For example, ...

Get Cloud Native Spring in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cloud Native Spring in Action by Thomas Vitale

12 Security: Authorization and auditing

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly