Chapter 5. Securing Your Application

In this chapter, we'll learn how to secure our web application and also how to cope with the security challenges of modern, distributed web applications.

This chapter will be broken up into five parts:

First, we will set up basic HTTP authentication in a few minutes
Then, we will design a form-based authentication for the web pages, keeping the basic authentication for the RESTful API
We will allow the users to sign up via the Twitter OAuth API
Then, we will leverage Spring Session to make sure our application can scale using a distributed session mechanism
Finally, we will configure Tomcat to use a secured connection through SSL

Basic authentication

The simplest possible authentication mechanism is basic authentication ...

Get Spring MVC: Designing Real-World Web Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring MVC: Designing Real-World Web Applications by Shameer Kunjumohamed, Hamidreza Sattari, Alex Bretet, Geoffroy Warin

Chapter 5. Securing Your Application

Basic authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly