Chapter 5. Securing Your Application

In this chapter, we'll learn how to secure our web application and also how to cope with the security challenges of modern, distributed web applications.

This chapter will be broken up into five parts:

  • First, we will set up basic HTTP authentication in a few minutes
  • Then, we will design a form-based authentication for the web pages, keeping the basic authentication for the RESTful API
  • We will allow the users to sign up via the Twitter OAuth API
  • Then, we will leverage Spring Session to make sure our application can scale using a distributed session mechanism
  • Finally, we will configure Tomcat to use a secured connection through SSL

Basic authentication

The simplest possible authentication mechanism is basic authentication ...

Get Spring MVC: Designing Real-World Web Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.