Chapter 5. Securing Your Application
In this chapter, we'll learn how to secure our web application and also how to cope with the security challenges of modern, distributed web applications.
This chapter will be broken up into five parts:
- First, we will set up basic HTTP authentication in a few minutes
- Then, we will design a form-based authentication for the web pages, keeping the basic authentication for the RESTful API
- We will allow the users to sign up via the Twitter OAuth API
- Then, we will leverage Spring Session to make sure our application can scale using a distributed session mechanism
- Finally, we will configure Tomcat to use a secured connection through SSL
The simplest possible authentication mechanism is basic authentication ...