Chapter 5. Securing Your Application

In this chapter, we'll learn how to secure our web application and also how to cope with the security challenges of modern, distributed web applications.

This chapter will be broken up into five parts:

  • First, we will set up basic HTTP authentication in a few minutes
  • Then, we will design a form-based authentication for the web pages, keeping the basic authentication for the RESTful API
  • We will allow the users to sign up via the Twitter OAuth API
  • Then, we will leverage Spring Session to make sure our application can scale using a distributed session mechanism
  • Finally, we will configure Tomcat to use a secured connection through SSL

Basic authentication

The simplest possible authentication mechanism is basic authentication ...

Get Spring MVC: Designing Real-World Web Applications now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.