This chapter provided us with a solid introduction to the twin security concepts of authentication and authorization. We've:
- Explored the high-level architecture of our secured system
- Used the automatic configuration functionality of Spring Security to secure the JBCP Pets website in three steps
- Reviewed the use and importance of servlet filters in Spring Security
- Examined the key actors in the authentication and authorization processes, including detailed introductions to important objects such as
- Performed some configuration to experiment with the SpEL expression language as it relates to specification of access rules
In the next chapter, we'll take the basic username and password authentication to the next level ...