O'Reilly logo

Spring Security 3 by Peter Mularien

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary

In this chapter, we have covered most of the remaining areas in standard Spring Security implementations which deal with authorization. We've learned enough to take a thorough pass through the JBCP Pets online store and verify that proper authorization checks are in place at all tiers of the application, to ensure that malicious users cannot manipulate or access data to which they do not have access.

Specifically, we:

  • Learned about planning authorization, and user/group mapping in our application design process
  • Developed two techniques for micro-authorization, filtering out in-page content based on authorization or other security criteria using the Spring Security JSP tag library and Spring MVC controller data binding
  • Explored several methods ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required