In weniger als einer Minute können Sie mit dem Lesen von Pro Spring Security auf Ihrem Kindle beginnen. Sie haben noch keinen Kindle? Hier kaufen oder mit einer unserer kostenlosen Kindle Lese-Apps sofort zu lesen anfangen.

An Ihren Kindle oder ein anderes Gerät senden


Kostenlos testen

Jetzt kostenlos reinlesen

An Ihren Kindle oder ein anderes Gerät senden

Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Keine Abbildung vorhanden

Pro Spring Security [Kindle Edition]

Carlo Scarioni

Kindle-Preis: EUR 29,75 Inkl. MwSt. und kostenloser drahtloser Lieferung über Amazon Whispernet

Kostenlose Kindle-Leseanwendung Jeder kann Kindle Bücher lesen  selbst ohne ein Kindle-Gerät  mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.

Geben Sie Ihre E-Mail-Adresse oder Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.

Weitere Ausgaben

Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 29,75  
Taschenbuch EUR 40,61  



Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications.

Pro Spring Security will be a reference and advanced tutorial that will do the following:

  • Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up.

  • Demonstrates the different authentication and authorization methods to secure enterprise-level applications by using the Spring Security Framework.

  • Provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications.

What you’ll learn

  • What the basics of securing a Java application, including core security concepts and the step-by-step configuration to include the Spring Security Framework in your web application

  • What tools are available in Spring security to provide login and logout capabilities, with add-ons such as remember-me and password change functionalities.

  • What are the types of authentication mechanisms tailored for enterprise-level Java applications, including LDAP, the Central Authentication Service, OpenID and X.509.

  • How to dive into each of the application layers to control user access to the different architectural elements of your Java application. You will first apply authorization control to each of the components of the Model-View-Controller tier.

  • How to work with Domain Objects and RESTful web services in our authorization queue in order to fully secure our application by using Access Control Lists, along with Object Level and Method Level authorization.

  • How to explore the powerful Grails framework and how to use Spring security in the context of a Groovy on Grails application. You will earn about the core security plugin and others such as OpenID, Facebook and Twitter authentication.

Who this book is for

This book is for Java and Grails developers who would like to secure their applications easily by applying industry’s best practices. I assume a fair knowledge of Java and a basic knowledge of Spring Dependency Injection.


  • Format: Kindle Edition
  • Dateigröße: 4116 KB
  • Seitenzahl der Print-Ausgabe: 340 Seiten
  • Verlag: Apress; Auflage: 1 (25. März 2013)
  • Verkauf durch: Amazon Media EU S.à r.l.
  • Sprache: Englisch
  • ASIN: B00ACC6BF4
  • Text-to-Speech (Vorlesemodus): Aktiviert
  • X-Ray:
  • Word Wise: Nicht aktiviert
  • Amazon Bestseller-Rang: #296.097 Bezahlt in Kindle-Shop (Siehe Top 100 Bezahlt in Kindle-Shop)

  •  Ist der Verkauf dieses Produkts für Sie nicht akzeptabel?

Mehr über den Autor

Entdecken Sie Bücher, lesen Sie über Autoren und mehr

Welche anderen Artikel kaufen Kunden, nachdem sie diesen Artikel angesehen haben?


Es gibt noch keine Kundenrezensionen auf
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf (beta) 3.0 von 5 Sternen  2 Rezensionen
6 von 7 Kunden fanden die folgende Rezension hilfreich
3.0 von 5 Sternen Disappointing 28. Januar 2014
Von MikeHT - Veröffentlicht auf
Format:Taschenbuch|Verifizierter Kauf
This book assumes some knowledge of Spring, mainly dependency injection and bean configuration. Knowing a bit about the MVC web pattern will help. This book started out strong until the latter half of chapter 4, specifically page 91 where it tries to demonstrate how to use SpEL to create your own login conditions. Up to this point, all the examples in the book worked fine. You could generate the code and see the results described in the text. From page 91 on however, the code would not work. I spent many hours trying to get it to work with no success. I tried using the downloadable source code which was very confusing as there were duplicate files in different directories and it was hard to tell which to use. Also, when you download the source code, you get several zip files named by chapter (e.g.,,, When I unzipped I expected to get a ch04 directory but got a ch05 directory further adding to the confusion. There was no or available to look for ch04 code. This is typical of many books I've read. There is often errors and confusion in the source code as to different versions of files available. This book is no exception. I did contact the author as is encouraged in the preface. He answered my first question but after that did not respond. If I had to judge the book on the first 3 chapters I would have given it a 5 star rating. But when the more complicated material came in with chapter 4, the book failed miserably. I have not even gotten to the most complex part, but as it builds on the sample application in chapter 4, I don't have high expectations. For these reasons I give this book a one. It is a shame, it started out strong, but it is difficult to learn a complex subject like this when you have to debug the examples in the book. I understand not giving solutions to exercises, but examples used in a book should work and since this is not a class and we don't have access to a T.A., we should not have to debug problems as "exercises to the reader". ** I initially rated this book at one star. I have now been able to get a good part of the code that wasn't running to run so I am upping the rating accordingly. There is still a SpEL expression the book indicates to use that throws an exception as unable to interpret. Some of the code I was able to get running in a previous Spring Security example I had written. I am now in chapter 5. If more of the code runs without much trouble I will up the rating further as the explanations are usually good. Update: I finished chapter 5 and the code there ran, but not without some issues including some typos in the code listings, mis-labled listings, a bad web.xml (if you follow instructions in book by page 130 your web.xml will be DTD based and needs to be xml schema based). Also, on page page 137 you need to issue the command "mvn package" to compile, but the author does not mention this. In chapter six the section on openId authorization will not work as the book example used as the openid provider and has been shut down since Feb. 1, 2014. I was able to use the example in the spring source code samples/openid directory. I copied the files and modified the configuration to use the default login pages and got it to work with Yahoo and Google as the openid providers. The x509 authentication code will not run as it relies on the genkey goal of the keytool-maven-plugin and this has been deprecated since vesion 1.2. I tried to go back to version 1.1 and got by this problem, but then got an error indicating the keystore was no longer good or the password was bad. Also, the code in the CAS authentication section on page 190 can not be run as it also depends on the genkey option. So the last two major sections of chapter 6 can not be run as presented in the book. Update: I am reducing the review of this book to 2 stars. I have just finished going through the chapter on access control lists. There are too many issues to list in detail but there are several discrepancies between the code listed in the text and the code downloaded from the books's website. While the code from the book's website will run, it is the last version of the code in the chapter (the code is developed as you go) and still does not quite run as described in the book. This is very frustrating as in my opinion access control lists are one of the most important part of Spring Security. It would have been nice to have an example that you develop step by step that runs as described. I also found the descriptions in the chapter confusing, for example when configuring AclAuthorizationStrategyImpl the authority "ROLE_ADMIN" is used in the text while "ROLE_ADMINISTRATION" is used in the downloaded source with no explanation of this difference or how it relates to a user's role given as either ROLE_ADMIN or ROLE_USER. Very confusing. I am left to try to find a clearer example of this, one possible source is at [...]. But at this point I think I am giving up on this book due to total frustration. I made it into the first example in chapter 8, had trouble running the UserInserter standalone program and then got frustrated and gave up. I will probably read through some of the rest of the chapter, but since it depends on running UserInserter I don't think I'll run any more code. Overall the book has some good info but you will be very frustrated trying to get a lot of the code to run, even the downloaded code.
0 von 5 Kunden fanden die folgende Rezension hilfreich
3.0 von 5 Sternen good 20. Juni 2014
Von Hans - Veröffentlicht auf
Format:Kindle Edition|Verifizierter Kauf
Junior needs it.
Senior does not need it.
This book is easy.
I want more hardly content.
Thanks. Have a nice day.
Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Erster Beitrag:
Eingabe des Log-ins

Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen

Ähnliche Artikel finden