Rating:
Author: Peter Mularien
ISBN : B0058NBIXW
New from $18.49
Format: PDF
Download electronic versions of selected books Free Spring Security 3 for everyone book 4shared, mediafire, hotfile, and mirror link The book starts by teaching the basic fundamentals of Spring Security 3 such as setup and configuration. Later it looks at more advanced topics showing the reader how to solve complex real world security issues.This book is for Java developers who build web projects and applications. The book assumes basic familiarity with Java, XML and the Spring Framework. Newcomers to Spring Security will still be able to utilize all aspects of this book.Books with free ebook downloads available Free Spring Security 3
- File Size: 2625 KB
- Print Length: 422 pages
- Page Numbers Source ISBN: 1847199747
- Publisher: Packt Publishing (May 26, 2010)
- Sold by: Amazon Digital Services, Inc.
- Language: English
- ASIN: B0058NBIXW
- Text-to-Speech: Enabled
X-Ray:
- Lending: Not Enabled
- Amazon Best Sellers Rank: #576,796 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
Free Spring Security 3
Mularien has a comfortable writing style and the book is a lot less dry than several other Spring
books I've read.
The first topics covered are a Authorization/Authentication, XML configuration, the login/logout process and the overall architecture of secured web requests. You are then walked through configuring Spring Security for an example "pet store" web application, which starts off using an "in-memory" user credential store (configured via XML). Next, you progressively face-lift the example for more real-world usage, where your first stop is hooking up an actual database for storing user credentials. For simplicity, Mularien uses an HSQL embedded database, where enough setup/configuration information is provided to ensure success. Following his configuration examples, I was able to point Spring Security to a local MySQL instance instead and everything worked just fine.
Out-of-the box, JDBC-based user management is covered next, where Spring Security's simplified "namespace" configuration tags are used. You then slowly progress towards using your own custom/legacy schema with database-resident authentication. Also covered are secure user passwords, password encryption types, SALT usage/configuration (for extra password security), SSL use/setup via Tomcat and securing portions of your web app via Spring Security's "requires-channel" feature.
Fine-grained access control and authorization is next, with plenty of good coverage on Annotations and AOP expressions. There's also an explanation on JSR-250 compliant annotations vs. Spring Security's annotation set and the differences between them.
From there, Mularien goes on to advanced configuration and extension of Spring Security.
As of August 2012, there are two major learning resources for Spring Security: this book and the reference documentation. While reference documentation is pretty solid, it should be used exactly for "refering". It's useful for providing detailed information about Spring Security facilities, but it isn't the best place for getting the "big picture". And that's what is this book good at.
Let me tell you, that Spring Security is imho one of the most complicated and complex Java frameworks that is nowadays around. It is almost impossible to use it after first google hit: tutorials or forums are simply not enough to get you started with this beast. Hell no!
This book excels in explaining what is Spring Security from scratch. It covers important security principles and demonstrates some use cases on sample application. You will learn how Spring Security handles authentication, authorization, about very important security chain based on filters, about method intercepting and pre/post authorization, customizing login/logout pages, remember me support, about password encryption and much more. The second part of the book is dedicated to 3rd party services such as OpenID, LDAP, SSO and there is also chapter about SS2 to SS3 migration. For hard-core developers there is also part about how to wire all the required dependencies yourself.
I've read some negative comments about the sample code. The truth is, that formatiing is terrible and is hard to read even from paperback. I don't want to think how messy must Kindle version be. That's why I am giving one star down from my rating. You also have to accept the fact, that you need to download the sample code for this book and play with it. This is NOT step-by-step tutorial for creating application!
-
Download Link 2