Spring Boot: Security
Authentication, Authorization and other Security issues
There are many aspects of Security. Here are two:
- Authentication: Making sure the user is who they say they are.
- Authorization: Making sure the user can only do what they are allowed to do.
There are other aspects too, such as preventing cross-site scripting attacks, denial of service attacks, to name a couple.
As we explore those in the context of Spring Boot, we’ll add resources to this page.
Authentication
- In this course, we generally handle this with OAuth
- That way we don’t have to deal with storing usernames/passwords.
- See: Spring Boot: OAuth
Authorization
This is still more of a work in progress in terms of understanding how to do this with Spring Boot. Here are a few resources.
Related topics:
- Spring Boot: —A Java web application framework