Pro Spring Security: Securing Spring Framework 5 and Boot 2-Based Java Applications

Scarioni, Carlo, Nardone, Massimo

  • 出版商: Apress
  • 出版日期: 2019-11-22
  • 定價: $1,575
  • 售價: 8.0$1,260
  • 語言: 英文
  • 頁數: 410
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1484250516
  • ISBN-13: 9781484250518
  • 相關分類: Java 程式語言Java 相關技術資訊安全
  • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Build and deploy secure Spring Framework and Spring Boot-based enterprise Java applications with the Spring Security Framework. This book explores a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications.
Pro Spring Security, Second Edition has been updated to incorporate the changes in Spring Framework 5 and Spring Boot 2. It is an advanced tutorial and reference that guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground up.
This book also provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications.
What You Will Learn
  • Explore the scope of security and how to use the Spring Security Framework
  • Master Spring security architecture and design
  • Secure the web tier in Spring
  • Work with alternative authentication providers
  • Take advantage of business objects and logic security
  • Extend Spring security with other frameworks and languages
  • Secure the service layer

Who This Book Is ForExperienced Spring and Java developers with prior experience in building Spring Framework or Boot-based applications.

商品描述(中文翻譯)

使用Spring Security Framework來建立和部署安全的基於Spring Framework和Spring Boot的企業級Java應用程式。本書探討了一套全面的功能,用於實現Java應用程式的行業標準身份驗證和授權機制。

《Pro Spring Security, Second Edition》已更新以納入Spring Framework 5和Spring Boot 2的變化。這是一本高級教程和參考資料,通過從頭開始構建一致的示例,引導您實現Java Web應用程式的安全功能。

本書還通過包括構建RESTful Web服務和Grails應用程式的安全層等最新用例,為您提供了對Spring安全的更廣泛的了解。

您將學到什麼:
- 探索安全範圍以及如何使用Spring Security Framework
- 掌握Spring安全架構和設計
- 保護Spring的Web層
- 使用替代身份驗證提供者
- 利用業務對象和邏輯安全性
- 使用其他框架和語言擴展Spring安全性
- 保護服務層

本書適合有Spring Framework或Boot應用程式構建經驗的經驗豐富的Spring和Java開發人員。

作者簡介

Carlo Scarioni is a passionate software developer, motivated by learning and applying innovative and interesting software development tools, techniques and methodologies, his professional objectives are the following. To be in a technology-oriented enterprise where the technical staff is the soul of the company. To be in an important IT team. To be able to design and develop state of the art software. To be able to apply new knowledge every day, in innovative ways, and with a great degree of freedom. To architect, design and develop software that uses the best practices of the field. To play with the latest technologies, learn every day and participate in the research and innovation of software products. Specialties: TDD, object-oriented principles and design patterns, Java/JEE, Spring, application servers, SQL and NoSQL (MongoDB), multithreading, messaging, enterprise integration patterns, Ruby, and RoR. Certifications are Sun Certified Enterprise Architect (Part I), Sun Certified Java Programmer, Sun Certified Business Component Developer, SpringSource Certified Professional, and IBM SOA Certified Associate.
Massimo Nardone has more than 24 years of experience in security, web/mobile development, cloud, and IT architecture. His true IT passions are security and Android. He has been programming and teaching how to program with Android, Perl, PHP, Java, VB, Python, C/C++, and MySQL for more than 20 years. He holds an M.Sc. degree in computing science from the University of Salerno, Italy. During his career, he has worked as a project manager, software engineer, research engineer, chief security architect, information security manager, PCI/SCADA auditor, and senior lead IT security/cloud/SCADA architect.
His technical skills include security, Android, cloud, Java, MySQL, Drupal, Cobol, Perl, web and mobile development, MongoDB, D3, Joomla!, Couchbase, C/C++, WebGL, Python, Pro Rails, Django CMS, Jekyll, and Scratch. He has served as a visiting lecturer and supervisor for exercises at the Networking Laboratory of the Helsinki University of Technology (Aalto University). He holds four international patents (PKI, SIP, SAML, and Proxy areas). He currently works as chief information security officer (CISO) for Cargotec Oyj, and he is a member of the ISACA Finland Chapter Board. Massimo has reviewed more than 45 IT books for different publishers and has coauthored Pro JPA 2 in Java EE 8 (Apress, 2018), Beginning EJB in Java EE 8 (Apress, 2018), and Pro Android Games (Apress, 2015).

作者簡介(中文翻譯)

Carlo Scarioni是一位充滿熱情的軟體開發人員,他熱衷於學習和應用創新且有趣的軟體開發工具、技術和方法論。他的專業目標如下:加入一家以技術為導向的企業,技術人員是公司的靈魂;加入一個重要的IT團隊;設計和開發最先進的軟體;每天以創新的方式應用新知識,並擁有很大的自由度;設計和開發使用該領域最佳實踐的軟體;玩弄最新的技術,每天學習並參與軟體產品的研究和創新。專長包括:TDD、面向對象的原則和設計模式、Java/JEE、Spring、應用伺服器、SQL和NoSQL(MongoDB)、多線程、消息傳遞、企業整合模式、Ruby和RoR。他擁有Sun認證的企業架構師(第一部分)、Sun認證的Java程式設計師、Sun認證的業務元件開發人員、SpringSource認證專業人員和IBM SOA認證副理。

Massimo Nardone在安全、網頁/行動開發、雲端和IT架構方面擁有超過24年的經驗。他對安全和Android有著真正的熱情。他已經使用Android、Perl、PHP、Java、VB、Python、C/C++和MySQL進行編程和教學超過20年。他擁有義大利Salerno大學計算科學碩士學位。在他的職業生涯中,他曾擔任項目經理、軟體工程師、研究工程師、首席安全架構師、資訊安全經理、PCI/SCADA審計師和高級IT安全/雲端/SCADA架構師。

他的技術技能包括安全、Android、雲端、Java、MySQL、Drupal、Cobol、Perl、網頁和行動開發、MongoDB、D3、Joomla!、Couchbase、C/C++、WebGL、Python、Pro Rails、Django CMS、Jekyll和Scratch。他曾擔任赫爾辛基科技大學(阿爾托大學)網絡實驗室的客座講師和練習指導。他擁有四項國際專利(PKI、SIP、SAML和Proxy領域)。他目前擔任Cargotec Oyj的首席資訊安全官(CISO),並且是ISACA芬蘭分會董事會成員。Massimo已為不同出版商審閱了45本IT書籍,並共同撰寫了《Pro JPA 2 in Java EE 8》(Apress,2018)、《Beginning EJB in Java EE 8》(Apress,2018)和《Pro Android Games》(Apress,2015)。