5. Authenticating with Spring MVC
by Geoffroy Warin, Alex Bretet, Hamidreza Sattari, Shameer Kunjumohamed
Spring MVC: Designing Real-World Web Applications
- Spring MVC: Designing Real-World Web Applications
- Table of Contents
- Spring MVC: Designing Real-World Web Applications
- Spring MVC: Designing Real-World Web Applications
- Credits
- Preface
- I. Module 1
- 1. Getting Started with Spring Core
- The Spring landscape
- Design concepts behind Spring Framework
- Setting up the development environment
- Your first Spring application
- Dependency Injection
- Beans in detail
- Bean definition
- Instantiating beans
- Injecting bean dependencies
- Constructor-based or setter-based DI – which is better?
- Cleaner bean definitions with namespace shortcuts
- Wiring a List as a dependency
- Wiring a Map as a dependency
- Autowiring dependencies
- Bean scoping
- Dependency Injection with scoped beans
- Creating a custom scope
- Hooking to bean life cycles
- Container-level default-init-method and default-destroy-method
- Working with bean definition profiles
- Injecting properties into the Spring environment
- Externalizing properties with PropertyPlaceholderConfigurer
- Handling resources
- Spring Expression Language
- Aspect Oriented Programming
- Testing with Spring
- Summary
- 2. Building the Web Layer with Spring Web MVC
- Features of Spring MVC
- The Model-View-Controller pattern
- Your first Spring MVC application
- Setting up a Spring MVC application
- The architecture and components of Spring MVC
- DispatcherServlet explained
- Controllers in detail
- Mapping request URLs with @RequestMapping
- URI template patterns with the @PathVariable annotation
- Binding parameters with the @RequestParam annotation
- Request handler method arguments
- Request handler method return types
- Setting Model attributes
- Building RESTful services for JSON and XML media
- Building a RESTful service with RestController
- Asynchronous request processing in Spring MVC
- Working with views
- Spring and Spring form tag libraries
- Composing a form in JSP
- Validating forms
- Handling file uploads
- Resolving Thymeleaf views
- More view technologies
- Summary
- 3. Accessing Data with Spring
- Configuring DataSource
- Using embedded databases
- Handling exceptions in the Spring Data layer
- DAO support and @Repository annotation
- Spring JDBC abstraction
- Spring Data
- Spring Transaction support
- Relevance of Spring Transaction
- Summary
- 4. Understanding WebSocket
- 5. Securing Your Applications
- 6. Building a Single-Page Spring Application
- The motivations behind SPAs
- SPAs explained
- Introducing Ember.js
- The anatomy of an Ember application
- Working with Ember CLI
- Understanding the Ember object model
- Working with collections
- Building UI templates using Handlebars
- Handling routes
- Handling UI behavior using components
- Persisting data with Ember Data
- Building a Taskify application
- Building the API server app
- Building the Taskify Ember app
- Summary
- 7. Integrating with Other Web Frameworks
- 1. Getting Started with Spring Core
- II. Module 2
- 1. Setup Routine for an Enterprise Spring Application
- Introduction
- Installing Eclipse for JEE Developers and Java SE 8
- Configuring Eclipse for Java 8, Maven 3, and Tomcat 8
- Defining the project structure with Maven
- Installing Spring, Spring MVC, and a web structure
- 2. Designing a Microservice Architecture with Spring MVC
- Introduction
- Configuring a controller with simple URL mapping
- Configuring a fallback controller using ViewResolver
- Setting up and customizing a responsive single page webdesign with Bootstrap
- Displaying a model in the View, using the JSTL
- Defining a common WebContentInterceptor
- Designing a client-side MVC pattern with AngularJS
- 3. Working with Java Persistence and Entities
- 4. Building a REST API for a Stateless Architecture
- Introduction
- Binding requests and marshalling responses
- Configuring content-negotiation (JSON, XML, and so on)
- Adding pagination, filters, and sorting capabilities
- Handling exceptions globally
- Documenting and exposing an API with Swagger
- 5. Authenticating with Spring MVC
- Introduction
- Configuring Apache HTTP to proxy your Tomcat(s)
- Adapting users and roles to Spring Security
- Authenticating over a BASIC scheme
- Authenticating with a third-party OAuth2 scheme
- Storing credentials in a REST environment
- Authorizing on services and controllers
- 6. Implementing HATEOAS
- 7. Developing CRUD Operations and Validations
- Introduction
- Extending REST handlers to all HTTP methods
- Validating resources using bean validation support
- Internationalizing messages and contents for REST
- Validating client-side forms with HTML5 AngularJS
- 8. Communicating Through WebSockets and STOMP
- Introduction
- Streaming social events with STOMP over SockJS
- Using RabbitMQ as a multiprotocol message broker
- Stacking and consuming tasks with RabbitMQ and AMQP
- Securing messages with Spring Session and Redis
- Getting ready
- How to do it…
- How it works...
- There's more…
- See also
- 9. Testing and Troubleshooting
- Introduction
- Automating Database Migrations with FlyWay
- Unit testing with Mockito and Maven Surefire
- Integration testing with Cargo, Rest-assured, and Maven failsafe
- Injecting Spring Beans into integration tests
- Modern application Logging with Log4j2
- Getting ready
- How to do it…
- How it works...
- There is more…
- Automatic configuration
- Official documentation
- Interesting Redis Appender implementation
- III. Module 3
- 1. Mastering the MVC Architecture
- 2. Handling Forms and Complex URL Mapping
- 3. File Upload and Error Handling
- 4. Crafting a RESTful Application
- 5. Securing Your Application
- 6. Leaving Nothing to Luck – Unit Tests and Acceptance Tests
- 7. Optimizing Your Requests
- 8. Deploying Your Web Application to the Cloud
- 9. Beyond Spring Web
- A. Bibliography
- Index
- 1. Setup Routine for an Enterprise Spring Application
This chapter covers the following recipes:
- Configuring Apache HTTP to proxy your Tomcat(s)
- Adapting users and roles to fit Spring Security
- Authenticating over a BASIC scheme
- Storing credentials in a REST environment
- Authenticating with a third-party OAuth2 scheme
- Authorizing on services and controllers
In this chapter, developing the CloudStreetMarket application, we cover two ways of authenticating in a Spring environment.
We believe that only providing Security annotations to restrict controllers and services wouldn't be sufficient to give a big picture of Spring Authentication. It's clearly not possible to feel confident about the Security tools that can be used with Spring MVC, without a few key concepts such as the role of the Authentication object, the Spring Security filter-chain, the SecurityInterceptor workflow, and so on. As it is necessary for configuring OAuth, we will also show you how to set up an Apache HTTP proxy and a host alias on your machine to emulate the cloudstreetmarket.com domain locally.
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.