Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learning Spring Boot 3.0

You're reading from   Learning Spring Boot 3.0 Simplify the development of production-grade applications using Java and Spring

Arrow left icon
Product type Paperback
Published in Dec 2022
Publisher Packt
ISBN-13 9781803233307
Length 270 pages
Edition 3rd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Greg L. Turnquist Greg L. Turnquist
Author Profile Icon Greg L. Turnquist
Greg L. Turnquist
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Part 1: The Basics of Spring Boot
2. Chapter 1: Core Features of Spring Boot FREE CHAPTER 3. Part 2: Creating an Application with Spring Boot
4. Chapter 2: Creating a Web Application with Spring Boot 5. Chapter 3: Querying for Data with Spring Boot 6. Chapter 4: Securing an Application with Spring Boot 7. Chapter 5: Testing with Spring Boot 8. Part 3: Releasing an Application with Spring Boot
9. Chapter 6: Configuring an Application with Spring Boot 10. Chapter 7: Releasing an Application with Spring Boot 11. Chapter 8: Going Native with Spring Boot 12. Part 4: Scaling an Application with Spring Boot
13. Chapter 9: Writing Reactive Web Controllers 14. Chapter 10: Working with Data Reactively 15. Index 16. Other Books You May Enjoy

Securing web routes and HTTP verbs

Locking down an application and only allowing authorized users to access it is a big step forward. But, it’s seldom enough.

We must actually confine who can do what. So far, the process we’ve applied where people must prove their identity as part of a closed list of users is known as authentication.

But, the next piece of security that must be applied to any real application is what’s called authorization, that is, what a user is allowed to do.

Spring Security makes this super simple to apply. The first step in customizing our security policy is to add one more bean definition to our SecurityConfig class created earlier in this chapter under the Creating our own users with a custom security policy section.

Up to this point, Spring Boot has had an autoconfigured policy in place. In fact, it may be simpler to show what Spring Boot has inside its own SpringBootWebSecurityConfiguration:

@Bean
SecurityFilterChain defaultSecurityFilterChain...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image