Spring Security has a number of capabilities apart from core security features, authentication and authorization. Some of the most important ones are listed here. In Chapter 7, Spring Security Add-Ons, we will go through each of these in more detail using hands-on coding. We will build on the example that we have created in this chapter and explain each of these very important Spring Security capabilities:
- Remember-me authentication: This is also known as persistent-login, and it allows websites to remember a user's identity in between multiple sessions. Spring Security provides a couple of implementations (hashed-token-based and persistent-token-based) that make this easy.
- Cross Site Request Forgery (CSRF): This is a very common security exploit employed by hackers to do unethical operations, whereby unauthorized commands are sent...