KEMBAR78
SpringBoot Security - Part1 | PDF
Scribd
Upload
35 views6 pages

SpringBoot Security - Part1

The document outlines various types of attacks such as CSRF, CORS, SAL Injection, and XSS, emphasizing the need for proper authentication and authorization to protect resources. It introduces Spring Boot Security and discusses its architecture, including the Security Filter Chain. Additionally, it mentions dependencies required for Spring Boot projects and provides an overview of different authentication and authorization mechanisms.

Uploaded by

yuvraj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
35 views6 pages

SpringBoot Security - Part1

The document outlines various types of attacks such as CSRF, CORS, SAL Injection, and XSS, emphasizing the need for proper authentication and authorization to protect resources. It introduces Spring Boot Security and discusses its architecture, including the Security Filter Chain. Additionally, it mentions dependencies required for Spring Boot projects and provides an overview of different authentication and authorization mechanisms.

Uploaded by

yuvraj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
You are on page 1/ 6
SteirsetSecrty-2 ‘There are various types of attacks: + CSRS (Cross-Site Request Forgery) + CORS (Cross-Origin Resource Sharing) + SAL Injection + XSS (Cross-Site Scripting) ‘And we need to protect our resources from these attacks, and for that we need proper: ‘+ Authentication : Verify who you are ‘+ Authorization : Checks what you are allowed to do ‘That's where Spring boot Security comes into the picture, ‘Architecture of Spring Boot Security In video no #28, we have already seen, what are filters and where exactly they fit aT fieiary C ata) Now, lets enhance it for understanding Spring Security Security Filter Chain t » [iapeseroeis _SecurttyContent ‘— [uthentication Provider W (manog If spring boot project is already present, add below dependencies: Provides cone etureie If setting up new Spring boot project: Go to spring initializer Le. "start.springio Tiroewey otwen Once © \ ‘And if we want to persist the session in relational D8, then we need to add below degendency in pom.xml Peers Now, lets understand the end to end flow with an example for each individual Authentication and Authorization mechanism: 1. Form Login (Stateful) 2, Basic Authentication (Stateless) 3. WT (stateless) 4. OAuth? I. Authorization Code (Stateful or Stateless) Wi. Client Credentials (Stateless) il, Password Grant { Stateless) 5. APL Key Authentication (Stateless) ete

You might also like