The canonical reference for securing a Spring application.
The 15 (+3 new) modules cover everything from the basics of Spring Security in an MVC application to advanced use-cases such as understanding attack vectors, proper password storage and risks, API security with OAuth2 and full Java config.
In addition to the framework guides, we'll also do deep-dives into full working security implementations. We'll do a complete ACL implementation for applications that simply need to go beyond the roles and privileges.
We'll tackle Two-Factor Authentication to add extra security to our apps. We're going to drive that with a soft-token, a hardware token and finally with SMS.
And we'll do implementations of things like Multi-Tenancy, LDAP, Single Sign 0n and a variety of other scenarios.
This is everything I wish I had access to when I secured my first application with Spring Security.
The canonical reference for building a production grade API with Spring. The 10 modules (3 more announced) cover building and securing the API for production use, advanced evolution and discovery techniques, client code to consume it from the front end, comprehensive monitoring, continuous integration, continuous deployment, and more.
In addition to the detailed guides on implementation, you'll also get the knowledge needed to run the API in production reliably and consistently. You'll get templates of my time-tested Spring API implementations along with the understanding of how to use these to get your own APIs out and into the hands of clients quickly.
Everything I wish I had access to when I built my first API with Spring.