It may sound that I'm selling, but I'm not. I'm actually promoting this book because it's a great reference that will help all developers regardless of expertise. In addition, the book is written by Robert, the project lead for Spring Security and by Peter, the author of the Spring Security 3 book. That means you're getting your information from the source and experts!
What's good about this book?
The book is fully packed with information regarding various aspects of Spring Security and integration steps with different scenarios, such as:
- Basic Spring Security configuration
- OpenID integration
- Access Control List (ACL)
- JDBC-based configuration
- Remember-me services
- LDAP-based authentication
- Single Sign-on services
- JSF and GWT integration
- and many more
I like how the introduction starts with a fictitious company and enumerates the reasons why you may need to secure an unsecured application. There's an index that shows how to load the sample projects in STS and configure Tomcat along with SSL. If you have read the previous Spring Security 3 book, you might find the contents somewhat similar.
For me the most interesting chapters are Chapter 3: Custom Authentication and Chapter 10: Fine-grained Access Control because both chapters provide information on how to adapt Spring Security to match any project requirements.
What's bad about this book?
I believe the glaring problem of this book is it doesn't describe a whole project in any of its chapters. Mostly the chapters are focus on each aspect of Spring Security. They are detailed, but it's hard to see the overview or the general outlook of the chapter. Maybe because I'm used to the way I present my blog, and I prefer to have a full project laid out. Then describe each section part-by-part. Though there are samples in the book, but it's up to the reader to comprehend the whole project. But overall, this book is a great reference.
Share the joy:
Subscribe by reader Subscribe by email Share