Securing SPAs with Spring

Explore the intricacies of securing Single Page Applications (SPAs) with Spring in this comprehensive conference talk from Spring I/O 2022. Delve into the challenges of authentication and authorization in SPAs, including hiding secrets and exposing REST APIs securely. Learn about various authentication methods such as JWT, OAuth, SAML, and session-based authentication. Discover how Spring Security simplifies the process of securing projects with out-of-the-box support for authentication, authorization, and protection against common attacks. Join Spring Security team member Marcus Da Coregio as he covers essential topics including Secure by Default principles, SPA Authentication techniques, resolving CORS issues, customizing User Store, implementing CSRF tokens, and preventing Insecure Direct Object Reference vulnerabilities. Access accompanying slides and GitHub repository for hands-on learning and implementation.