Explore the intricacies of securing Single Page Applications (SPAs) with Spring in this comprehensive conference talk from Spring I/O 2022. Delve into the challenges of authentication and authorization in SPAs, including hiding secrets and exposing REST APIs securely. Learn about various authentication methods such as JWT, OAuth, SAML, and session-based authentication. Discover how Spring Security simplifies the process of securing projects with out-of-the-box support for authentication, authorization, and protection against common attacks. Join Spring Security team member Marcus Da Coregio as he covers essential topics including Secure by Default principles, SPA Authentication techniques, resolving CORS issues, customizing User Store, implementing CSRF tokens, and preventing Insecure Direct Object Reference vulnerabilities. Access accompanying slides and GitHub repository for hands-on learning and implementation.
Overview
Syllabus
Securing SPAs with Spring by Marcus Hert Da Coregio @ Spring I/O 2022
Taught by
Spring I/O