As discussed earlier, the adoption of a web security framework will help us to handle lots of security controls. Take Spring Security as an example—a few edits of the XML configuration will not only provide login/logout form authentication but also CSRF attack, session, and HTTP security header (HSTS, X-content-type, XSS, X-Frame-Options) protection:
Java security framework |
Key characteristics |
Spring Security |
|