O'Reilly logo

Spring in Practice by Willie Wheeler with Joshua White

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 7. Authorizing user requests

This chapter covers

  • Implementing authorization using Spring Security
  • Using authentication levels, roles, and permissions
  • Establishing access control lists

Authorization is the area of security that deals with protecting resources from users or systems—generically, principals—which aren’t allowed to view, modify, or otherwise access them. It generally builds on authentication. Authentication establishes the principal’s identity, and authorization decides what the principal is allowed to do. This chapter continues the treatment of Spring Security we began in chapter 6, this time exploring its authorization features.

Figure 7.1 shows the relationship between the types of authorization in Spring Security ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required