Chapter 6. Advanced Configuration and Extension
Up to now, we've covered a lot of theory, along with the architecture and usage of the majority of Spring Security components. Our JBCP Pets commerce site is well on its way to being a model citizen of the secured web, and we're ready to dig intosome difficult challenges.
During the course of this chapter, we'll:
- Implement our own security filter, approaching an interesting problem of augmenting site security through the use of selective IP filtering by user role
- Build a custom
AuthenticationProvider and the required supporting classes
- Understand and implement anti-hacker measures known as session fixation protection and concurrent session control
- Utilize functionality included in concurrent session control ...