Building Layers of Defense with Spring Security

It's not enough to secure your applications by simply locking the front door, expecting that that will keep attackers out. Modern web applications require security at many different levels: using appropriate HTTP headers, preventing CSRF and CORS attacks, matching URLs, securing method invocations, performing multi-tenancy and other ownership-based checks, etc.

In this presentation, Joris will show how to address these concerns with Spring Security, an OSS framework for securing Java-based web applications. He'll cover the built-in features, but will also demonstrate how to extend those with custom functionality to meet the security needs that many applications have.

Prerequisite attendee experience level: advanced