It's not enough to secure your applications by simply locking the front door, expecting that that will keep attackers out. Modern web applications require security at many different levels: using appropriate HTTP headers, preventing CSRF and CORS attacks, matching URLs, securing method invocations, performing multi-tenancy and other ownership-based checks, etc.
In this presentation, Joris will show how to address these concerns with Spring Security, an OSS framework for securing Java-based web applications. He'll cover the built-in features, but will also demonstrate how to extend those with custom functionality to meet the security needs that many applications have.
Prerequisite attendee experience level: advanced