Other Spring Security capabilities

Pragya Keshap answered on February 22, 2023 Popularity 1/10 Helpfulness 1/10

Contents


More Related Answers

  • how to implement method level security in spring boot
  • What do you mean by session management in Spring Security?
  • What is Spring Security?
  • How to Implement Security for Spring Boot Application?
  • What issues are generally solved by spring clouds?
  • How do you control concurrent Sessions on Java web applications using Spring Security?
  • What are the major benefits of spring Externalized Configuration?
  • Spring Security 5's new features

  • Other Spring Security capabilities

    0

    Remember-me authentication: This is also known as persistent-login, and it allows websites to remember a user's identity in between multiple sessions. Spring Security provides a couple of implementations (hashed-token-based and persistent-token-based) that make this easy.

    Cross Site Request Forgery (CSRF): This is a very common security exploit employed by hackers to do unethical operations, whereby unauthorized commands are sent on behalf of the user. Spring Security allows us to fix this exploit easily with configurations.

    Cross-Origin Resource Sharing (CORS): This is a mechanism by which a web application running on a particular domain can access resources exposed in another domain by adding additional HTTP headers. This is one of the security mechanisms employed to make sure that only legitimate code can have access to resources exposed by a domain.

    Session management: Proper user session management is key to any application's security. Here are some of the important session-related functions that Spring Security takes care of easily:

    Session timeout: This makes sure that user sessions time out at the configured value, and this cannot be hacked.

    Concurrent session: This prevents users from having multiple (configured value) sessions active within the server.

    Session fixation: This is a security attack that allows the attacker to hijack a valid user's session and then start using it for unethical operations. 

    LDAP (Lightweight Directory Access Protocol)

    Single sign-on.

    JAAS (Java Authentication and Authorization Service) LoginModule.

    Basic Access Authentication.

    Digest Access Authentication.

    Remember-me.

    Web Form Authentication.

    Authorization. 

    https://www.javatpoint.com/spring-security-features

    Popularity 1/10 Helpfulness 1/10 Language whatever
    Source: Grepper
    Link to this answer
    Share Copy Link
    Contributed on Feb 22 2023
    Pragya Keshap
    0 Answers  Avg Quality 2/10


    X

    Continue with Google

    By continuing, I agree that I have read and agree to Greppers's Terms of Service and Privacy Policy.
    X
    Grepper Account Login Required

    Oops, You will need to install Grepper and log-in to perform this action.