Hands-On Spring Security 5 for Reactive Applications
上QQ阅读APP看书,第一时间看更新

Core Spring Security modules

In Spring Framework, Spring Security is a top-level project. Within the Spring Security project (https://github.com/spring-projects/spring-security), there are a number of sub-modules:

  • Core (spring-security-core): Spring security's core classes and interfaces on authentication and access control reside here.
  • Remoting (spring-security-remoting): In case you need Spring Remoting, this is the module with the necessary classes.
  • Aspect (spring-security-aspects): Aspect-Oriented Programming (AOP) support within Spring Security.
  • Config (spring-security-config): Provides XML and Java configuration support.
  • Crypto (spring-security-crypto): Contains cryptography support.
  • Data (spring-security-data): Integration with Spring Data.
  • Messaging (spring-security-messaging)
  • OAuth2: Support for OAuth 2.x support within Spring Security:
    • Core (spring-security-oauth2-core)
    • Client (spring-security-oauth2-client)
    • JOSE (spring-security-oauth2-jose)
  • OpenID (spring-security-openid): OpenID web-authentication support.
  • CAS (spring-security-cas): CAS (Central Authentication Service) client integration.
  • TagLib (spring-security-taglibs): Various tag libraries regarding Spring Security.
  • Test (spring-security-test): Testing support.
  • Web (spring-security-web): Contains web security infrastructure code, such as various filters and other Servlet API dependencies.

These are the top-level projects within Spring Framework that are strongly linked to Spring Security:

  • spring-ldap: Simplifying Lightweight Directory Access Protocol (LDAP) programming in Java.
  • spring-security-oauth: Easy programming with OAuth 1.x and OAuth 2.x protocols.
  • spring-security-saml: Bringing the SAML 2.0 service provider capabilities to Spring applications.
  • spring-security-kerberos: Bringing easy integration of Spring application with Kerberos protocol.

Security Assertion Markup Language (SAML) is an XML-based framework for ensuring that transmitted communications are secure. SAML defines mechanisms to exchange authentication, authorization, and non-repudiation information, allowing single sign-on capabilities for Web services.

The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that runs on a layer above the TCP/IP stack. Its based on a client-server model and provides a mechanism used to connect to, search, and modify Internet directories.

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret key cryptography. A free implementation of this protocol is available from MIT and it is also available in many commercial products.

For more information about SAML, LDAP, and Kerberos, you can check the following links: