Spring Security Features
LDAP (Lightweight Directory Access Protocol)It is an open application protocol for maintaining and accessing distributed directory information services over an Internet Protocol. Single sign-onThis feature allows a user to access multiple applications with the help of single account(user name and password). JAAS (Java Authentication and Authorization Service) LoginModuleIt is a Pluggable Authentication Module implemented in Java. Spring Security supports it for its authentication process. Basic Access AuthenticationSpring Security supports Basic Access Authentication that is used to provide user name and password while making request over the network. Digest Access AuthenticationThis feature allows us to make authentication process more secure than Basic Access Authentication. It asks to the browser to confirm the identity of the user before sending sensitive data over the network. Remember-meSpring Security supports this feature with the help of HTTP Cookies. It remember to the user and avoid login again from the same machine until the user logout. Web Form AuthenticationIn this process, web form collect and authenticate user credentials from the web browser. Spring Security supports it while we want to implement web form authentication. AuthorizationSpring Security provides the this feature to authorize the user before accessing resources. It allows developers to define access policies against the resources. Software LocalizationThis feature allows us to make application user interface in any language. HTTP AuthorizationSpring provides this feature for HTTP authorization of web request URLs using Apache Ant paths or regular expressions. Features added in Spring Security 5.0OAuth 2.0 LoginThis feature provides the facility to the user to login into the application by using their existing account at GitHub or Google. This feature is implemented by using the Authorization Code Grant that is specified in the OAuth 2.0 Authorization Framework. Reactive SupportFrom version Spring Security 5.0, it provides reactive programming and reactive web runtime support and even, we can integrate with Spring WebFlux. Modernized Password EncodingSpring Security 5.0 introduced new Password encoder DelegatingPasswordEncoder which is more modernize and solve all the problems of previous encoder NoOpPasswordEncoder.
Next TopicSpring Security Project Modules
|