There are many aspects of Security. Here are two:
- Authentication: Making sure the user is who they say they are.
- Authorization: Making sure the user can only do what they are allowed to do.
There are other aspects too, such as preventing cross-site scripting attacks, denial of service attacks, to name a couple.
As we explore those in the context of Spring Boot, we’ll add resources to this page.
- In this course, we generally handle this with OAuth
- That way we don’t have to deal with storing usernames/passwords.
- See: Spring Boot: OAuth
This is still more of a work in progress in terms of understanding how to do this with Spring Boot. Here are a few resources.