Friday, April 5, 2013

Book Review: Spring Security 3.1

I haven't written any tutorials for my blog since December because of a new job I just got in Chicago. And today I won't be sharing any new tutorials as well. But don't despair because I will be sharing my review of another Spring book: Spring Security 3.1 by Robert Winch and Peter Mularien and published by Packt Publishing. You can find the book at http://www.packtpub.com/spring-security-3-1/book for $25.49.

It may sound that I'm selling, but I'm not. I'm actually promoting this book because it's a great reference that will help all developers regardless of expertise. In addition, the book is written by Robert, the project lead for Spring Security and by Peter, the author of the Spring Security 3 book. That means you're getting your information from the source and experts!

What's good about this book?
The book is fully packed with information regarding various aspects of Spring Security and integration steps with different scenarios, such as:


  • Basic Spring Security configuration
  • OpenID integration
  • Access Control List (ACL)
  • JDBC-based configuration
  • Remember-me services
  • LDAP-based authentication
  • Single Sign-on services
  • JSF and GWT integration
  • and many more

I like how the introduction starts with a fictitious company and enumerates the reasons why you may need to secure an unsecured application. There's an index that shows how to load the sample projects in STS and configure Tomcat along with SSL. If you have read the previous Spring Security 3 book, you might find the contents somewhat similar.

For me the most interesting chapters are Chapter 3: Custom Authentication and Chapter 10: Fine-grained Access Control because both chapters provide information on how to adapt Spring Security to match any project requirements.

What's bad about this book?
I believe the glaring problem of this book is it doesn't describe a whole project in any of its chapters. Mostly the chapters are focus on each aspect of Spring Security. They are detailed, but it's hard to see the overview or the general outlook of the chapter. Maybe because I'm used to the way I present my blog, and I prefer to have a full project laid out. Then describe each section part-by-part. Though there are samples in the book, but it's up to the reader to comprehend the whole project. But overall, this book is a great reference.
StumpleUpon DiggIt! Del.icio.us Blinklist Yahoo Furl Technorati Simpy Spurl Reddit Google I'm reading: Book Review: Spring Security 3.1 ~ Twitter FaceBook

Subscribe by reader Subscribe by email Share