🗊Презентация Spring security fundamentals

Категория: Устройства и комплектующие
Нажмите для полного просмотра!
Spring security fundamentals, слайд №1Spring security fundamentals, слайд №2Spring security fundamentals, слайд №3Spring security fundamentals, слайд №4Spring security fundamentals, слайд №5Spring security fundamentals, слайд №6Spring security fundamentals, слайд №7Spring security fundamentals, слайд №8Spring security fundamentals, слайд №9Spring security fundamentals, слайд №10Spring security fundamentals, слайд №11Spring security fundamentals, слайд №12Spring security fundamentals, слайд №13Spring security fundamentals, слайд №14Spring security fundamentals, слайд №15Spring security fundamentals, слайд №16Spring security fundamentals, слайд №17Spring security fundamentals, слайд №18
Скачать
Вы можете ознакомиться и скачать презентацию на тему Spring security fundamentals. Доклад-сообщение содержит 18 слайдов. Презентации для любого класса можно скачать бесплатно. Если материал и наш сайт презентаций Mypresentation Вам понравились – поделитесь им с друзьями с помощью социальных кнопок и добавьте в закладки в своем браузере.

Слайды и текст этой презентации

Слайд 1


Spring Security Spring Security Fundamentals
Описание слайда:
Spring Security Spring Security Fundamentals

Слайд 2


Main concepts authentication (who I am) authorization (what I can do) encryption
Описание слайда:
Main concepts authentication (who I am) authorization (what I can do) encryption

Слайд 3


Authentication used by a server when it needs to know exactly who is accessing their information usually, authentication entails the use of a user name and password, other ways to authenticate can be through cards, voice recognition and fingerprints does not determine what tasks a user can do or what files he can see, it just identifies and verifies who the person is should be used whenever you want to know exactly who is using or viewing your site
Описание слайда:
Authentication used by a server when it needs to know exactly who is accessing their information usually, authentication entails the use of a user name and password, other ways to authenticate can be through cards, voice recognition and fingerprints does not determine what tasks a user can do or what files he can see, it just identifies and verifies who the person is should be used whenever you want to know exactly who is using or viewing your site

Слайд 4


Authorization defines a process by which a server determines if the client has permission to use a resource or access a file usually coupled with authentication so that the server has some concept of who the client is that is requesting access should be used whenever you want to control viewer access of certain pages in some cases, there is no authorization, any user can use a resource or access a file simply by asking for it
Описание слайда:
Authorization defines a process by which a server determines if the client has permission to use a resource or access a file usually coupled with authentication so that the server has some concept of who the client is that is requesting access should be used whenever you want to control viewer access of certain pages in some cases, there is no authorization, any user can use a resource or access a file simply by asking for it

Слайд 5


Encryption a process of transforming data so that it is unreadable by anyone who does not have a decryption key https protocol is usually used in encryption processes by encrypting the data exchanged between the client and server information can be sent over the Internet with less risk of being intercepted during transit should be used whenever people are giving out personal information to register for something or buy a product
Описание слайда:
Encryption a process of transforming data so that it is unreadable by anyone who does not have a decryption key https protocol is usually used in encryption processes by encrypting the data exchanged between the client and server information can be sent over the Internet with less risk of being intercepted during transit should be used whenever people are giving out personal information to register for something or buy a product

Слайд 6


Maven dependencies spring-security-web (groupId: org.springframework.security) spring-security-config (groupId: org.springframework.security)
Описание слайда:
Maven dependencies spring-security-web (groupId: org.springframework.security) spring-security-config (groupId: org.springframework.security)

Слайд 7


Web configuration additions define a filter org.springframework.web.filter.DelegatingFilterProxy define a listener org.springframework.web.context.ContextLoaderListener context-param: contextConfigLocation points to security-config.xml
Описание слайда:
Web configuration additions define a filter org.springframework.web.filter.DelegatingFilterProxy define a listener org.springframework.web.context.ContextLoaderListener context-param: contextConfigLocation points to security-config.xml

Слайд 8


Minimal security configuration <http auto-config="true"> <intercept-url pattern="/**" access="ROLE_USER"/> </http> <authentication-manager> <authentication-provider> <user-service> <user name="john" password="123" authorities="ROLE_USER"/> </user-service> </authentication-provider> </authentication-manager>
Описание слайда:
Minimal security configuration <http auto-config="true"> <intercept-url pattern="/**" access="ROLE_USER"/> </http> <authentication-manager> <authentication-provider> <user-service> <user name="john" password="123" authorities="ROLE_USER"/> </user-service> </authentication-provider> </authentication-manager>

Слайд 9


Database configuration create two tables users (fields: username, password, enabled) authorities (fields: username, authority) create a user and his rights insert some data into the tables change “user-service” to “jdbc-user-service” in the security-config.xml
Описание слайда:
Database configuration create two tables users (fields: username, password, enabled) authorities (fields: username, authority) create a user and his rights insert some data into the tables change “user-service” to “jdbc-user-service” in the security-config.xml

Слайд 10


Spring Security tags the library needs to be included in your jsp page: <%@ taglib prefix=“sec” uri=“http://www.springframework.org/security/tags” %> tags: - authentication - authorization
Описание слайда:
Spring Security tags the library needs to be included in your jsp page: <%@ taglib prefix=“sec” uri=“http://www.springframework.org/security/tags” %> tags: - authentication - authorization

Слайд 11


Authentication tag used to gain access to the authenticated user object has a property attribute for accessing properties of that object - name - authorities - credentials - details - principal - isAuthenticated
Описание слайда:
Authentication tag used to gain access to the authenticated user object has a property attribute for accessing properties of that object - name - authorities - credentials - details - principal - isAuthenticated

Слайд 12


Authorize tag used to control access to parts of the page has such attributes: - url - method - var - access - ifAnyGranted (any of the listed roles must be granted) - ifAllGranted (all the listed roles must be granted) - ifNotGranted (none of the listed roles must be granted)
Описание слайда:
Authorize tag used to control access to parts of the page has such attributes: - url - method - var - access - ifAnyGranted (any of the listed roles must be granted) - ifAllGranted (all the listed roles must be granted) - ifNotGranted (none of the listed roles must be granted)

Слайд 13


Password encryption MD5 hash BCrypt
Описание слайда:
Password encryption MD5 hash BCrypt

Слайд 14


MD5 hash one of the first hash algorithms <password-encoder hash=“md5”> update the database with a new password
Описание слайда:
MD5 hash one of the first hash algorithms <password-encoder hash=“md5”> update the database with a new password

Слайд 15


BCrypt more secure than MD5 <password-encoder hash=“bcrypt”/> update the database with a new password
Описание слайда:
BCrypt more secure than MD5 <password-encoder hash=“bcrypt”/> update the database with a new password

Слайд 16


Basic authentication usually used for REST applications when you enter a url, browser will show a popup window enabled with <http-basic/> tag
Описание слайда:
Basic authentication usually used for REST applications when you enter a url, browser will show a popup window enabled with <http-basic/> tag

Слайд 17


Custom login form define an intercept-url with access to any user <intercept-url pattern=“/login” access=“IS_AUTHENTICATED_ANONYMOUSLY”/> add a form-login tag instead of http-basic <form-login login-page=“/login”/> add a jsp page with a few key points: - action=“j_spring_security_check” - input with name “j_username” - input with name “j_password”
Описание слайда:
Custom login form define an intercept-url with access to any user <intercept-url pattern=“/login” access=“IS_AUTHENTICATED_ANONYMOUSLY”/> add a form-login tag instead of http-basic <form-login login-page=“/login”/> add a jsp page with a few key points: - action=“j_spring_security_check” - input with name “j_username” - input with name “j_password”

Слайд 18


Expressions set use-expression to the http tag <http use-expressions=“true”/> simplifies boolean logic expressions list: - hasRole - hasAnyRole - permitAll - hasPermission
Описание слайда:
Expressions set use-expression to the http tag <http use-expressions=“true”/> simplifies boolean logic expressions list: - hasRole - hasAnyRole - permitAll - hasPermission

Скачать

Похожие презентации
Mypresentation.ru
Загрузить презентацию