May 31

Announcing: Spring Security 3: The Book

I write this announcement with a lot of excitement and a great sigh of relief. It was about a year ago when I was approached by Packt Publishing, who was interested in my introduction to Spring Security, and somehow got the idea that I could write. :) They recognized that there was no published book focusing on Spring Security (as I have often noted myself), and wondered if I would be interested in writing a book on the subject. For me, the idea really clicked, and I jumped on the opportunity to write a book about a subject that I had already had some significant exposure to, and a desire to explore further.

Fast-forward one year, and the final 400+ page book is now available on Amazon or from other online sources, as both a printed book and eBook (eBook available from Packt). I’ve put together a web site with more information about the book at www.springsecuritybook.com – there, you’ll find a rough idea of what the book covers, what it is (and isn’t), and where you can buy it or get more information.

This has been an enormously interesting research project for me, and the culmination of hundreds (probably thousands) of hours of night and weekend work, completed in addition to a demanding full-time job and family.

In a quick list of bullet points, we cover:

  • Overall Spring Security architecture, at both a high and low level
  • Implementation of all major Spring Security features, including:
    • JDBC-backed authentication
    • Method security with annotations and pointcuts
    • Session fixation protection
    • Concurrent session control
    • Password hashing
    • Access control lists (ACLs)
  • Integration of Spring Security with external authentication providers, including:
    • OpenID
    • LDAP
    • CAS
    • Client certificates (X.509)
    • Kerberos
    • Microsoft Active Directory
  • Full configuration of Spring Security using explicit Spring Bean declarations
  • Many custom coding samples, including custom servlet filters, custom AuthenticationProviders, exception handlers, and much more.

All of these topics are covered both at a high level (how and why do they work), and a low level (how to configure, how to code, how to implement). It’s a great mix of theory and practice that I hope will be very effective for readers looking to implement Spring Security, or those who are already using it, but might not understand how it works.

I’m very excited to see the book in print, and believe it will have a big impact on the ability of users new to Spring Security to approach the framework with a better understanding of how it works. Additionally, for those users who will be doing sophisticated integrations or customizations based on the framework, there’s enough undocumented material and nuts-and-bolts discussions in the book to make it interesting for you as well.

Since most of my readers are techies, I hope to post interesting quantiative bits that I’ve been tracking along the way as I’ve coded, researched, diagrammed, revised, and all out slogged my way through gobs of code. More to come on this topic!

Please contact me if you have questions, comments, suggestions, or just congratulations :)

Book Info

Title: Spring Security 3

Publisher: Packt Publishing

Publication Date: May 29, 2010

Web Sites:

Pages: 420

ISBN: 978-1847199744

7 Responses to “Announcing: Spring Security 3: The Book”

  1. » 5 Minute Guide to Spring Security – It’s Only Software says:

    […] is targeted both at novices and intermediate to advanced users. I’d encourage you to read my blog post of the announcement, and visit the book’s web site, to determine if you think it will help […]

  2. Greg says:

    Congrats Peter on writing this tome! I know it took a lot of work. I’m glad to finally see a Spring Security book out there. I hope it helps people fill in the blanks.

  3. pmularien says:

    Thank you Greg, congratulations on your recent book as well :)

  4. Marten says:

    Peter, congrats on your book. Haven’t read it but it will surely fill a lot of the blanks people currently have (judging from the forums). Anyways congrats.

  5. Gilson DElrei says:

    Congrats Peter. I live in Brazil and i have acquired the e-book version today. Simply Fantastic!
    That’s what we needed.

  6. Mark V says:

    Congrats on your first book, Peter!

  7. pmularien says:

    Thanks Mark!

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>