-
Notifications
You must be signed in to change notification settings - Fork 8
Spring Security Social
내가 생각하는 중요 SS(spring-security) 의 특징 두가지다.
1.Comprehensive and extensible support for both Authentication and Authorization
인증 : 로그인 기능 권한 : 로그인 한사람이 사용할 수 있는 기능.
2.Protection against attacks like session fixation, clickjacking, cross site request forgery, etc
여러 보안 공격 기법을 막아준다.
다음은 SS 문서에 기술된 세부특징이다.
-
Require authentication to every URL in your application
-
Generate a login form for you
-
Allow the user with the Username user and the Password password to authenticate with form based authentication
-
Allow the user to logout
-
CSRF attack prevention
-
Session Fixation protection
-
Security Header integration
-
HTTP Strict Transport Security for secure requests
-
X-Content-Type-Options integration
-
Cache Control (can be overridden later by your application to allow caching of your static resources)
-
X-XSS-Protection integration
-
X-Frame-Options integration to help prevent Clickjacking
session fixation :
http://okky.kr/article/260408 - 가장 설명이 나은듯 하다.(기초부터)
http://ryanjbaxter.com/2015/01/06/securing-rest-apis-with-spring-boot/ http://blog.geekslife.kr/2014/02/spring-boot-spring-security.html http://justinrodenbostel.com/2014/05/30/part-5-integrating-spring-security-with-spring-boot-web/ http://springmvc.egloos.com/506465
http://www.slideshare.net/meadunhansa/ss-42082771 //팀원이신 아라한사님의 소개 http://adunhansa.tistory.com/192 //아라한사님 블로그^^