Spring Security -- 首页

Spring Security

Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications.　　

Spring Security 是一个功能强大且高度可定制的身份验证和访问控制框架。它是保护基于 Spring 的应用程序的事实标准。

Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements.

Spring Security 是一个专注于为 Java 应用程序提供身份验证和授权的框架。与所有 Spring 项目一样，Spring Security 的真正强大之处在于它可以轻松地扩展以满足自定义要求

Features

• Comprehensive and extensible support for both Authentication and Authorization     (对身份验证和授权的全面和可扩展支持)

• Protection against attacks like session fixation, clickjacking, cross site request forgery, etc    (防止会话固定、点击劫持、跨站点请求伪造等攻击)

• Servlet API integration    (Servlet API 集成)

• Optional integration with Spring Web MVC    (可选与 Spring Web MVC 集成)

• Much more…

Resources

• Getting Help

• Getting Spring Security

• Getting Started

  • Getting Started (Servlet)

  • Getting Started (WebFlux)

• Contributing