Due to the nature of the internet, applications are publicly served and are being accessed by a large number of users; therefore, security requirements are vital and they need to be implemented in the very early stages of the project development process – these practices should also be followed in a microservices ecosystem. In this chapter, we will show you how to secure your Microservices, by demonstrating with both Java-EE- and Spring-based implementations.
We will cover the following topics in this chapter:
- Securing Microservices with JSON Web Token (JWT)
- Java Security API – JSR 375
- Spring Security with Spring-Boot-based Microservices
- HTTPS – the secured protocol