In this chapter, we will secure our microservice-based social media platform. This will introduce some interesting use cases, ones that Spring Security can easily handle. However, it's important to know that almost every situation is slightly different. Spring Security can handle them, but it requires understanding how it operates so that you can adapt what you learn in this chapter to our unique situation.

To kick things off, we just need one dependency added to our project:

      compile('org.springframework.boot:spring-boot-starter-security-
       reactive')

In addition to adding Spring Security, we will need to define a policy, and also include authorization rules. As we move through this chapter, you'll learn what all this means.

By the way, remember the microservice-based solution we've developed in the previous chapters? What is the side effect of splitting our app into multiple services? We have to secure each and every one. This means, we have to add these dependencies to each module. Yikes! Can you imagine logging in to the user interface (UI), clicking on a link, and logging in again?

Yech!