Security is an essential part of any system. How effective it is depends on various aspects, like simplicity, feature richness, ease of integration with other systems, flexibility, robustness, and so on. This whole chapter was based on Spring Security. It is a fully-fledged framework that's used to secure J2EE-based applications. 

In this chapter, we explored Spring Security more closely, especially how it can be integrated with LDAP and OAuth. We started with the basics of LDAP, including its data structure and setup; we created the structure in Apache DS, which is an LDAP server. Then, we explored the required configurations with Spring Security, to integrate it with LDAP. 

Along with authentication with LDAP, we explored how to manage users in LDAP from a Spring application. We used the Spring Data framework to achieve this. Next, we created a structure for the role (authority) in LDAP. In the same sequence, we fetched the role details and implemented authorization in Spring Security with LDAP.

Later in the chapter, we started to cover another mechanism, called OAuth. It is an open standard for token-based authorization. We began with the basics of OAuth roles, then explored details about various grant types; you also learned which grant should be used when. Going further, we started on Spring Security integration with OAuth. We used Google to implement the authorization code flow with Spring Security.

With the default OAuth implementation, Spring Security shows the autogenerated login page. We showed how to implement a custom login page in OAuth. Up to that point, you had only seen the two different mechanisms, LDAP and OAuth, independently. We integrated both of them together, creating dual authentication. 

We then implemented OAuth with the authorization code flow. Next, we showed how to implement the implicit flow with custom authorization and the resource server. We performed a set of configurations for both the authorization and resource server, and we successfully implemented an implicit flow. Towards the end, we applied method-level authorization in Spring Security.

In next chapter, we will explore another tool, called JHipster. It is an open source application generator framework that's mainly used to develop web applications and microservices with responsive web fronts (Angular or React) and the Spring framework as a backend.