Defence in depth implementation

Source code samples for "Defence in Depth" articles and presentations.

This is an accompanying implementation of a secure REST API in Java 17 with Maven and Spring Security that follows the series of articles found at:

An article that covers these concepts exactly can be found at:

The approach follows that of the book "Secure by Design":

The repo also contains a docker-compose setup of KeyCloak, a token service for demo and education purposes:

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
1-request-validation		1-request-validation
2-token-validation		2-token-validation
3-token-transformation		3-token-transformation
4-input-data-validation		4-input-data-validation
5-operation-validation		5-operation-validation
6-data-access-validation		6-data-access-validation
7-secure-by-design		7-secure-by-design
8-secrets		8-secrets
9-complete-with-all-defence-layers		9-complete-with-all-defence-layers
token-service		token-service
.gitignore		.gitignore
API.http		API.http
README.md		README.md
pom.xml		pom.xml

Provide feedback