posted 13 years ago
Hello Chase,
Well, you'll be happy to know that we cover all of these questions in the book, with the exception of the more detailed question about LDAPv3/TLS. We actually hit on Active Directory in two chapters, first in the end of the LDAP chapter, where we connect to MSAD via LDAP, and second in our chapter entirely devoted to the Spring Security Kerberos Extension, where we use AD's Kerberos compliance to wire Spring Security 3 to it as a Kerberos provider. I think this covers both of your scenarios, although keep in mind that even today, the Spring Security Kerberos Extension is not finalized (the book covers up to 1.0M2, which is the current official release).
Although I can't promise you'll be rich if you buy this book, in terms of coverage of high level concepts such as authentication and authorization, you'll be very pleased - this was one area that I have seen newcomers to Spring Security struggle with a lot, and as such, I wanted to make sure that readers had both a practical understanding (through an example-driven approach) as well as a conceptual understanding (required for long-term success) of all the topics that we covered. I think we've done a great job in both these areas, and I do hope you end up finding the book helpful for all of these reasons.
Best,
Peter
Author, Spring Security 3 (the Book), Packt Publishing, 2010
SCJP, OCP