Spring Security Registration Tutorial

Building a full-fledged, production-ready registration for your web application is oh so much more than just putting together a simple registration page.

There are a lot of questions that need to be answered:

• How do I verify the email addresses of new users?
• How do I properly and safely store user credentials?
• What if a user forgets their password?
• What about users changing their own password?
• How strong should passwords be? How can I enforce some sensible defaults in the app so that my users have good, strong passwords?
• What if I have more than one type of user? I need a good way to store roles and privileges.
• What about security questions? Should I even have them?
• How do I do all of this with good localization support? There are a lot of messages involved.