The {spring-site-projects}/spring-security[Spring Security] project provides support for protecting web applications from malicious exploits. See the Spring Security reference documentation, including:
-
{docs-spring-security}/servlet/integrations/mvc.html[Spring MVC Security]
-
{docs-spring-security}/servlet/test/mockmvc/setup.html[Spring MVC Test Support]
-
{docs-spring-security}/features/exploits/csrf.html#csrf-protection[CSRF protection]
-
{docs-spring-security}/features/exploits/headers.html[Security Response Headers]
HDIV is another web security framework that integrates with Spring MVC.