Vaadin Flow is a server-side framework, where all the application state, business model, and UI logic reside on the server. A Flow application never exposes its internals to the browser, where vulnerabilities could be abused by an attacker. This makes the development model inherently secure. Nevertheless, best practices should be followed and common vulnerabilities should be avoided to ensure security.
- Enabling Security
- Learn how to enable and configure security in a Vaadin Flow application using the built-in security helpers with Spring Boot.
- Advanced Security Topics