Spring Security Core - Beginner to Guru Class by John Thompson
Return to Java Security Bibliography, Spring Security, Java Security, Spring Security in Action
- Spring Security Fundamentals PlayList by Josh Cummings - Java and Kotlin devs looking to secure their applications will inevitably encounter Spring Security. These picks help you understand the fundamentals. - https://learning.oreilly.com/playlists/e1a41950-793d-433a-9100-faba5109f06a
Spring Security Core: Beginner to Guru Learn how to use Spring Security to Secure Your Spring Framework Applications Highest rated Rating: 4.7 out of 5 4.7
(714 ratings)6,850 students Created by , Last updated 8/2022 English English Current price$13.99 Original Price$99.99 Discount86% off 1 day left at this price! 30-Day Money-Back Guarantee Full Lifetime Access What you'll learn How to Secure Applications using Spring Security How to Protect Against Common Web Security Vulnerabilities (OWASP) Use Spring Security to Authenticate Application Users Use Spring Security to Authorize User Actions Password Management Best Practices for Limiting User Access Use Test Driven Development to Test User Access Course content 18 sections • 128 lectures • 13h 14m total length Preview 00:55 Preview 02:45 Getting The Most Out of Your Course! 05:58 Preview 03:17 Slack Group for Spring Security 00:55 Preview 12:20 Preview 04:00 Free 120 Day IntelliJ IDEA Trial! 00:42 Preview 01:38 Application Security 101 16:21 Introducing Spring Security 06:05 OWASP Common Web Vulnerabilities 05:11 Cross Site Scripting - XSS 06:10 Cross Site Forgery 06:01 Spring Security Quiz 11 questions Introduction 01:11 Overview of HTTP Basic Authentication 05:30 SFG Brewery Code Review 10:14 Spring Security Default Basic Auth 07:57 Customizing User Name and Password 02:38 Testing Spring Security with JUnit 5 05:37 Testing HTTP Basic Auth 03:20 Spring Security Filter Chain 05:18 Quiz - HTTP Basic Authentication Quiz 8 questions Introduction 00:55 Permit All with URL Pattern Matching 11:25 Assignment - Permit All for Find Beers 1 question HTTP Method Matching 03:50 Spring MVC Path Matchers 02:25 Java Configuration Quiz 5 questions Introduction 01:06 Spring Security Authentication Process 03:49 User Details Service 05:53 In Memory Authentication Fluent API 03:55 Assignment - Add User 1 question Authentication Quiz 1 question Introduction 01:10 Password Encoding 08:06 MD5 Hash and Password Salt 04:32 NoOp Password Encoder 03:35 LDAP Password Encoder 04:54 SHA-256 Password Encoder 04:39 BCrypt Password Encoder 04:28 Delegating Password Encoder 06:52 Custom Delegating Password Encoder 03:16 Assignment - Add custom Bcrypt Encoder 1 question Introduction 01:19 Custom Authentication Filter Overview 03:38 Delete Beer by ID MockMVC Test 03:14 Custom Authentication Filter 07:39 Spring Security Configuration 05:11 Debugging Spring Security 03:55 Custom Do Filter Method 06:09 Custom Failure Handler 08:53 Assignment - URL Parameter Auth Filter 1 question Introduction 01:33 Database Authentication Overview 03:17 JPA Entities 09:08 Project Lombok Configuration 05:51 Spring Data JPA Repositories 03:46 Assignment - Bootstrap User Data 1 question H2 Database Console Access 05:58 User Details Service 07:44 Spring Security Configuration 08:15 Spring Boot Test Context 04:01 Introduction 01:23 Authorization in Spring Security 09:23 Configuring User Roles 03:19 Verify Role in Filter - Delete 04:52 Assignment - Limit List Breweries to CUSTOMER 1 question Allow Multiple Roles 03:02 Refactor JUnit 5 Tests 09:22 Assignment - Use Multiple Roles 1 question Introduction to Method Security 05:29 Security Expression Based Syntax 04:44 Assignment - Use Method Expression 1 question Introduction 01:24 Overview Database Refactoring 04:00 Updated JPA Configuration 08:54 Defining Roles for Beer Operations 07:01 Assignment - Define Roles for Customer Operations 1 question Update Spring Security for RESTful Beer API 05:04 Assignment - Update Remaining Controllers 1 question Custom Authorization Annotations 06:20 Assignment - Update to Use Custom Auth Annotations 1 question Introduction 01:54 Multitenancy Overview 05:53 Order Controller Code Review 03:43 Define Roles for Beer Orders 03:42 Update JPA User 05:29 User Customer JPA Mapping 02:26 Refactor Bootstrap Data 10:48 TDD - Write Failing Tests 06:55 Custom Authentication Manager 04:26 Secure Read Order 07:20 Assignment Secure Create Order 1 question Assignment Secure Pickup Order 1 question Using Authentication Principle 06:26 Spring Security with Spring Data JPA 12:46 Introduction 00:02 Enable CSRF Protection in Spring Security 04:29 CSRF with Spring MockMVC 02:25 Update Customer Forms with CSRF 09:03 Assignment - Update Add Beer Form with CSRF 1 question Introduction 00:03 Tag Library Overview 05:15 Add Login Form to Index Page 07:08 Add Logout Action 08:02 Assignment - Conditionally Show Login Form 1 question Update Java Configuration for Login Form 06:56 Login and Logout Messages 04:34 Show Elements by User Permission 04:17 Introduction 00:02 Remember Me Overview 09:29 Simple Hash-Based Token Remember Me 07:13 Persistent Token Rememeber Me 11:13 Introduction 00:03 Introduction 00:03 Overview of Spring Security Authentication Events 04:00 Configuration of Spring Security Event Publisher 06:08 Logging of Authentication Success Events 09:08 Assignment Logging of Authentication Failure Events 1 question Persistence of Authentication Success Events 05:14 Assignment - Persistence of Authentication Failure Events 1 question Locking User Account After Failed Attempts 06:33 Account Locked Message 07:15 Automatically Unlocking Accounts After Period of Time 10:02 Introduction 00:02 Two Factor Authentication Overview 08:27 Google Authenticator with Spring Security 05:25 Configure User Entity for 2FA 04:13 Configure 2FA Registration Controller 05:57 Configure Google Secret Persistence 07:05 Generate QR Code for Google Authenticator 08:16 Verify 2FA Opt In 05:19 2FA Verfication UI 05:26 Spring Security 2FA Filter 07:19 Spring Security 2FA Failure Handler 03:49 Exclude Static Resources from Filter 04:12 Java Configuration and 2FA Demo 08:42 2FA Retrospective 04:05 Introduction 00:01 Overview of CORS 09:22 Disable Spring Security for Testing 04:31 Spring MVC CORS Configuration 03:50 Spring MVC CORS Annotation Config 05:10 Spring Security CORS Configuration 03:27 Git and GitHub Basics - Start Here! 00:31 GitHub Workflow 12:20 Requirements Must be comfortable with the Java programming language Knowledgeable with the Spring Framework 5 Experienced with JUnit and Mockito Understand Fundamentals of Web Applications Knowledge of HTTP, Apache Maven, and SQL helpful Description Seems like everyday you can find a news story about a security breach, which can be devastating to companies.
Clearly, security is a very important topic.
The Spring Framework is the most popular Java framework for building cloud scale applications.
Spring Security provides you all the tools you need to secure your Java application.
Application security is much more than allowing access after checking a user name and password. You will learn how to limit what application features a user may or may not see. And also, how to limit what data a user may or may not see.
This course focuses on the core fundamentals of Spring Security.
Central to Spring Security is the process of Authentication. This is the process of establishing a user's identity.
Once a user's identity is established, the process of Authorization is used to allow the user to access specific actions and features of an application.
Spring Security has a very robust toolset for Authentication and Authorization.
Inside this course, you will master both.
You will start the course by learning how to leverage the auto-configuration capabilities of Spring Boot to quickly secure a web application using HTTP Basic Authentication.
Then, you'll be lead through a series of exercises, to replace and customize the default Spring Boot auto-configuration.
Through this process, you will understand the Spring Boot hidden 'magic', and learn how to master the configuration of Spring Security.
You will be working with a typical Spring Boot Web Application. The application mimics a robust monolithic application - with web pages and RESTful endpoints. This allows us to explore the unique security aspects unique to both web applications and RESTFul APIs.
You may notice there is not a dedicated section of the course about Testing Spring Security. This is because testing is done throughout the course.
Test Driven Development (TDD) is widely considered a best practice in software engineering.
As we explore the features of Spring Security, we will follow a TDD approach.
We will first write a failing test using JUnit 5, Mockito, and Spring MockMVC, then complete the lesson objective to get a passing test.
You will see some great examples of testing Spring with JUnit 5. However, it is recommended you have prior experience with JUnit 5.
In this course, you will learn:
HTTP Basic Authentication with Spring Security
Spring Security Java Configuration
Using an In-Memory Authentication Provider
Using Spring Security for Password Management
Best Practices for Password Security
Creating Custom Authentication Filters
Using a database with Spring Data JPA for Authentication
User Roles with Spring Security
User Authorities with Spring Security
Multitenancy Security
Configure Spring Security for CSRF Protection
Create a custom login form
Using Remember Me
How to lock out users after too many failed attempts
How to unlock accounts automatically after a period of time
CORS with Spring Security
Course Extra - IntelliJ IDEA Ultimate
Students enrolling in the course can receive a free 120 day trial license to IntelliJ IDEA Ultimate! Get hands on experience using the Java IDE preferred by Spring Framework professionals!
Course Extra - Access to a Private Slack Community
You're not just enrolling in a course –> You are joining a community learning about Spring Security.
With your enrollment to the course, you can access an exclusive Slack community. Get help from the instructor and other Spring Framework Gurus from around the world - in real time! This community is only available to students enrolled in this course.
With your enrollment, you can join this community of awesome gurus!
Closed Captioning / Subtitles
Closed captioning in English is available for all course videos!
PDF Downloads
All keynote presentations are available for you to download as PDFs.
Lifetime Access
When you purchase this course, you will receive lifetime access! You can login anytime from anywhere to access the course content.
No Risk - Money Back Guarantee
You can buy this course with no risk. If you are unhappy with the course, for any reason, you can get a complete refund. The course has a 30 day Money Back Guarantee.
Enroll today and start learning Spring Security!
Who this course is for: Spring Framework Application Developers
Java Security: Java DevSecOps, java.security (java.security.cert, java.security.interfaces, java.security.spec), Java Vulnerabilities, Java Cybersecurity, DevSecOps - Java Security Automation, Maven Security, Gradle Security, Spring Security (Spring Security in Action), Quarkus Security; Java Security Today, Hello Java Security, Java Managing users, Java Dealing with passwords, Java Implementing authentication, Java Configuring authorization - Java Restricting access, Java Implementing filters, Java CSRF protection, Java CORS, Java separation of responsibilities, Java OAuth 2, Java authorization server, Java resource server, Java JWT, Java cryptographic signatures, Java Global method security - Java Pre-authorization - Java Post-authorizations, Java Global method security - Java Pre-filtering, Java Post-filtering, Java OAuth 2 application, Java Security for reactive apps, Java Security testing; Android Security, Java Windows Security - Java Windows Server Security, Java Linux Security (Java Ubuntu Security, Java Debian Security, Java RHEL Security, Java Fedora Security), Java UNIX Security (Java FreeBSD Security), Java Passwords, Java Linux Passwords, Java Windows Passwords), Java Hacking (Java Ethical Hacking, Java White Hat, Java Black Hat, Java Grey Hat), Java Pentesting (Java Red Team - Java Blue Team - Java Purple Team), Java Mitre Framework, Java Common Vulnerabilities and Exposures (CVE), Java Cybersecurity Bibliography, Java Security Courses, Java Security CI/CD, Java Functional Programming and Security, Cybersecurity and Java Concurrency, Cybersecurity and Java Data Science Cybersecurity and Java Databases, Cybersecurity and Java Machine Learning, Java Cybersecurity Glossary, Awesome Cybersecurity, Java Security GitHub, Java Cybersecurity Topics (navbar_java_security. See also navbar_security, navbar_encryption, navbar_passwords, navbar_pentesting)
Spring: Spring Fundamentals, Spring Inventor - Spring Framework Designer: Rod Johnson in his Spring Book Expert One-on-One J2EE Design and Development on October 1, 2002; Spring Boot, Spring Framework, Spring Projects (Spring Boot, Spring Framework, Spring Data, Spring Security, Spring Cloud, Spring Batch, Spring Integration, Spring Web MVC, Spring REST Docs, Spring AMQP, Spring Kafka, Spring Shell, Spring WebFlux, Spring LDAP, Spring Session, Spring Test, Spring HATEOAS, Spring Web Services, Spring Data JDBC, Spring Data JPA, Spring Data MongoDB, Spring Data Redis, Spring Data Elasticsearch, Spring Data Neo4j, Spring Data Solr, Spring Data Cassandra, Spring Data Gemfire, Spring Data Couchbase, Spring Data DynamoDB, Spring Data R2DBC, Spring Data KeyValue, Spring Data Commons, Spring Cloud Config, Spring Cloud Netflix, Spring Cloud Stream, Spring Cloud Sleuth, Spring Cloud Gateway, Spring Cloud Kubernetes, Spring Cloud Function, Spring Cloud Task, Spring Cloud Contract, Spring Cloud Vault, Spring Cloud Data Flow, Spring Cloud Security, Spring Cloud Bus, Spring Cloud AWS, Spring Cloud GCP, Spring Cloud Azure, Spring Batch Admin, Spring Roo, Spring Statemachine, Spring XD, Spring Mobile, Spring Cloud Connectors, Spring for Android, Spring Shell 2, Spring Boot Admin, Spring PetClinic, Spring Rich Client, Spring LDAP Template, Spring Data Envers, Spring Data REST, Spring Dynamic Modules, Spring BlazeDS Integration, Spring for Apache Hadoop, Spring Web Flow, Spring Android, Spring Python, Spring LDAP Authentication, Spring LDAP Pooling, Spring LDAP Auth Provider, Spring Security ACL, Spring Social, Spring Security CAS, Spring Security Kerberos, Spring Web Services Security, Spring Vault, Spring Batch Extensions, Spring Cloud Services, Spring Data Geode, Spring Data ArangoDB, Spring Data Delta Spike, Spring Data JDBC Extensions, Spring Data for Apache Cassandra, Spring Data for Apache Geode, Spring Data for Apache Solr, Spring Data for Apache HBase, Spring Data for Apache Kafka, Spring Data for Apache Ignite, Spring Data for Apache CouchDB, Spring Data for Apache Accumulo, Spring Data for Apache MongoDB, Spring Data for Apache Cassandra Reactive, Spring Data for Apache Solr Reactive, Spring Data for Apache Geode Reactive, Spring Data for Apache Hadoop Reactive, Spring Data for Apache Couchbase Reactive
Spring Boot Deployment, Spring Boot Configuration, Spring Boot Installation, Spring Boot Containerization - Cloud Native Spring, Spring Microservices, Spring DevOps, Spring Security - Spring DevSecOps (Spring Security in Action and Spring Security Core - Beginner to Guru Class by John Thompson), Spring Bibliography, Manning Spring Series, Spring Boot Topics, Awesome Spring, Spring GitHub. (navbar_spring - navbar_spring_detailed)
© 1994 - 2024 Cloud Monk Losang Jinpa or Fair Use. Disclaimers
SYI LU SENG E MU CHYWE YE. NAN. WEI LA YE. WEI LA YE. SA WA HE.