What you'll learn:
- How to Secure Applications using Spring Security
- How to Protect Against Common Web Security Vulnerabilities (OWASP)
- Use Spring Security to Authenticate Application Users
- Use Spring Security to Authorize User Actions
- Password Management
- Best Practices for Limiting User Access
- Use Test Driven Development to Test User Access
Seems like everyday you can find a news story about a security breach, which can be devastating to companies.
Clearly, security is a very important topic.
The Spring Framework is the most popular Java framework for building cloud scale applications.
Spring Security provides you all the tools you need to secure your Java application.
Application security is much more than allowing access after checking a user name and password. You will learn how to limit what application features a user may or may not see. And also, how to limit what data a user may or may not see.
This course focuses on the core fundamentals of Spring Security.
Central to Spring Security is the process of Authentication. This is the process of establishing a user's identity.
Once a user's identity is established, the process of Authorization is used to allow the user to access specific actions and features of an application.
Spring Security has a very robust toolset for Authentication and Authorization.
Inside this course, you will master both.
You will start the course by learning how to leverage the auto-configuration capabilities of Spring Boot to quickly secure a web application using HTTPBasic Authentication.
Then, you'll be lead through a series of exercises, to replace and customize the default Spring Boot auto-configuration.
Through this process, you will understand the Spring Boot hidden 'magic', and learn how to master the configuration of Spring Security.
You will be working with a typical Spring Boot Web Application. The application mimics a robust monolithic application - with web pages and RESTful endpoints. This allows us to explore the unique security aspects unique to both web applications and RESTFul APIs.
You may notice there is not a dedicated section of the course about Testing Spring Security. This is because testing is done throughout the course.
Test Driven Development (TDD) is widely considered a best practice in software engineering.
As we explore the features of Spring Security, we will follow a TDDapproach.
We will first write a failing test using JUnit 5, Mockito, and Spring MockMVC, then complete the lesson objective to get a passing test.
You will see some great examples of testing Spring with JUnit 5. However, it is recommended you have prior experience with JUnit 5.
In this course, you will learn:
HTTPBasic Authentication with Spring Security
Spring Security Java Configuration
Using an In-Memory Authentication Provider
Using Spring Security for Password Management
Best Practices for Password Security
Creating Custom Authentication Filters
Using a database with Spring Data JPAfor Authentication
User Roles with Spring Security
User Authorities with Spring Security
Multitenancy Security
Configure Spring Security for CSRF Protection
Create a custom login form
Using Remember Me
How to lock out users after too many failed attempts
How to unlock accounts automatically after a period of time
CORSwith Spring Security
Course Extra - IntelliJ IDEA Ultimate
Students enrolling in the course can receive a free 120 day trial license to IntelliJIDEAUltimate! Get hands on experience usingthe Java IDEpreferred by Spring Framework professionals!
Course Extra - Access to a Private Slack Community
You're not just enrolling in a course --> You are joining a community learning about Spring Security.
With your enrollment to the course, you can access an exclusive Slack community. Get help from the instructor and other Spring Framework Gurus from around the world - in real time! This community is only available to students enrolled in this course.
With your enrollment, you can join this community of awesome gurus!
Closed Captioning / Subtitles
Closed captioning in Englishis available for all course videos!
PDFDownloads
All keynote presentations are available for you to download as PDFs.
Lifetime Access
When you purchase this course, you will receive lifetime access! You can login anytime from anywhere to access the course content.
No Risk - Money Back Guarantee
You can buy this course with no risk. If you are unhappy with the course, for any reason, you can get a complete refund. The course has a 30 day Money Back Guarantee.
Enroll today and start learning Spring Security!