Overview
Syllabus
Introduction
Who am I
What is security
Application level security
Layers of defense
Redundancy
Spring Security
Application Security
Getting Started
Authentication Manager
Web Security
Authorization
Default Setup
Default Login Page
Browser Caching
Browser Headers
Content Sniffing
HTTP Strict Transport Security
Clickjacking Attacks
XFrame Options
Reflected CrossSite Scripting
Public Key Pinning
Headers
CSRef Protection
Custom Tokens
State Changing Operations
Session Scope Token
Single Page Applications
CSRF Security
Authorization Requests
Limitations
Ordering Rules
Denial of Access
Gutshots
NetEnabled
Method Security Annotation
PostAuthorize
Custom Functions
Method Level Security
Net Roles Allowed
Accessing Current Users
Custom Authorization
Access Control List
HTTPS Everywhere
Coverage Sessions
Passwords
Conclusion
Defaults
Taught by
GOTO Conferences