Dive deep into Spring Security with this comprehensive 5-hour course. Master authentication and authorization in Java applications, covering topics from basic setup to advanced concepts. Learn to implement form-based and basic authentication, configure roles and permissions, handle CSRF protection, create custom login pages, and integrate JSON Web Tokens (JWT). Explore in-memory and database user management, password encoding, and custom filters. Gain hands-on experience through practical examples and step-by-step guidance, equipping you with the skills to secure Spring-based applications effectively. Suitable for developers with basic Java and Spring Boot knowledge looking to enhance their security implementation expertise.
Overview
Syllabus
INTRO.
QUICK WORD BEFORE WE BEGIN.
BOOTSTRAPPING.
RUNNING APP WITH INTELLIJ.
- LETS BUILD AN API.
- INSTALLING SPRING SECURITY.
- FORM BASED AUTHENTICATION OVERVIEW.
- BASIC AUTH OVERVIEW.
- BASIC AUTH.
- POSTMAN.
- ANT MATCHERS.
- APPLICATION USERS.
- IN MEMORY USER DETAILS MANAGER.
- PASSWORD ENCODING WITH BCRYPT.
- ROLES AND PERMISSIONS.
- ADMIN USER.
- ROLES & PERMISSIONS USING ENUMS.
- ROLE BASED AUTHENTICATION.
- PERMISSION BASED AUTHENTICATION.
- DISABLING CSRF.
- hasAuthority().
- ADDING AUTHORITIES TO USERS.
- PERMISSION BASED AUTHENTICATION IN ACTION.
- ORDER DOES MATTER.
- preAuthorize().
- UNDERSTANDING CSRF.
- CSRF TOKEN.
- HOW CSRF TOKEN GENERATION WORKS.
- LETS DISABLE CSRF AGAIN.
- FORM BASED AUTHENTICATION.
- ENABLE FORM BASED AUTHENTICATION.
- SESSION ID.
- CUSTOM LOGIN PAGE.
- REDIRECT AFTER SUCCESS LOGIN.
- REMEMBER ME.
- REMEMBER ME COOKIE AND EXTRA OPTIONS.
- LOGOUT .
- LOGOUT BUTTON.
- PASSWORD, USERNAME, REMEMBER-ME PARAMETERS.
- DB AUTHENTICATION OVERVIEW.
- APPLICATION USER CLASS.
- APPLICATION USER SERVICE.
- APPLICATION USER CLASS.
- APPLICATION USER DAO INTERFACE.
- FAKE APPLICATION USER SERVICE.
- DAO AUTHENTICATION PROVIDER.
- HELLO.
- INTRO TO JSON WEB TOKEN (JWT).
- JWT LIBRARY.
- JwtUsernameAndPasswordAuthenticationFilter - attemptAuthentication().
- JwtUsernameAndPasswordAuthenticationFilter - successfulAuthentication.
- REQUEST FILTERS.
- FILTERS AND STATELESS SESSIONS .
- JWT USERNAME AND PASSWORD FILTER.
- JWT TOKEN VERIFIER FILTER.
- JWT TOKEN VERIFIER FILTER IN ACTION.
- JWT CONFIG.
- JWT CONFIG IN ACTION.
- QUICK WORD ABOUT JWT.
Taught by
Amigoscode
Related Courses
-
Spring Boot and Angular Tutorial - Build a Reddit Clone (Coding Project)
-
Symfony Security: Beautiful Authentication, Powerful Authorization
-
Spring Security 6 Zero to Master along with JWT,OAUTH2
-
Symfony 5 Security: Authenticators
-
JSON Web Token (JWT) with Spring Security And Angular
-
PHP User Authentication Course (How To)
Related articles
Reviews
4.0 rating, based on 1 Class Central review
-
Very helpful course if you are new to Spring Security. You will learn different ways of securing your Spring Boot App using Basic Auth, Form Based Auth, and JWT.
The only thing missing is connecting it all to a real database. But once you finish the course, that shouldn't be too difficult.
