Oreilly - Hands-On Spring Security 5.x
by Tomasz Lelek | Released January 2019 | ISBN: 9781789802931
Make your Spring app 100% Safe with Spring SecurityAbout This VideoUse Spring Security to secure your Spring serviceUnderstand OAuth2 flow and integration with the Spring applicationMake your app secure by preventing CORS and CSRF attacksIn DetailSecuring your application from hackers is the most high-pressure concerns for developers. In this course, you'll learn how to protect your Java application from malicious attacks and users with the Spring Security framework.You'll integrate Spring Security into your application using the Spring frameworks through practical, hands-on examples. You'll see how to secure your web application, integrate authentication and authorization mechanisms, and restrict access to your application. You'll discover how to integrate it with popular frameworks such as Spring Web MVC, Spring-Boot, Spring-Data, Servlet API injection, and more.We'll cover the security challenges with Reactive web apps built for the cloud, RESTful web services, and microservice architectures with the Spring framework. You'll also implement techniques for protection against attacks such as session fixation, clickjacking, cross-site request forgery, and more.By the end of the course, you'll understand common security vulnerabilities and be able to prevent them with Spring Security, with an empirical approach to securing your web applications.The code bundle for this course is available at https://github.com/PacktPublishing/Hands-on-Spring-Security-5.1.1Downloading the example code for this course: You can download the example code files for all Packt video courses you have purchased from your account at http://www.PacktPub.com. If you purchased this course elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you. Show and hide more
- Chapter 1 : Starting Application Guarded by Spring Security
- The Course Overview 00:01:54
- Creating Spring Boot App 00:03:59
- Adding Support of Spring Security 00:03:15
- Configuring Spring Security for Rest Endpoints 00:04:10
- Configuring Spring Security for Static Resources 00:02:54
- Chapter 2 : Create Custom Authentication and Integrate It with Spring MVC
- Create MVC Flow for Your Application 00:04:19
- Integrating with MVC Flow 00:03:53
- Testing 00:02:40
- Creating CustomAuthenticationProvider 00:03:50
- Configuring Spring to Use Custom Authentication Mechanism 00:02:42
- Chapter 3 : Using OAuth 2 with Spring Boot Microservice
- OAuth 2 Explanation 00:04:33
- Configuring OAuth 2 with Spring 00:02:50
- Exploring OAuth 2 Spring Application Workflow 00:03:46
- Testing Application Secured by OAuth 2 00:02:10
- Chapter 4 : Custom Authorization with Servlet API and Reactive API
- Understanding Difference between Authentication and Authorization 00:03:05
- Defining Access Roles in Our Application 00:03:46
- Guarding Access with Annotations for Reactive API 00:03:09
- Guarding Access Programmatically for Servlet API 00:02:44
- Testing 00:03:20
- Chapter 5 : Preventing Common Attacks with Spring Security
- CORS and How to Prevent It 00:04:49
- CSRF and How to Prevent It 00:02:23
- Implement Custom CSRF Token Repository 00:04:29
- Testing Our Application to Assert That It Is Secure 00:02:09
Show and hide more