Last updated 9/2019MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHzLanguage: English | Size: 707.46 MB | Duration: 1h 17m

A hands-on guide to secure and prevent your web apps and RESTful services from being hacked using Spring Security 5.1.1

What you'll learn

Get to know Spring Security and its concepts

Explore Spring Security Advanced configuration tips

Distinguish between Authorization and Authentication

Implement a custom Authentication mechanism

Integrate OAuth2 mechanism with your application to make it more secure

Define roles with Spring Security Authorization

Prevent common attacks such as CORS and CSRF with proper spring-security configuration

Requirements

No previous experience with Spring Security is assumed.

Description

Securing your application from hackers is the most high-pressure concerns for developers. In this course, you’ll learn how to protect your Java application from malicious attacks and users with the Spring Security framework.You’ll integrate Spring Security into your application using the Spring frameworks through practical, hands-on examples. You’ll see how to secure your web application, integrate authentication and authorization mechanisms, and restrict access to your application. You’ll discover how to integrate it with popular frameworks such as Spring Web MVC, Spring-Boot, Spring-Data, Servlet API injection, and more.We’ll cover the security challenges with Reactive web apps built for the cloud, RESTful web services, and microservice architectures with the Spring framework. You’ll also implement techniques for protection against attacks such as session fixation, clickjacking, cross-site request forgery, and more.By the end of the course, you’ll understand common security vulnerabilities and be able to prevent them with Spring Security, with an empirical approach to securing your web applications.About the AuthorTomasz Lelek is a Software Eeer who programs mostly in Java and Scala. He has worked with Spring Applications and Microservices for the past 5 years. He is passionate about nearly everything associated with software development and believes we should always try to consider different solutions and approaches before solving a problem.Recently, he was a speaker at conferences in Poland: Confitura and JDD (Java Developers Day), and at Krakow’s Scala User Group. He has also conducted a live coding session at Geecon Conference. He is a co-founder of initlearn, an e-learning platform that was built with the Spring Framework and Java Language. He has also written articles about everything related to the Java and Spring world

Overview

Section 1: Starting Application Guarded by Spring Security

Lecture 1 The Course Overview

Lecture 2 Creating Spring Boot App

Lecture 3 Adding Support of Spring Security

Lecture 4 Configuring Spring Security for Rest Endpoints

Lecture 5 Configuring Spring Security for Static Resources

Section 2: Create Custom Authentication and Integrate It with Spring MVC

Lecture 6 Create MVC Flow for Your Application

Lecture 7 Integrating with MVC Flow

Lecture 8 Testing

Lecture 9 Creating CustomAuthenticationProvider

Lecture 10 Configuring Spring to Use Custom Authentication Mechanism

Section 3: Using OAuth 2 with Spring Boot Microservice

Lecture 11 OAuth 2 Explanation

Lecture 12 Configuring OAuth 2 with Spring

Lecture 13 Exploring OAuth 2 Spring Application Workflow

Lecture 14 Testing Application Secured by OAuth 2

Section 4: Custom Authorization with Servlet API and Reactive API

Lecture 15 Understanding Difference between Authentication and Authorization

Lecture 16 Defining Access Roles in Our Application

Lecture 17 Guarding Access with Annotations for Reactive API

Lecture 18 Guarding Access Programmatically for Servlet API

Lecture 19 Testing

Section 5: Preventing Common Attacks with Spring Security

Lecture 20 CORS and How to Prevent It

Lecture 21 CSRF and How to Prevent It

Lecture 22 Implement Custom CSRF Token Repository

Lecture 23 Testing Our Application to Assert That It Is Secure

This course is for Java and Kotlin developers who can build applications using Java and Spring Framework and now want to secure their applications.

HomePage: