Spring: Spring Security (2018)

Learn how to secure your apps and services with Spring Security and extensions such as LDAP, Active Directory, OAuth, and WebFlux.

Introduction

• Welcome
• What you need to know
• Working with exercise files

1. Spring Security Concepts

• Introduction to Spring Security
• Authentication vs. authorization
• Spring Security projects

2. Securing Web Applications with Spring

• Implementing basic authentication
• In-memory authentication
• JDBC authentication
• Leveraging bcrypt for hashing
• Authorization
• Form-based authentication
• The login page
• The logout page
• Putting it all together

3. LDAP Authentication

• LDAP for authentication
• Configuring a sample LDAP server
• Implementing LDAP for authentication
• Spring LDAP outside of authentication
• AD vs. LDAP for authentication

4. Leveraging OAuth 2 with Spring Security

• OAuth 2
• Spring and OAuth 2
• Creating an OAuth authorization service
• Creating an OAuth resource service
• Client-side implementations of OAuth 2
• OAuth 2 with third parties

5. WebFlux Security

• Introduction to WebFlux security
• WebFlux basic security

Conclusion

• Next steps