YoVDO

Spring Security - Full Course

Offered By: Amigoscode via YouTube

Tags

Spring Framework Courses Java Courses Access Control Courses Spring Security Courses

Course Description

Overview

Dive deep into Spring Security with this comprehensive 5-hour course. Master authentication and authorization in Java applications, covering topics from basic setup to advanced concepts. Learn to implement form-based and basic authentication, configure roles and permissions, handle CSRF protection, create custom login pages, and integrate JSON Web Tokens (JWT). Explore in-memory and database user management, password encoding, and custom filters. Gain hands-on experience through practical examples and step-by-step guidance, equipping you with the skills to secure Spring-based applications effectively. Suitable for developers with basic Java and Spring Boot knowledge looking to enhance their security implementation expertise.

Syllabus

INTRO.
QUICK WORD BEFORE WE BEGIN.
BOOTSTRAPPING.
RUNNING APP WITH INTELLIJ.
- LETS BUILD AN API.
- INSTALLING SPRING SECURITY.
- FORM BASED AUTHENTICATION OVERVIEW.
- BASIC AUTH OVERVIEW.
- BASIC AUTH.
- POSTMAN.
- ANT MATCHERS.
- APPLICATION USERS.
- IN MEMORY USER DETAILS MANAGER.
- PASSWORD ENCODING WITH BCRYPT.
- ROLES AND PERMISSIONS.
- ADMIN USER.
- ROLES & PERMISSIONS USING ENUMS.
- ROLE BASED AUTHENTICATION.
- PERMISSION BASED AUTHENTICATION.
- DISABLING CSRF.
- hasAuthority().
- ADDING AUTHORITIES TO USERS.
- PERMISSION BASED AUTHENTICATION IN ACTION.
- ORDER DOES MATTER.
- preAuthorize().
- UNDERSTANDING CSRF.
- CSRF TOKEN.
- HOW CSRF TOKEN GENERATION WORKS.
- LETS DISABLE CSRF AGAIN.
- FORM BASED AUTHENTICATION.
- ENABLE FORM BASED AUTHENTICATION.
- SESSION ID.
- CUSTOM LOGIN PAGE.
- REDIRECT AFTER SUCCESS LOGIN.
- REMEMBER ME.
- REMEMBER ME COOKIE AND EXTRA OPTIONS.
- LOGOUT .
- LOGOUT BUTTON.
- PASSWORD, USERNAME, REMEMBER-ME PARAMETERS.
- DB AUTHENTICATION OVERVIEW.
- APPLICATION USER CLASS.
- APPLICATION USER SERVICE.
- APPLICATION USER CLASS.
- APPLICATION USER DAO INTERFACE.
- FAKE APPLICATION USER SERVICE.
- DAO AUTHENTICATION PROVIDER.
- HELLO.
- INTRO TO JSON WEB TOKEN (JWT).
- JWT LIBRARY.
- JwtUsernameAndPasswordAuthenticationFilter - attemptAuthentication().
- JwtUsernameAndPasswordAuthenticationFilter - successfulAuthentication.
- REQUEST FILTERS.
- FILTERS AND STATELESS SESSIONS .
- JWT USERNAME AND PASSWORD FILTER.
- JWT TOKEN VERIFIER FILTER.
- JWT TOKEN VERIFIER FILTER IN ACTION.
- JWT CONFIG.
- JWT CONFIG IN ACTION.
- QUICK WORD ABOUT JWT.


Taught by

Amigoscode

Related Courses

Spring Framework Certification Training
Edureka Extending, Securing, and Dockerizing Spring Boot Microservices
LinkedIn Learning Spring: Spring Security
LinkedIn Learning Architecting Web Applications with Spring
Pluralsight Effective Oauth2 with Spring Security and Spring Boot
Pluralsight