Spring Mvc and Security Insights
3.4 (44 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
240 students enrolled

Spring Mvc and Security Insights

Create Spring security web application via Spring boot using Oauth2, and OpenConnect Id
3.4 (44 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
240 students enrolled
Created by Inam Khan
Last updated 1/2019
English
Current price: $129.99 Original price: $199.99 Discount: 35% off
2 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 7 hours on-demand video
  • 49 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Develop a web application using Spring MVC, Spring security, and OAut2
  • Configurations to register and initialise the DispatcherServlet
  • How controller component Intercepts incoming requests
  • How view resolvers allow us to render models in a browser without tying us to a specific view technology
  • How to populate a model to display the information in the view
  • How to bind a servlet request parameter to a specific method argument using request param
  • How to bind a method parameter to a URI template variable
  • How to specify the config location for the web context
  • How to configure multiple web application context inside the web application
  • How to configure root context inside the web application
  • How to implement the basic security with a default login form
  • Explore authentication provider, and authentication manager
  • How to use the BCrypt encoder for hashing of password
  • How to implement the security inside a customise login page
  • How to enable the CSRF inside the project
  • Explore authenticate and authorize tag, and how to display contents based on the assigned authorities
  • How to configure the ServletContext programatically instead of configuring it via web xml
  • How to use java configuration to initialise and load the security application context instead of loading it from xml configuration file
  • How to integrate our application with DaoAuthenticationProvider to use user names, and roles configured in database
  • How to migrate our application to spring boot
  • How to customise our application to use OAuth2 for authorisation mechanism
  • How to configure our application to use google as the authentication provider with the default oAuth2Login form
  • How to configure our application to use github as the authentication provider with the default oAuth2Login form
  • How to customise login page for the authentication providers
  • How to use UserInfo endpoint to access the claims of the authenticated end-user
  • Explore standard OAuth 2.0 Provider’s implementation of OAuth2UserService for GitHub Authentication provider
  • Explore the implementation of OAuth2UserService with OpenIDConnect for Google authentication provider
  • How to map the authorities of the user for the provider having standard OAuth2 implementation
  • How to map the authorities of the user for the provider having Open id connect implementation
Requirements
  • Basic knowledge of Java programming language
  • Basic knowledge of the Spring Framework
  • Basic understanding of development, and deployment of web applications
  • Basic understanding of Maven
Description

Basically the course is divided into 2 major sections

  • Web part

  • Security part.

We are going to start off by making a basic spring mvc web application, and will learn how to apply security to different parts of the application.Then we are going to add on the more advanced features inside application i.e. configuration of multiple web application context inside application plus implementation of DAO authentication provider inside our application, and than we are going to explore how to integrate and implement OAuth2 features inside our application

It's a super hands on course.

My goal at this course is to get you through the entire process of configuring and implementing security inside a spring project

  • Web

In the web section of this course, we are going to start off with most basic configurations of the DispatcherServlet then we are going to create our first controller, and will look into functionalities that how controller component Intercepts incoming requests plus how it sends the data to Model for further processing then we are going to explore request param, and pathvariable annotations plus we are also going to explore how to configure multiple web application context, and root context. We are going to do all these steps both via xml configurations and java configurations

  • Security - Basics

In Security-Basics section of this course, we are going to explore how to implement the basic security with a default login form. Later in the section, we are going to explore authentication provider, authentication managers, and we are going to use them inside our project. We are also going to create our own customize login form then we are going to use authenticate and authorize tag inside our application to implement how to display contents based on the assigned authorities

  • Java Configurations

In Java configurations section of this course, we are going to explore, how to configure the ServletContext programmatically instead of configuring it via web.xml. Later in the section, We are going to integrate our application with DaoAuthenticationProvider to use user names, and roles configured in database tables

  • Spring boot

In Spring boot section of this course, we are going to migrate our application to spring boot

  • Spring OAuth2

In Spring OAuth2 section of this course,  we are going to explore OAuth2 plus we are also going to explore how to customize application to use OAuth2 for authorization mechanism, and we are going to use Google and GitHub as the authentication provider. We are going to start off by configuring our application to use google and github as the authentication Provider’s with the default oAuth2Login form. Later we are going to customize login page for the authentication providers then we are going to explore how to use UserInfo endpoint to access the claims of the authenticated end-user plus we are also going to explore explore standard OAuth 2.0 Provider’s implementation of OAuth2UserService plus the implementation of OAuth2UserService with OpenIDConnect ,and lastly, we are going to explore how to map the authorities of the user for the provider having standard OAuth2 implementation, and Open id connect implementation

Who this course is for:
  • Java Developers who want to explore Spring MVC, Spring security, Spring boot and Spring OAuth2
  • Web Developers who want to explore Spring MVC, Spring security, Spring boot and Spring OAuth2
  • Any one with Java background who wants to learn the insights of Spring MC, and Spring Security
Course content
Expand all 48 lectures 07:12:28
+ Configuration & Installation
2 lectures 11:20
Install and configure Tomcat
06:22
Install and configure MySQL
04:58
+ Web
14 lectures 02:04:06
View Resolvers
06:46
Model
05:14
RequestParam
04:41
PathVariable
02:39
ContextConfigLocation
03:30
Remove RootContext.xml
03:52
Testing Application via Unit
14:29
+ Security - Basics
11 lectures 01:46:56
Enable CSRF
11:01
Customize login form field names
03:55
How to disable and lock a user
03:29
Move index.jsp to views folder
06:01
Authorize tag
08:55
Authenticate tag
09:39
+ Java Configuration
5 lectures 01:16:30
Load servlet context programatically
12:37
Load web application context via java configuration
09:20
Load security context via java configuration
17:02
Configure database connection and create repository class to access database
24:01
Integration with DAO Authentication Provider
13:30
+ Spring Boot
3 lectures 23:15
Spring Boot template project
05:46
Configure Jsp support inside Spring Boot
04:47
Migrate project to Spring Boot
12:42
+ Spring OAuth2
11 lectures 01:20:11
Configure GitHub account
04:30
Register application inside google developer's account
05:30
Configure Google as the authentication provider with default OAuth2 Login form
11:45
Configure Github as the authentication provider with default OAuth2 Login form
04:48
OAuth2 customize login page for the authentication providers
11:28
Configure authorities by email
07:53
Implement UserInfo endpoint to access claims for standard OAuth2 implementation
06:51
Implement UserInfo endpoint to access claims for OpenId OAuth2 implementation
04:35
Map authorities to the user for Standard OAuth2 implementation
10:51
Map authorities to the user for OpenId connect implementation
04:24
Mapping username in Standard OAuth2 and OpenId Connect user
07:36