Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ AWS Certified Developer - Associate
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Figure Drawing
Life Coach Training Neuro-Linguistic Programming Personal Development Mindfulness Life Purpose Meditation Personal Transformation Neuroscience Emotional Intelligence
Web Development JavaScript React CSS Angular PHP WordPress Node.Js Python
Google Flutter Android Development iOS Development Swift React Native Dart Programming Language Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Google Ads (AdWords) Certification Marketing Strategy Internet Marketing YouTube Marketing Email Marketing Retargeting
SQL Microsoft Power BI Tableau Business Analysis Business Intelligence MySQL Data Analysis Data Modeling Big Data
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Online Business Business Plan Startup Freelancing Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee
Development Web Development Spring Security

Spring Security Core: Beginner to Guru

Learn how to use Spring Security to Secure Your Spring Framework Applications
Rating: 4.5 out of 54.5 (322 ratings)
3,646 students
Created by John Thompson
Last updated 11/2020
English
English
30-Day Money-Back Guarantee

What you'll learn

  • How to Secure Applications using Spring Security
  • How to Protect Against Common Web Security Vulnerabilities (OWASP)
  • Use Spring Security to Authenticate Application Users
  • Use Spring Security to Authorize User Actions
  • Password Management
  • Best Practices for Limiting User Access
  • Use Test Driven Development to Test User Access

Course content

18 sections • 127 lectures • 13h 1m total length

  • Preview00:55
  • Preview02:45
  • Getting The Most Out of Your Course!
    05:58
  • Preview03:17
  • Slack Group for Spring Security
    00:55
  • Preview12:20
  • Preview04:00
  • Free 120 Day IntelliJ IDEA Trial!
    00:41

  • Preview01:38
  • Application Security 101
    16:21
  • Introducing Spring Security
    06:05
  • OWASP Common Web Vulnerabilities
    05:11
  • Cross Site Scripting - XSS
    06:10
  • Cross Site Forgery
    06:01
  • Spring Security Quiz
    11 questions

  • Introduction
    01:11
  • Overview of HTTP Basic Authentication
    05:30
  • SFG Brewery Code Review
    10:14
  • Spring Security Default Basic Auth
    07:57
  • Customizing User Name and Password
    02:38
  • Testing Spring Security with JUnit 5
    05:37
  • Testing HTTP Basic Auth
    03:20
  • Spring Security Filter Chain
    05:18
  • Quiz - HTTP Basic Authentication Quiz
    8 questions

  • Introduction
    00:55
  • Permit All with URL Pattern Matching
    11:25
  • Assignment - Permit All for Find Beers
    1 question
  • HTTP Method Matching
    03:50
  • Spring MVC Path Matchers
    02:25
  • Java Configuration Quiz
    5 questions

  • Introduction
    01:06
  • Spring Security Authentication Process
    03:49
  • User Details Service
    05:53
  • In Memory Authentication Fluent API
    03:55
  • Assignment - Add User
    1 question
  • Authentication Quiz
    1 question

  • Introduction
    01:10
  • Password Encoding
    08:06
  • MD5 Hash and Password Salt
    04:32
  • NoOp Password Encoder
    03:35
  • LDAP Password Encoder
    04:54
  • SHA-256 Password Encoder
    04:39
  • BCrypt Password Encoder
    04:28
  • Delegating Password Encoder
    06:52
  • Custom Delegating Password Encoder
    03:16
  • Assignment - Add custom Bcrypt Encoder
    1 question

  • Introduction
    01:19
  • Custom Authentication Filter Overview
    03:38
  • Delete Beer by ID MockMVC Test
    03:14
  • Custom Authentication Filter
    07:39
  • Spring Security Configuration
    05:11
  • Debugging Spring Security
    03:55
  • Custom Do Filter Method
    06:09
  • Custom Failure Handler
    08:53
  • Assignment - URL Parameter Auth Filter
    1 question

  • Introduction
    01:33
  • Database Authentication Overview
    03:17
  • JPA Entities
    09:08
  • Project Lombok Configuration
    05:51
  • Spring Data JPA Repositories
    03:46
  • Assignment - Bootstrap User Data
    1 question
  • H2 Database Console Access
    05:58
  • User Details Service
    07:44
  • Spring Security Configuration
    08:15
  • Spring Boot Test Context
    04:01

  • Introduction
    01:23
  • Authorization in Spring Security
    09:23
  • Configuring User Roles
    03:19
  • Verify Role in Filter - Delete
    04:52
  • Assignment - Limit List Breweries to CUSTOMER
  • Allow Multiple Roles
    03:02
  • Refactor JUnit 5 Tests
    09:22
  • Assignment - Use Multiple Roles
    1 question
  • Introduction to Method Security
    05:29
  • Security Expression Based Syntax
    04:44
  • Assignment - Use Method Expression
    1 question

  • Introduction
    01:24
  • Overview Database Refactoring
    04:00
  • Updated JPA Configuration
    08:54
  • Defining Roles for Beer Operations
    07:01
  • Assignment - Define Roles for Customer Operations
    1 question
  • Update Spring Security for RESTful Beer API
    05:04
  • Assignment - Update Remaining Controllers
    1 question
  • Custom Authorization Annotations
    06:20
  • Assignment - Update to Use Custom Auth Annotations
    1 question

Requirements

  • Must be comfortable with the Java programming language
  • Knowledgeable with the Spring Framework 5
  • Experienced with JUnit and Mockito
  • Understand Fundamentals of Web Applications
  • Knowledge of HTTP, Apache Maven, and SQL helpful

Description

Seems like everyday you can find a news story about a security breach, which can be devastating to companies.

Clearly, security is a very important topic.

The Spring Framework is the most popular Java framework for building cloud scale applications.

Spring Security provides you all the tools you need to secure your Java application.

Application security is much more than allowing access after checking a user name and password. You will learn how to limit what application features a user may or may not see. And also, how to limit what data a user may or may not see.

This course focuses on the core fundamentals of Spring Security.

Central to Spring Security is the process of Authentication. This is the process of establishing a user's identity. 

Once a user's identity is established, the process of Authorization is used to allow the user to access specific actions and features of an application.

Spring Security has a very robust toolset for Authentication and Authorization.

Inside this course, you will master both.

You will start the course by learning how to leverage the auto-configuration capabilities of Spring Boot to quickly secure a web application using HTTP Basic Authentication.

Then, you'll be lead through a series of exercises, to replace and customize the default Spring Boot auto-configuration.

Through this process, you will understand the Spring Boot hidden 'magic', and learn how to master the configuration of Spring Security. 

You will be working with a typical Spring Boot Web Application. The application mimics a robust monolithic application - with web pages and RESTful endpoints. This allows us to explore the unique security aspects unique to both web applications and RESTFul APIs.

You may notice there is not a dedicated section of the course about Testing Spring Security. This is because testing is done throughout the course.

Test Driven Development (TDD) is widely considered a best practice in software engineering.

As we explore the features of Spring Security, we will follow a TDD approach.

We will first write a failing test using JUnit 5, Mockito, and Spring MockMVC, then complete the lesson objective to get a passing test.

You will see some great examples of testing Spring with JUnit 5. However, it is recommended you have prior experience with JUnit 5.

In this course, you will learn:

  • HTTP Basic Authentication with Spring Security

  • Spring Security Java Configuration

  • Using an In-Memory Authentication Provider

  • Using Spring Security for Password Management

  • Best Practices for Password Security

  • Creating Custom Authentication Filters

  • Using a database with Spring Data JPA for Authentication

  • User Roles with Spring Security

  • User Authorities with Spring Security

  • Multitenancy Security

  • Configure Spring Security for CSRF Protection

  • Create a custom login form

  • Using Remember Me

  • How to lock out users after too many failed attempts

  • How to unlock accounts automatically after a period of time

  • CORS with Spring Security

Course Extra - IntelliJ IDEA Ultimate

Students enrolling in the course can receive a free 120 day trial license to IntelliJ IDEA Ultimate! Get hands on experience using the Java IDE preferred by Spring Framework professionals! 

Course Extra - Access to a Private Slack Community

You're not just enrolling in a course --> You are joining a community learning about Spring Security.

With your enrollment to the course, you can access an exclusive Slack community. Get help from the instructor and other Spring Framework Gurus from around the world - in real time! This community is only available to students enrolled in this course. 

With your enrollment, you can join this community of awesome gurus!

Closed Captioning / Subtitles

Closed captioning in english is available for all course videos!

PDF Downloads

All keynote presentations are available for you to download as PDFs.

Lifetime Access

When you purchase this course, you will receive lifetime access! You can login anytime from anywhere to access the course content.

No Risk - Money Back Guarantee 

You can buy this course with no risk. If you are unhappy with the course, for any reason, you can get a complete refund. The course has a 30 day Money Back Guarantee.


Enroll today and start learning Spring Security! 

Who this course is for:

  • Spring Framework Application Developers

Featured review

Helen Ma
Helen Ma
34 courses
24 reviews
Rating: 5.0 out of 5a month ago
This course is very organized. John makes incremental development in his code to demo the concepts from basic to advanced. I feel very confident to follow his code examples. I highly recommend this course.

Instructor

John Thompson
Spring Framework Guru - Best Selling Instructor
John Thompson
  • 4.4 Instructor Rating
  • 32,399 Reviews
  • 184,638 Students
  • 17 Courses

Hi. I'm John.

I've been in the IT industry for over 20 years. Today, I specialize mainly in Java, the most successful and widely known programming language in use today. I also specialize with the Spring Framework, which the most popular open source application framework for building enterprise class applications on the Java platform. Just some of the organizations I've worked with include Visa, Kohls, Federal Home Loan Bank, and Belk Department Stores.

Through the courses I'm providing, I hope to leverage my years of experience to accelerate your learning of the Spring Framework. I'm not going to lie to you. The Spring Framework is a big framework. The environment for enterprise Java is even bigger. If you're new to Java, you have a lot to learn. I hope through the content on this web site I can accelerate your education of the Java and Spring landscape.

  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.