Spring Security Core: Beginner to Guru
What you'll learn
- How to Secure Applications using Spring Security
- How to Protect Against Common Web Security Vulnerabilities (OWASP)
- Use Spring Security to Authenticate Application Users
- Use Spring Security to Authorize User Actions
- Password Management
- Best Practices for Limiting User Access
- Use Test Driven Development to Test User Access
- Must be comfortable with the Java programming language
- Knowledgeable with the Spring Framework 5
- Experienced with JUnit and Mockito
- Understand Fundamentals of Web Applications
- Knowledge of HTTP, Apache Maven, and SQL helpful
Seems like everyday you can find a news story about a security breach, which can be devastating to companies.
Clearly, security is a very important topic.
The Spring Framework is the most popular Java framework for building cloud scale applications.
Spring Security provides you all the tools you need to secure your Java application.
Application security is much more than allowing access after checking a user name and password. You will learn how to limit what application features a user may or may not see. And also, how to limit what data a user may or may not see.
This course focuses on the core fundamentals of Spring Security.
Central to Spring Security is the process of Authentication. This is the process of establishing a user's identity.
Once a user's identity is established, the process of Authorization is used to allow the user to access specific actions and features of an application.
Spring Security has a very robust toolset for Authentication and Authorization.
Inside this course, you will master both.
You will start the course by learning how to leverage the auto-configuration capabilities of Spring Boot to quickly secure a web application using HTTP Basic Authentication.
Then, you'll be lead through a series of exercises, to replace and customize the default Spring Boot auto-configuration.
Through this process, you will understand the Spring Boot hidden 'magic', and learn how to master the configuration of Spring Security.
You will be working with a typical Spring Boot Web Application. The application mimics a robust monolithic application - with web pages and RESTful endpoints. This allows us to explore the unique security aspects unique to both web applications and RESTFul APIs.
You may notice there is not a dedicated section of the course about Testing Spring Security. This is because testing is done throughout the course.
Test Driven Development (TDD) is widely considered a best practice in software engineering.
As we explore the features of Spring Security, we will follow a TDD approach.
We will first write a failing test using JUnit 5, Mockito, and Spring MockMVC, then complete the lesson objective to get a passing test.
You will see some great examples of testing Spring with JUnit 5. However, it is recommended you have prior experience with JUnit 5.
In this course, you will learn:
HTTP Basic Authentication with Spring Security
Spring Security Java Configuration
Using an In-Memory Authentication Provider
Using Spring Security for Password Management
Best Practices for Password Security
Creating Custom Authentication Filters
Using a database with Spring Data JPA for Authentication
User Roles with Spring Security
User Authorities with Spring Security
Configure Spring Security for CSRF Protection
Create a custom login form
Using Remember Me
How to lock out users after too many failed attempts
How to unlock accounts automatically after a period of time
CORS with Spring Security
Course Extra - IntelliJ IDEA Ultimate
Students enrolling in the course can receive a free 120 day trial license to IntelliJ IDEA Ultimate! Get hands on experience using the Java IDE preferred by Spring Framework professionals!
Course Extra - Access to a Private Slack Community
You're not just enrolling in a course --> You are joining a community learning about Spring Security.
With your enrollment to the course, you can access an exclusive Slack community. Get help from the instructor and other Spring Framework Gurus from around the world - in real time! This community is only available to students enrolled in this course.
With your enrollment, you can join this community of awesome gurus!
Closed Captioning / Subtitles
Closed captioning in English is available for all course videos!
All keynote presentations are available for you to download as PDFs.
When you purchase this course, you will receive lifetime access! You can login anytime from anywhere to access the course content.
No Risk - Money Back Guarantee
You can buy this course with no risk. If you are unhappy with the course, for any reason, you can get a complete refund. The course has a 30 day Money Back Guarantee.
Enroll today and start learning Spring Security!
Who this course is for:
- Spring Framework Application Developers
Hi. I'm John.
I've been in the IT industry for over 25 years. Today, I specialize mainly in Java, the most successful and widely known programming language in use today. I also specialize with the Spring Framework, which the most popular open source application framework for building enterprise class applications on the Java platform. Just some of the organizations I've worked with include Visa, Kohls, Federal Home Loan Bank, and Belk Department Stores.
Through the courses I'm providing, I hope to leverage my years of experience to accelerate your learning of the Spring Framework. I'm not going to lie to you. The Spring Framework is a big framework. The environment for enterprise Java is even bigger. If you're new to Java, you have a lot to learn. I hope through the content on this web site I can accelerate your education of the Java and Spring landscape.
Spring Ahead Code Academy was established by John Thompson, founder of Spring Framework Guru. John has over 25 years of programming experience and has taught over 250,000 students in 180 different countries.
Spring Ahead Code Academy is collation of experienced professional developers helping others learn to code.
Our goal is to bring together real world professionals, to share real world experience with you. We hope to help you with your journey in learning new skills and growing your career.