
In this lecture you can learn how to download and install eclipse
In this lecture you can learn how to download and install mysql
In this lecture you can learn how to download and install SQLyog graphical interface. It is useful for to execute sql queries.
1. Understand spring initializr
2. Create spring boot web project
3. Import project in to eclipse
In this lecture you can create login controller class and it's execution
In this lecture you can create login.jsp
download login.jsp source file
Instead of loading css file from website, we can download css file in to spring boot project and refer that file in our login web page
In this lecture we can design user registration web page
In this lecture we can design our user registration web page with bootstrap
In this lecture you can understand what is spring security
In this lecture you can understand execution flow of spring security.
In this lecture you can understand how to enable spring security to our web application and authenticate with default user name (user) and spring security generated password.
In this lecture you can learn how to configure static credentials in spring security.
In this lecture you can learn how to create custom security configuration.
In this lecture you can create multiple static user credentials by using SpringSercurityCustomConfiguration class.
In this lecture encode password by using BCryptPasswordEncoder instead of defaultPasswordEncoder.
In this lecture you can understand how spring security is maintaining authentication for subsequent of requests without entering username and password again and again.
In this lecture you can understand about what is CSRF attack in our web application
In this lecture you can understand how spring security protecting our web application by using csrf token
In this lecture you can learn, how to configure default home page for our web application.
Display custom login page as default web page.
In this lecture you can learn how to login web application with custom login page
In this lecture you can learn how to handle login error messages.
In this lecture you can learn how to implement logout functionality in spring security.
In this lecture you can learn how to display logout success message in login page.
In this lecture you can learn how to connect with mysql database
In this lecture you can learn how to create Many to Many relationship between UserEntity and RoleEntity.
In this class you can learn how to auto generate database tables by using hibernate or jpa
In this lecture you can learn how to create user dto and service classes
In this lecture you can understand about ModelMapper.
ModelMapper is used to convert DTO to Entity and Entity to DTO
In this lecture you can implement business logic to insert the data
In this lecture, you can insert user details in database by using registration web page.
In this lecture, you can learn how to display user registration successful message in login page
In this lecture you can lean server side validation for duplicate email id.
In this lecture you can learn how to download jquery library and add this library in user registration web page.
In this lecture you can learn how to make an ajax call in jquery
In this lecture, you can implement rest API to validate email address exists or not
In this lecture, you can learn how to read user credentials from database
In this lecture, you can web application login by using user credentials from database
In this lecture, you can create forgot password web page
In this lecture, you can create Email sender service class to send an email to end user.
In this lecture, you can configure smtp properties
In this lecture, two new column are added in user table for password reset functionality
In this lecture, you can create a method to send an email to end user
In this lecture, will generate reset password token and reset password link.
In this lecture, we will insert reset password token in user table.
In this lecture, you can construct an email content to send an email to end user.
In this lecture, you can test forgot password functionality.
In this course students can learn how to develop login and logout feature with spring security by using spring boot web application in easy way.
Key concepts implementation:
Sign Up, login, logout, forgot password, reset password, sending an email to user to reset the password, change password implementation (Spring security 6 + spring boot + MySQL database)
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications.
Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements
Features
Comprehensive and extensible support for both Authentication and Authorization
Protection against attacks like session fixation, clickjacking, cross site request forgery, etc
Servlet API integration
Optional integration with Spring Web MVC
Authentication :
Spring Security provides comprehensive support for authentication. Authentication is how we verify the identity of who is trying to access a particular resource. A common way to authenticate users is by requiring the user to enter a username and password. Once authentication is performed we know the identity and can perform authorization.
Spring Security provides built-in support for authenticating users. This section is dedicated to generic authentication support that applies in both Servlet and WebFlux environments. Refer to the sections on authentication for Servlet and WebFlux for details on what is supported for each stack.
Authorization :
Spring Security provides comprehensive support for authorization. Authorization is determining who is allowed to access a particular resource. Spring Security provides defense in depth by allowing for request based authorization and method based authorization.
Development features:
Software installation.
Spring boot web project development from scratch.
Bootstrap spring boot web application.
Create Login and Logout , registration, forgot password, change password web pages in easy way.
Understand spring security in easy way.
Understand Authentication and Authorization.
Understand CSRF attack and how attackers can hack web application.
Create User and Roles.
Implement Many to Many relationship between user and roles.
Create spring security custom configuration class.
login application by using static user credentials.
login application by using credentials from database
Ajax calls to validate user exist in database or not.
Forgot password implementation.
Send email with reset password link to end user.
Reset Password web page implementation.
Change password web page implementation and e.t.c.