Trang chủ

Other IT & Software

Spring Security

[NEW] Spring Security 6 Zero to Master along with JWT,OAUTH2

[NEW] Spring Security 6 Zero to Master along with JWT,OAUTH2

Loại khoá học: Other IT & Software

Spring Security 6 , SpringBoot 3 Security, CORs, CSRF, JWT, OAUTH2, OpenID Connect, KeyCloak

50.000 VND

100 VND

Đầy Đủ Bài Giảng

Học Online Tiện Lợi

Kích Hoạt Nhanh 2-5 Phút

Thanh toán tự động

Được phép tải xuống

Mô tả

'Spring Security Zero to Master' course will help in understanding the Spring Security Architecture, important packages, interfaces, classes inside it which handles authentication and authorization requests in the web applications. It also covers most common security related topics like CORs, CSRF, JWT, OAUTH2, password management, method level security, user, roles & authorities management inside web applications.

Below are the important topics that this course covers,

Spring Security framework details and it features
How to adapt security for a Java web application using Spring Security
Password Management in Spring Security with PasswordEncoders
Deep dive about encoding, encryption and hashing
What is CSRF, CORS and how to address them
What is Authentication and Authorization. How they are different from each other.
Securing endpoint URLs inside web applications using Ant, MVC & Regex Matchers
Filters in Spring Security and how to write own custom filters
Deep dive about JWT (JSON Web Tokens) and the role of them inside Authentication & Authorization
Deep dive about OAUTH2 and various grant type flows inside OAUTH2.
Deep dive about OpenID Connect & how it is related to OAUTH2
Applying authorization rules using roles, authorities inside a web application using Spring Security
Method level security in web/non-web applications
Social Login integrations into web applications
Set up of Authorization Server using KeyCloak

The pre-requisite for the course is basic knowledge of Java, Spring and interest to learn.

Bạn sẽ học được gì

Spring Security framework details and it features.

How to adapt security for a Java web application using Spring Security

What is CSRF, CORS, JWT, OAUTH2

Applying authorization rules using roles, authorities inside a web application using Spring Security

Method level security in web/non-web applications

Yêu cầu

Java
Basics of Spring framework

Nội dung khoá học

14 sections

Getting Started

13 lectures

Course Introduction

07:32

Details of Source Code, PDF Content & other instructions for the course

03:59

What is Security & Why it is important

07:07

Creating a simple Spring Boot app with out security

11:44

Securing Spring Boot basic app using Spring Security

06:42

Configure static credentials inside application properties file

04:46

Why should we use Spring Security framework

04:34

Quick introduction to Servlets & Filters

05:06

Introduction to Spring Security Internal flow

10:24

Demo of Spring Security internal flow

14:24

Sequence flow of the Spring Security default behaviour

04:49

Understanding on how multiple requests work with out credentials

04:11

"Getting started with Spring Security" quiz

7 questions

Changing the default security configurations

10 lectures

Understanding about UI part of the EazyBank application

05:42

Backend REST services required for EazyBank app

03:08

Creating backend services needed for the EazyBank application - Part 1

07:33

Creating backend services needed for the EazyBank application - Part 2

05:57

Checking the default configuration inside the spring security framework

07:18

IMPORTANT NOTE

01:14

Modifying the code as per our custom requirements

06:50

Denying all the requests

04:34

Permit all the requests

04:47

Quiz related to "Understanding & Changing the default security configurations"

6 questions

Defining & Managing Users

15 lectures

Introduction to the agenda of the section

04:18

Configuring users using InMemoryUserDetailsManager - Approach 1

09:37

Configuring users using InMemoryUserDetailsManager - Approach 2

05:23

Understanding User Management interfaces and Classes

08:51

Deep Dive of UserDetails Interface & User class

12:00

Deep Dive of UserDetailsService & UserDetailsManager Interfaces

04:52

Deep Dive of UserDetailsManager Implementation classes

12:03

Creating MySQL Database in the cloud

13:13

Connecting to DB & Creating Users inside the DB as per JdbcUserDetailsManager

08:35

Using JdbcUserDetailsManager to perform authentication

11:18

Creating our own custom tables for Authentication

05:01

Creating JPA Entity and repository classes for new table

08:54

Creating our own custom implementation of UserDetailsService

09:54

Building a new REST API to allow the registration of new User

13:55

Quiz on "Defining & Managing Users" in Spring Security

6 questions

Password Management with PasswordEncoders

10 lectures

How our passwords validated in Spring Security by default

08:44

Encoding Vs Encryption Vs Hashing - Part 1

06:34

Encoding Vs Encryption Vs Hashing - Part 2

10:06

How Our passwords will be validated with hashing & PasswordEncoders

03:01

Deep dive of PasswordEncoder interface

04:48

Deep dive of PasswordEncoder implementation classes - Part 1

09:05

Deep dive of PasswordEncoder implementation classes - Part 2

06:16

Demo of registration of new user with Bcrypt password encoder

07:56

Demo of login with Bcrypt password encoder

09:44

Quiz related to Password Management in Spring Security

10 questions

Understanding Authentication Provider and Implementing it

6 lectures

Why should we consider creating our own AuthenticationProvider

04:32

Understanding AuthenticationProvider methods

07:10

Implementing and Customising the AuthenticationProvider inside our application

08:15

Testing our custom AuthenticationProvider implementation

05:29

Spring Security Sequence flow with custom AuthenticationProvider

02:37

Quiz related to AuthenticationProvider in Spring Security

4 questions

Understanding CORs & CSRF

16 lectures

Setting up the EazyBank UI project

09:42

Understanding the UI project and walkthrough of the Angular code

13:33

Creating new DB schema for EazyBank scenarios

09:42

Updating Backend project based on the latest DB schema

09:30

Testing registration of the new user with latest changes

03:53

Taste of CORs error

05:42

Introduction to CORs

03:53

Possible options to fix the CORs issue

05:50

Fixing CORs issue using Spring Security

07:17

Demo of default CSRF protection inside Spring Security

05:33

Introduction to CSRF attack

05:25

Solution to handle CSRF attacks

05:56

Ignoring CSRF protection for public APIs

05:10

Implementing CSRF token solution inside our web application

20:23

Testing the CSRF related changes

09:46

Quiz related to CORs & CSRF

6 questions

Understanding & Implementing Authorization

10 lectures

Authentication Vs Authorization

05:57

How Authorities stored inside Spring Security

07:10

Creating new table authorities to store multiple roles or authorities

05:32

Making backend changes to load authorities from new DB table

09:38

Configuring Authorities inside web application using Spring Security-Theory

03:14

Configuring Authorities inside web application using Spring Security - Coding

06:31

Authority Vs Role in Spring Security

04:06

Configuring Roles Authorization inside web app using Spring Security-Theory

02:38

Configuring Roles Authorization inside web app using Spring Security-Coding

05:30

Quiz related to Authentication & Authorization

7 questions

Writing our own Custom Filters in Spring Security

8 lectures

Introduction to Filters in Spring Security and the sample use cases

04:56

Demo of Inbuilt Filters of Spring Security framework

07:29

How to create our own custom filter

04:20

Adding a custom filter using addFilterBefore() method

08:54

Adding a custom filter using addFilterAfter() method

05:53

Adding a custom filter using addFilterAt() method

05:33

Details about GenericFilterBean and OncePerRequestFilter

07:01

Quiz related to Filters in Spring Security

4 questions

Token based Authentication using JSON Web Token (JWT)

11 lectures

Demo of JSESSIONID and issues with it

03:44

Advantages of Token based Authentication

08:21

Deep dive about JWT Tokens - Part 1

06:30

Deep dive about JWT Tokens - Part 2

08:49

Making project configuration to use JWT tokens

06:15

Configuring filters to generate the JWT tokens

08:27

Configuring filters to validate JWT tokens

08:16

Making changes on the client side for JWT token based authentication

02:54

Validating the JWT changes made by running the applications

05:41

Validating the JWT token expiration scenario

02:58

Quiz related to "Token based Authentication using JWT" in Spring Security

5 questions

Method Level Security

8 lectures

Introduction to method level security in Spring Security

05:44

Details about method invocation authorization in method level security

08:22

Demo of method level security using @PreAuthorize

05:50

Demo of method level security using @PostAuthorize

03:27

Details about filtering authorization in method level security

03:37

Demo of @PreFilter annotation

07:45

Demo of @PostFilter annotation

04:19

Quiz related to Method level security in Spring Security

2 questions

Deep dive of OAUTH2 & OpenID Connect

14 lectures

Problems that OAUTH2 trying to solve

11:03

Introduction to OAUTH2

06:30

OAuth2 terminologies or jargons

04:54

OAuth2 Sample flow - Theory

06:04

Demo of OAuth2 Sample flow

06:35

Deep dive on Authorization code grant type flow in OAUTH2

09:36

Demo of Authorization code grant type flow in OAUTH2

05:50

Deep dive & Demo of implicit grant flow in OAUTH2

05:24

Deep dive of password grant type flow in OAUTH2

04:22

Deep dive of client credentials grant type flow in OAUTH2

03:31

Deep dive of refresh token grant type flow in OAUTH2

06:18

How resource server validates the tokens issued by Auth server

02:54

Introduction to OpenID Connect

10:21

Quiz related to OAUTH2

6 questions

Implementing OAUTH2 using spring security

4 lectures

Registering the client details with the GitHub to use it's OAUTH2 Auth server

04:56

Building a springboot application that uses GitHub Auth server during OAuth2

07:41

Running and verifying the sample application using GitHub OAUTH2

04:40

Quiz related to OAUTH2 integration with Spring Security

2 questions

Implementing OAUTH2 style login inside EazyBank using KeyCloak

20 lectures

Introduction to OAUTH2 flow inside EazyBank web App

02:21

Introduction to KeyCloak Auth Server

04:41

Installation of KeyCloak server & setup admin account

04:21

Setup a Realm inside KeyCloak Server for EazyBank App

02:00

Creating Client Credentials inside KeyCloak for API-API secured invocations

04:47

Setup of EazyBank Resource Server

14:19

Getting Access token from KeyCloak using client credentials grant type

07:54

Passing Access token to Resource server for response through Postman

04:57

Understanding Authorization code grant type for EazyBank App

02:42

Creating Client and User details inside KeyCloak for Auth code grant flow

03:57

Testing Authorization code grant type using Postman App

09:03

Deep dive on Authorization code grant type with PKCE

09:27

Demo of Authorization code grant type with PKCE

06:28

Creating public facing client details inside KeyCloak server

03:07

Implementing PKCE Authorization code grant type inside Angular UI App - Part 1

08:31

Implementing PKCE Authorization code grant type inside Angular UI App - Part 2

08:01

Testing PKCE flow inside Eazy Bank application

05:51

Important features of KeyCloak

07:36

Social Login integration with the help of KeyCloak Server

05:27

Quiz related to OAUTH2 setup using KeyCloak Server

6 questions

Thank You and Congratulations

2 lectures

Thank You and Congratulations

01:36

Bonus lectures

00:22

Đánh giá của học viên

Chưa có đánh giá

Course Rating

5

0%

4

0%

3

0%

2

0%

1

0%

Bình luận khách hàng

Viết Bình Luận

Bạn đánh giá khoá học này thế nào?

Email

Nội dung

Khoá học liên quan

Complete Website Ethical Hacking and Penetration Testing

Complete Website Ethical Hacking and Penetration Testing

Viết ứng dụng bán hàng với Java Springboot/API và Angular

Viết ứng dụng bán hàng với Java Springboot/API và Angular

Python cơ bản đến nâng cao

Python cơ bản đến nâng cao

Khóa học Bootstrap cho người mới bắt đầu năm 2023

Khóa học Bootstrap cho người mới bắt đầu năm 2023

SAP Analytics Cloud - Master Class

SAP Analytics Cloud - Master Class

DevOps on AWS for beginner (Vietnamese)

DevOps on AWS for beginner (Vietnamese)

Thành thạo Docker - Kubernetes trong 8 giờ - 2024

Thành thạo Docker - Kubernetes trong 8 giờ - 2024

AWS EKS Kubernetes-Masterclass | DevOps, Microservices

AWS EKS Kubernetes-Masterclass | DevOps, Microservices

Embedded Linux Using Yocto Part 2

Embedded Linux Using Yocto Part 2

Embedded Linux using Yocto Part 3

Embedded Linux using Yocto Part 3

Embedded Linux using Yocto

Embedded Linux using Yocto

An ninh mạng cho người mới bắt đầu

An ninh mạng cho người mới bắt đầu

An Entry-Level Course on Analog and Digital Microelectronics

An Entry-Level Course on Analog and Digital Microelectronics

DATA CENTER - TRUNG TÂM DỮ LIỆU: HỆ THỐNG ĐIỆN.03 - CB08

DATA CENTER - TRUNG TÂM DỮ LIỆU: HỆ THỐNG ĐIỆN.03 - CB08

Starting an ISP with MikroTik

Starting an ISP with MikroTik

MikroTik Security Engineer with LABS

MikroTik Security Engineer with LABS

Đăng ký get khoá học Udemy - Unica - Gitiho giá chỉ 50k!

Get khoá học giá rẻ ngay trước khi bị fix.

Get khoá học cho tôi