Spring Security Core: Beginner to Guru

Seems like everyday you can find a news story about a security breach, which can be devastating to companies.

Clearly, security is a very important topic.

The Spring Framework is the most popular Java framework for building cloud scale applications.

Spring Security provides you all the tools you need to secure your Java application.

Application security is much more than allowing access after checking a user name and password. You will learn how to limit what application features a user may or may not see. And also, how to limit what data a user may or may not see.

This course focuses on the core fundamentals of Spring Security.

Central to Spring Security is the process of Authentication. This is the process of establishing a user's identity. 

Once a user's identity is established, the process of Authorization is used to allow the user to access specific actions and features of an application.

Spring Security has a very robust toolset for Authentication and Authorization.

Inside this course, you will master both.

You will start the course by learning how to leverage the auto-configuration capabilities of Spring Boot to quickly secure a web application using HTTP Basic Authentication.

Then, you'll be lead through a series of exercises, to replace and customize the default Spring Boot auto-configuration.

Through this process, you will understand the Spring Boot hidden 'magic', and learn how to master the configuration of Spring Security. 

You will be working with a typical Spring Boot Web Application. The application mimics a robust monolithic application - with web pages and RESTful endpoints. This allows us to explore the unique security aspects unique to both web applications and RESTFul APIs.

You may notice there is not a dedicated section of the course about Testing Spring Security. This is because testing is done throughout the course.

Test Driven Development (TDD) is widely considered a best practice in software engineering.

As we explore the features of Spring Security, we will follow a TDD approach.

We will first write a failing test using JUnit 5, Mockito, and Spring MockMVC, then complete the lesson objective to get a passing test.

You will see some great examples of testing Spring with JUnit 5. However, it is recommended you have prior experience with JUnit 5.

In this course, you will learn:

• HTTP Basic Authentication with Spring Security

• Spring Security Java Configuration

• Using an In-Memory Authentication Provider

• Using Spring Security for Password Management

• Best Practices for Password Security

• Creating Custom Authentication Filters

• Using a database with Spring Data JPA for Authentication

• User Roles with Spring Security

• User Authorities with Spring Security

• Multitenancy Security

• Configure Spring Security for CSRF Protection

• Create a custom login form

• Using Remember Me

• How to lock out users after too many failed attempts

• How to unlock accounts automatically after a period of time

• CORS with Spring Security

Course Extra - IntelliJ IDEA Ultimate

Students enrolling in the course can receive a free 120 day trial license to IntelliJ IDEA Ultimate! Get hands on experience using the Java IDE preferred by Spring Framework professionals! 

Course Extra - Access to a Private Slack Community

You're not just enrolling in a course --> You are joining a community learning about Spring Security.

With your enrollment to the course, you can access an exclusive Slack community. Get help from the instructor and other Spring Framework Gurus from around the world - in real time! This community is only available to students enrolled in this course. 

With your enrollment, you can join this community of awesome gurus!

Closed Captioning / Subtitles

Closed captioning in English is available for all course videos!

PDF Downloads

All keynote presentations are available for you to download as PDFs.

Lifetime Access

When you purchase this course, you will receive lifetime access! You can login anytime from anywhere to access the course content.

No Risk - Money Back Guarantee 

You can buy this course with no risk. If you are unhappy with the course, for any reason, you can get a complete refund. The course has a 30 day Money Back Guarantee.

Enroll today and start learning Spring Security!