This course is dedicated to the study of key security mechanisms in the Spring Security ecosystem and is built around practical mastering of basic application protection concepts.
Course Structure
The course consists of modules, each divided into separate lessons.
Each lesson is focused on one specific concept, allowing for a deep understanding of individual aspects of security without overloading with unnecessary details.
Recommended approach:
- First pass — sequentially through all lessons (to form a complete picture)
- Further work — targeted reference to the necessary topics
Practical Part and Code
The course is accompanied by a full codebase available on GitHub.
Features:
- Each lesson uses a separate project module
- The code is specially simplified to focus on the studied concept
- Simplifications are possible (e.g., hardcoded data or lack of encryption), which are not intended for production
Working with code includes:
- Cloning the repository
- Switching between branches by modules
- Building the project via Maven
- Running applications using Spring Boot
Tools and Technologies
The following are used throughout the course:
- Spring Boot — for quick application deployment
- Maven — for building projects
- Gradle (optional)
- Eclipse STS or any other IDE
- Embedded database (HSQLDB) and, in some cases, MySQL
Focus of Learning
The main goal of the course is to achieve a deep understanding of fundamental security principles, including:
- Authentication and authorization
- Working with the security context
- Configuring application protection
- Practical application of Spring Security mechanisms
Final Result
Upon completing the course, you will:
- Confidently navigate the Spring Security architecture
- Understand key application protection patterns
- Be able to apply the acquired knowledge in practice
- Gain access to the final reference project, combining all studied concepts