Robust security for web applications is and has always been a must. But the security landscape has been changing rapidly over the last few years, with REST APIs becoming mainstream, the huge adoption and evolution of OAuth2, single-page apps (SPAs), two-factor authentication (2FA) and so many other security requirements.
And the security market is huge - Gartner puts the numbers at 124 billion in 2019 on the way to 140+ billion now, in 2020. Security work to be done well is abundant and very well paid.
Learn Spring Security: The Master Class
9h 22m 39s
English
Paid
Simply put, not having a solid, deep understanding of the current security landscape is no longer a good option.
Why Spring Security?
Spring Security has been getting better as well, with the launch of 5.0, 5.1 and now 5.2, full Java configuration with lambdas, fantastic Boot integration, an entirely new OAuth2 stack, and support for pretty much any security mechanism you need. Right now, in 2020, there's no debate. Spring Security is THE framework to properly and intelligently do security if you're working in Java. The framework is fully able to handle everything you throw at it - from simple scenarios to highly complex security requirements. There are some OK alternatives, but nothing really comes close.
Learn Spring Security... Fast
I’ve created this course to help you get to a full security education quickly. That's the whole point in going through a course - it's the fast way to learn the material and give you the Spring Security tools you need to secure your system.
Each module contains exhaustive video lessons along with code, lesson notes and resources to help you put the framework to use immediately in your app.
About the Author: Baeldung
Baeldung is a Romania-origin technical-tutorial site that has grown into one of the largest English-language reference sources for Java, Spring, and the broader JVM ecosystem. The site publishes thousands of short tutorials and a smaller paid course catalog focused specifically on Spring Security and the Spring Framework deep dives.
The CourseFlix listing carries four Baeldung courses focused on Spring: Learn Spring 5 and Spring Boot 2, Build Your REST API with Spring 5, Learn Spring Security: The Master Class, and the OAuth-focused Learn Spring Security OAuth. Material is paid and aimed at Java developers working on production Spring applications, particularly on the security and authentication side.
Watch Online 65 lessons
0:00
/ #1: Intro to Spring Security
All Course Lessons (65)
| # | Lesson Title | Duration | Access |
|---|---|---|---|
| 1 | Intro to Spring Security Demo | 06:46 | |
| 2 | A Basic Security Java Config | 09:56 | |
| 3 | URL Authorization | 10:33 | |
| 4 | Building a Login Form | 09:49 | |
| 5 | Implementing Logout | 07:15 | |
| 6 | Anonymous “Authentication” | 05:02 | |
| 7 | A Simple Registration Flow | 06:54 | |
| 8 | Authentication using Real Users | 04:28 | |
| 9 | Activate a New Account via Email | 08:17 | |
| 10 | Deal with “I forgot my password” | 09:01 | |
| 11 | Doing Security Questions Right (NEW) | 10:53 | |
| 12 | Ensure Password Strength during Registration - part 1 (NEW) | 06:32 | |
| 13 | Ensure Password Strength during Registration - part 2 (NEW) | 04:16 | |
| 14 | A Simple Remember Me Flow | 06:06 | |
| 15 | Remember Me with Cookie | 09:32 | |
| 16 | Remember Me with Persistence | 08:09 | |
| 17 | Spring Security with JSP | 08:24 | |
| 18 | The Authentication Tag and Displaying the Current User | 08:01 | |
| 19 | Spring Security with Thymeleaf | 06:14 | |
| 20 | The Authorize Tag | 10:40 | |
| 21 | By URL Authorization with Expressions | 15:03 | |
| 22 | On-method Authorization with Expressions | 10:08 | |
| 23 | Programmatic Expressions and a custom PermissionEvaluator(NEW) | 08:59 | |
| 24 | Introduction to Storing Passwords | 07:14 | |
| 25 | Hashing Passwords (MD5 and SHA-256) | 08:55 | |
| 26 | Why Hashing Isn't Enough - Using Salts | 09:48 | |
| 27 | Key Stretching | 06:36 | |
| 28 | The bcrypt Solution | 05:40 | |
| 29 | Breaking Down the Authentication Flow | 16:26 | |
| 30 | Run As a Different User | 10:18 | |
| 31 | The Security Context | 08:45 | |
| 32 | Configure the Filter Chain | 07:09 | |
| 33 | A Custom Authentication Provider | 09:01 | |
| 34 | Multiple Providers and the Authentication Manager | 07:03 | |
| 35 | In-Memory, JDBC and Hibernate/JPA User Storage | 08:44 | |
| 36 | Tracking Logged-in Users | 09:05 | |
| 37 | How Authorization Works | 10:31 | |
| 38 | The Topology of Roles and Privileges - Part 1 | 09:14 | |
| 39 | The Topology of Roles and Privileges - Part 2 | 06:33 | |
| 40 | Secure Method Invocations with AOP | 09:15 | |
| 41 | A Custom AccessDecisionVoter | 11:21 | |
| 42 | The Basics of API Security | 07:02 | |
| 43 | Basic Authentication for the API | 06:13 | |
| 44 | How OAuth2 Works for REST - Part 1 | 07:06 | |
| 45 | How OAuth2 Works for REST - Part 2 | 05:04 | |
| 46 | Certificates and HTTPS for Tomcat | 06:58 | |
| 47 | Introduction ACL and Domain Object Security | 06:33 | |
| 48 | The Data Structure of ACL | 09:13 | |
| 49 | ACL with Spring Security - part 1 | 10:10 | |
| 50 | ACL with Spring Security - part 2 | 09:21 | |
| 51 | Setup OAuth2 with Spring Security | 12:46 | |
| 52 | Tokens, OAuth2 and JWT | 09:23 | |
| 53 | Refreshing a Token | 09:20 | |
| 54 | The OAuth2 Implicit Flow and the Authorization Code Flow | 07:13 | |
| 55 | Using the Authorization Code Flow in OAuth2 | 11:15 | |
| 56 | Confidential Clients and the Client Credentials Flow | 10:12 | |
| 57 | A Simple Two-Factor Implementation with a Soft Token | 14:27 | |
| 58 | A Two-Factor Impl with SMS | 08:59 | |
| 59 | Spring Security for a non-Spring Application | 08:41 | |
| 60 | Multi-Tenancy with Spring Security | 13:05 | |
| 61 | Session Management with spring-session | 07:59 | |
| 62 | Spring Security with LDAP | 09:22 | |
| 63 | A Basic Reactive Security Example (NEW) | 08:57 | |
| 64 | Reactive Method Security (NEW) | 05:56 | |
| 65 | The State of OAuth2 in Spring Security 5 (NEW) | 04:48 |
Unlock unlimited learning
Get instant access to all 64 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.
Learn more about subscriptionRelated courses
-
Updated 2y agoMaster Microservices with Java, Spring, Docker, Kubernetes
By: UdemyMaster Microservices with Java, Spring, Docker & Kubernetes — build production microservices using Spring Boot, Spring Cloud, Eureka, Hystrix, Resilience4j.23h 57m -
Updated 2y agoOAuth 2.0 in Spring Boot Applications
By: UdemyThis video course is for beginner Java developers who are interested in learning how to secure OAuth 2.0 Resources in Spring Security 5. The course covers only10h 54m -
Updated 2y agoSpring Professional Certification Exam Tutorial - Module 08
By: UdemySpring Professional Exam Tutorial explains and answers all questions from Spring Professional Certification Study Guide. Each answer to exam topic is explained1h 54m
Frequently asked questions
What is Learn Spring Security: The Master Class about?
Robust security for web applications is and has always been a must. But the security landscape has been changing rapidly over the last few years, with REST APIs becoming mainstream, the huge adoption and evolution of OAuth2, single-page…
Who teaches this course?
It is taught by Baeldung. You can find more courses by this instructor on the corresponding source page.
How long is the course?
It contains 65 lessons with a total runtime of 9 hours 22 minutes. Every lesson is available to watch online at your own pace.
Is it free to watch?
It is part of CourseFlix's premium catalog. A subscription unlocks the full video player; the course description, table of contents, and preview information are available to everyone.
Where can I watch it online?
The course is available to watch online on CourseFlix at https://courseflix.net/course/learn-spring-security-the-master-class. The page hosts every lesson with the integrated video player; no download is required.