Spring Security 6 Zero to Master along with JWT,OAUTH2

Name: Spring Security 6 Zero to Master along with JWT,OAUTH2
Price: 12.75 USD
Availability: InStock
Rating: 5 (2 reviews)

14h 50m 3s

English

Paid

July 8, 2024

Spring Security 6 Zero to Master along with JWT,OAUTH2 is a 132-lesson 14 hours 50 minutes self-paced course by Udemy. This course shows you how to build secure Java web apps with Spring Security 6.

Course facts

Lessons: 132
Duration: 14 hours 50 minutes
Level: All levels
Language: English
Updated
Instructor: Udemy
Price: Premium

This course shows you how to build secure Java web apps with Spring Security 6. You learn how the core parts work and how they handle login, roles, and request checks. You also learn how to protect APIs with JWT and OAuth2.

What You Learn

You get clear steps to add security to a Spring app. Each topic includes hands-on work so you can try it on your own.

Spring Security Basics

How the Spring Security framework works
Main packages, classes, and interfaces
How requests move through the security chain

Add Security to a Web App

Set up security for a Java web app
Use Ant, MVC, and regex matchers to protect URLs
Add custom filters when you need extra checks

Password and Data Safety

Use PasswordEncoders
Know the difference between encoding, hashing, and encryption

Web Protection

What CSRF is and how to handle it
What CORS is and when it matters

Login and Access

What authentication and authorization mean
How to use roles and authorities
How to add method-level rules

JWT and OAuth2

How JWT works in login and access checks
OAuth2 grant types and when to use each one
OpenID Connect and how it fits with OAuth2

More Features

Social login in web apps
Set up an authorization server with Keycloak

Who Should Take This

You should know basic Java and Spring. You do not need past security work, but you should want to learn it.

Who teaches Spring Security 6 Zero to Master along with JWT,OAUTH2? Udemy

Udemy is the largest open marketplace for online courses on the internet. Founded in 2010 by Eren Bali, Oktay Caglar, and Gagan Biyani and headquartered in San Francisco, the company went public on the Nasdaq in 2021 under the ticker UDMY. The platform hosts well over two hundred thousand courses across software development, IT and cloud, data science, design, business, marketing, and creative skills, taught by tens of thousands of independent instructors. Roughly seventy million learners use it worldwide, and the corporate arm — Udemy Business — supplies a curated subset of that catalog to enterprise customers.

Because Udemy is a marketplace rather than a single editorial publisher, the catalog is uneven by design. The strongest material lives in the long-form, project-based courses authored by working engineers — full-stack JavaScript, React, Node.js, Python data science, AWS, Docker and Kubernetes, mobile development with Flutter and React Native, and cloud certification preparation. The CourseFlix listing under this source is the slice of that catalog that has been mirrored here for offline-friendly viewing, organized by topic and updated as new releases land. Pricing on Udemy itself swings dramatically with the site's near-permanent sales, which is why the platform is best treated as a deep reference catalog: pick instructors with strong reviews and a track record of updating their material rather than buying on the headline price alone.

What lessons are included in Spring Security 6 Zero to Master along with JWT,OAUTH2?

0:00

#1: Course Introduction

All Course Lessons (132)

#	Lesson Title	Duration
1	Course Introduction Demo	07:33
2	Details of Source Code, PDF Content & other instructions for the course	04:00
3	What is Security & Why it is important	07:08
4	Creating a simple Spring Boot app with out security	11:45
5	Securing Spring Boot basic app using Spring Security	06:43
6	Configure static credentials inside application properties file	04:47
7	Why should we use Spring Security framework	04:35
8	Quick introduction to Servlets & Filters	05:07
9	Introduction to Spring Security Internal flow	10:25
10	Demo of Spring Security internal flow	14:25
11	Sequence flow of the Spring Security default behaviour	04:51
12	Understanding on how multiple requests work with out credentials	04:12
13	Understanding about UI part of the EazyBank application	05:43
14	Backend REST services required for EazyBank app	03:09
15	Creating backend services needed for the EazyBank application - Part 1	07:34
16	Creating backend services needed for the EazyBank application - Part 2	05:58
17	Checking the default configuration inside the spring security framework	07:19
18	Modifying the code as per our custom requirements	06:51
19	Denying all the requests	04:36
20	Permit all the requests	04:48
21	Introduction to the agenda of the section	04:19
22	Configuring users using InMemoryUserDetailsManager - Approach 1	09:38
23	Configuring users using InMemoryUserDetailsManager - Approach 2	05:24
24	Understanding User Management interfaces and Classes	08:52
25	Deep Dive of UserDetails Interface & User class	12:01
26	Deep Dive of UserDetailsService & UserDetailsManager Interfaces	04:53
27	Deep Dive of UserDetailsManager Implementation classes	12:04
28	Creating MySQL Database in the cloud	13:14
29	Connecting to DB & Creating Users inside the DB as per JdbcUserDetailsManager	08:36
30	Using JdbcUserDetailsManager to perform authentication	11:19
31	Creating our own custom tables for Authentication	05:03
32	Creating JPA Entity and repository classes for new table	08:56
33	Creating our own custom implementation of UserDetailsService	09:55
34	Building a new REST API to allow the registration of new User	13:56
35	How our passwords validated in Spring Security by default	08:46
36	Encoding Vs Encryption Vs Hashing - Part 1	06:35
37	Encoding Vs Encryption Vs Hashing - Part 2	10:08
38	How Our passwords will be validated with hashing & PasswordEncoders	03:02
39	Deep dive of PasswordEncoder interface	04:49
40	Deep dive of PasswordEncoder implementation classes - Part 1	09:06
41	Deep dive of PasswordEncoder implementation classes - Part 2	06:17
42	Demo of registration of new user with Bcrypt password encoder	07:57
43	Demo of login with Bcrypt password encoder	09:45
44	Why should we consider creating our own AuthenticationProvider	04:33
45	Understanding AuthenticationProvider methods	07:11
46	Implementing and Customising the AuthenticationProvider inside our application	08:16
47	Testing our custom AuthenticationProvider implementation	05:30
48	Spring Security Sequence flow with custom AuthenticationProvider	02:38
49	Setting up the EazyBank UI project	09:43
50	Understanding the UI project and walkthrough of the Angular code	13:34
51	Creating new DB schema for EazyBank scenarios	09:43
52	Updating Backend project based on the latest DB schema	09:31
53	Testing registration of the new user with latest changes	03:54
54	Taste of CORs error	05:43
55	Introduction to CORs	03:54
56	Possible options to fix the CORs issue	05:51
57	Fixing CORs issue using Spring Security	07:18
58	Demo of default CSRF protection inside Spring Security	05:34
59	Introduction to CSRF attack	05:27
60	Solution to handle CSRF attacks	05:57
61	Ignoring CSRF protection for public APIs	05:12
62	Implementing CSRF token solution inside our web application	20:24
63	Testing the CSRF related changes	09:47
64	Authentication Vs Authorization	05:58
65	How Authorities stored inside Spring Security	07:11
66	Creating new table authorities to store multiple roles or authorities	05:33
67	Making backend changes to load authorities from new DB table	09:39
68	Configuring Authorities inside web application using Spring Security-Theory	03:15
69	Configuring Authorities inside web application using Spring Security - Coding	06:32
70	Authority Vs Role in Spring Security	04:07
71	Configuring Roles Authorization inside web app using Spring Security-Theory	02:39
72	Configuring Roles Authorization inside web app using Spring Security-Coding	05:31
73	Introduction to Filters in Spring Security and the sample use cases	04:57
74	Demo of Inbuilt Filters of Spring Security framework	07:30
75	How to create our own custom filter	04:21
76	Adding a custom filter using addFilterBefore() method	08:55
77	Adding a custom filter using addFilterAfter() method	05:54
78	Adding a custom filter using addFilterAt() method	05:35
79	Details about GenericFilterBean and OncePerRequestFilter	07:02
80	Demo of JSESSIONID and issues with it	03:45
81	Advantages of Token based Authentication	08:22
82	Deep dive about JWT Tokens - Part 1	06:31
83	Deep dive about JWT Tokens - Part 2	08:51
84	Making project configuration to use JWT tokens	06:16
85	Configuring filters to generate the JWT tokens	08:28
86	Configuring filters to validate JWT tokens	08:17
87	Making changes on the client side for JWT token based authentication	02:55
88	Validating the JWT changes made by running the applications	05:42
89	Validating the JWT token expiration scenario	02:59
90	Introduction to method level security in Spring Security	05:45
91	Details about method invocation authorization in method level security	08:23
92	Demo of method level security using @PreAuthorize	05:51
93	Demo of method level security using @PostAuthorize	03:28
94	Details about filtering authorization in method level security	03:38
95	Demo of @PreFilter annotation	07:46
96	Demo of @PostFilter annotation	04:20
97	Problems that OAUTH2 trying to solve	11:04
98	Introduction to OAUTH2	06:31
99	OAuth2 terminologies or jargons	04:55
100	OAuth2 Sample flow - Theory	06:05
101	Demo of OAuth2 Sample flow	06:36
102	Deep dive on Authorization code grant type flow in OAUTH2	09:37
103	Demo of Authorization code grant type flow in OAUTH2	05:51
104	Deep dive & Demo of implicit grant flow in OAUTH2	05:25
105	Deep dive of password grant type flow in OAUTH2	04:24
106	Deep dive of client credentials grant type flow in OAUTH2	03:32
107	Deep dive of refresh token grant type flow in OAUTH2	06:19
108	How resource server validates the tokens issued by Auth server	02:55
109	Introduction to OpenID Connect	10:22
110	Registering the client details with the GitHub to use it's OAUTH2 Auth server	04:57
111	Building a springboot application that uses GitHub Auth server during OAuth2	07:42
112	Running and verifying the sample application using GitHub OAUTH2	04:41
113	Introduction to OAUTH2 flow inside EazyBank web App	02:22
114	Introduction to KeyCloak Auth Server	04:43
115	Installation of KeyCloak server & setup admin account	04:22
116	Setup a Realm inside KeyCloak Server for EazyBank App	02:01
117	Creating Client Credentials inside KeyCloak for API-API secured invocations	04:48
118	Setup of EazyBank Resource Server	14:20
119	Getting Access token from KeyCloak using client credentials grant type	07:55
120	Passing Access token to Resource server for response through Postman	04:58
121	Understanding Authorization code grant type for EazyBank App	02:43
122	Creating Client and User details inside KeyCloak for Auth code grant flow	03:58
123	Testing Authorization code grant type using Postman App	09:04
124	Deep dive on Authorization code grant type with PKCE	09:28
125	Demo of Authorization code grant type with PKCE	06:29
126	Creating public facing client details inside KeyCloak server	03:08
127	Implementing PKCE Authorization code grant type inside Angular UI App - Part 1	08:32
128	Implementing PKCE Authorization code grant type inside Angular UI App - Part 2	08:02
129	Testing PKCE flow inside Eazy Bank application	05:52
130	Important features of KeyCloak	07:37
131	Social Login integration with the help of KeyCloak Server	05:28
132	Thank You and Congratulations	01:37

Unlock unlimited learning

Get instant access to all 131 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.

Learn more about subscription

What courses are similar to Spring Security 6 Zero to Master along with JWT,OAUTH2?

Updated 2y ago
Java Design Patterns
By: Java Specialists
Our Java Design Patterns Course is the best value-for-money education you can give your programmers. During an intensive 4 days, we cover all of the Gang-of-Fou
16h 20m
Updated 2y ago
Java Multithreading, Concurrency & Performance Optimization
By: Udemy
If you had your own jet plane, would you drive it to the grocery store, or fly it on a tour around the world?
5h 16m
Updated 2y ago
Data Structures & Algorithms !
By: Udemy
Learn data structures and algorithms from scratch. Start with basic data structures and work your way up to intermediate. This course is for all those who want
28h 40m5/5
Updated 2y ago
Learn Java Unit Testing with Junit & Mockito in 30 Steps
By: Udemy
Learn Mockito and JUnit - the most popular Java unit testing and mocking frameworks - with 25 Examples. Writing Great Unit Tests distinguishes Good Programmers
4h 44m
Updated 2y ago
Recursion, Backtracking and Dynamic Programming in Java
By: Udemy
This course is about the fundamental concepts of algorithmic problems focusing on recursion, backtracking, dynamic programming and divide and conquer approaches
9h 46m
Updated 2y ago
Java Programming Bootcamp: Zero to Mastery
By: Zero To Mastery
Learn Java programming from scratch to advanced skills with an industry expert. Enhance your skills with over 80 exercises and 18 quizzes. Perfect for aspiring
9h 15m
Updated 2y ago
Data Structures in Java
By: Java Specialists
Data Structures in Java (Late 2017 Edition) is an action-packed 8 hours of tips and tricks that professional Java programmers have used for the past 20 years.
8h 3m

More courses by Udemy

Updated 3y ago
Complete C# Unity Game Developer 3D
This is the long-awaited sequel to the Complete Unity Developer - one of the most popular e-learning courses on the internet!
30h 34m
Updated 3y ago
Nest.js Microservices: Build & Deploy a Scaleable Backend
Nest.js is an incredible backend framework that allows us to build scaleable Nodejs backends with very little complexity. A Microservice architecture is a popul
5h 39m5/5
Updated 3y ago
The HTML & CSS Bootcamp 2023 Edition
Brand new HTML & CSS course, just released in February 2023 Check out the promo video to see the beautiful, responsive projects we build in this course!
37h 18m5/5
Updated 3y ago
Microservices with Node JS and React
Event-Based Architecture? Covered! Server side rendering with React? Yep. Scalable, production-ready code? Its here!
54h 13m5/5
FreeClassic
100 Days of Code - The Complete Python Pro Bootcamp for 2023
100 Days of Code: The Complete Python Pro Bootcamp 2023 by Angela Yu — Python basics, web scraping, data science, GUI projects, and more.
58h 35m5/5
Updated 3y ago
React - The Complete Guide
React: The Complete Guide by Maximilian Schwarzmüller — original 2022 edition covering React hooks, Redux, Context API, Next.js basics.
47h 42m5/5

Frequently asked questions

What prerequisites should I have before taking this course?

Before enrolling in this course, you should have a basic understanding of Java and the Spring framework. While no prior experience with security work is required, a willingness to learn about security practices is necessary.

What projects or applications will I build during the course?

Throughout the course, you will work on securing a Java web application using Spring Security. A significant part of the course is dedicated to developing and securing the EazyBank application, where you'll create backend services, configure user management, and handle login and registration.

How does this course compare in depth and scope to other security courses?

This course provides a detailed exploration of Spring Security 6, focusing on login, roles, request checks, and API protection with JWT and OAuth2. It covers essential topics such as CSRF and CORS handling, user management, and social login, offering a comprehensive introduction to securing Java web applications.

What specific tools or platforms are taught in this course?

The course teaches Spring Security 6, focusing on its packages, classes, and interfaces. You will also learn about PasswordEncoders, JwtToken, OAuth2, and Keycloak for setting up an authorization server. There is also a focus on database management using JdbcUserDetailsManager and creating custom user tables.

What is NOT covered in this course?

The course does not cover advanced security protocols beyond JWT and OAuth2, nor does it delve into network security or security in non-Java contexts. Additionally, it does not provide training on security certifications or non-Spring security frameworks.

How much time should I expect to commit to this course?

The course contains 132 lessons, and while the total runtime is not specified, you should anticipate a significant time commitment to cover all topics thoroughly, including hands-on exercises and practical application in the EazyBank project.

How will the skills learned in this course be valuable for my career?

The skills learned in this course, such as securing web applications with Spring Security, handling JWT and OAuth2, and managing user authentication and authorization, are crucial for roles in Java development and software security. They provide a solid foundation for further specialization in cybersecurity or advanced application development.