Spring Security 6 Zero to Master along with JWT,OAUTH2

14h 50m 3s
English
Paid
July 8, 2024

'Spring Security Zero to Master' course will help in understanding the Spring Security Architecture, important packages, interfaces, classes inside it which handles authentication and authorization requests in the web applications. It also covers most common security related topics like CORs, CSRF, JWT, OAUTH2, password management, method level security, user, roles & authorities management inside web applications.

More

Below are the important topics that this course covers:

  1. Spring Security framework details and it features

  2. How to adapt security for a Java web application using Spring Security

  3. Password Management in Spring Security with PasswordEncoders

  4. Deep dive about encoding, encryption and hashing

  5. What is CSRF, CORS and how to address them

  6. What is Authentication and Authorization. How they are different from each other.

  7. Securing endpoint URLs inside web applications using Ant, MVC & Regex Matchers

  8. Filters in Spring Security and how to write own custom filters

  9. Deep dive about JWT (JSON Web Tokens) and the role of them inside Authentication & Authorization

  10. Deep dive about OAUTH2 and various grant type flows inside OAUTH2.

  11. Deep dive about OpenID Connect & how it is related to OAUTH2

  12. Applying authorization rules using roles, authorities inside a web application using Spring Security

  13. Method level security in web/non-web applications

  14. Social Login integrations into web applications

  15. Set up of Authorization Server using KeyCloak

The pre-requisite for the course is basic knowledge of Java, Spring and interest to learn.

Watch Online Spring Security 6 Zero to Master along with JWT,OAUTH2

Join premium to watch
Go to premium
# Title Duration
1 Course Introduction 07:33
2 Details of Source Code, PDF Content & other instructions for the course 04:00
3 What is Security & Why it is important 07:08
4 Creating a simple Spring Boot app with out security 11:45
5 Securing Spring Boot basic app using Spring Security 06:43
6 Configure static credentials inside application properties file 04:47
7 Why should we use Spring Security framework 04:35
8 Quick introduction to Servlets & Filters 05:07
9 Introduction to Spring Security Internal flow 10:25
10 Demo of Spring Security internal flow 14:25
11 Sequence flow of the Spring Security default behaviour 04:51
12 Understanding on how multiple requests work with out credentials 04:12
13 Understanding about UI part of the EazyBank application 05:43
14 Backend REST services required for EazyBank app 03:09
15 Creating backend services needed for the EazyBank application - Part 1 07:34
16 Creating backend services needed for the EazyBank application - Part 2 05:58
17 Checking the default configuration inside the spring security framework 07:19
18 Modifying the code as per our custom requirements 06:51
19 Denying all the requests 04:36
20 Permit all the requests 04:48
21 Introduction to the agenda of the section 04:19
22 Configuring users using InMemoryUserDetailsManager - Approach 1 09:38
23 Configuring users using InMemoryUserDetailsManager - Approach 2 05:24
24 Understanding User Management interfaces and Classes 08:52
25 Deep Dive of UserDetails Interface & User class 12:01
26 Deep Dive of UserDetailsService & UserDetailsManager Interfaces 04:53
27 Deep Dive of UserDetailsManager Implementation classes 12:04
28 Creating MySQL Database in the cloud 13:14
29 Connecting to DB & Creating Users inside the DB as per JdbcUserDetailsManager 08:36
30 Using JdbcUserDetailsManager to perform authentication 11:19
31 Creating our own custom tables for Authentication 05:03
32 Creating JPA Entity and repository classes for new table 08:56
33 Creating our own custom implementation of UserDetailsService 09:55
34 Building a new REST API to allow the registration of new User 13:56
35 How our passwords validated in Spring Security by default 08:46
36 Encoding Vs Encryption Vs Hashing - Part 1 06:35
37 Encoding Vs Encryption Vs Hashing - Part 2 10:08
38 How Our passwords will be validated with hashing & PasswordEncoders 03:02
39 Deep dive of PasswordEncoder interface 04:49
40 Deep dive of PasswordEncoder implementation classes - Part 1 09:06
41 Deep dive of PasswordEncoder implementation classes - Part 2 06:17
42 Demo of registration of new user with Bcrypt password encoder 07:57
43 Demo of login with Bcrypt password encoder 09:45
44 Why should we consider creating our own AuthenticationProvider 04:33
45 Understanding AuthenticationProvider methods 07:11
46 Implementing and Customising the AuthenticationProvider inside our application 08:16
47 Testing our custom AuthenticationProvider implementation 05:30
48 Spring Security Sequence flow with custom AuthenticationProvider 02:38
49 Setting up the EazyBank UI project 09:43
50 Understanding the UI project and walkthrough of the Angular code 13:34
51 Creating new DB schema for EazyBank scenarios 09:43
52 Updating Backend project based on the latest DB schema 09:31
53 Testing registration of the new user with latest changes 03:54
54 Taste of CORs error 05:43
55 Introduction to CORs 03:54
56 Possible options to fix the CORs issue 05:51
57 Fixing CORs issue using Spring Security 07:18
58 Demo of default CSRF protection inside Spring Security 05:34
59 Introduction to CSRF attack 05:27
60 Solution to handle CSRF attacks 05:57
61 Ignoring CSRF protection for public APIs 05:12
62 Implementing CSRF token solution inside our web application 20:24
63 Testing the CSRF related changes 09:47
64 Authentication Vs Authorization 05:58
65 How Authorities stored inside Spring Security 07:11
66 Creating new table authorities to store multiple roles or authorities 05:33
67 Making backend changes to load authorities from new DB table 09:39
68 Configuring Authorities inside web application using Spring Security-Theory 03:15
69 Configuring Authorities inside web application using Spring Security - Coding 06:32
70 Authority Vs Role in Spring Security 04:07
71 Configuring Roles Authorization inside web app using Spring Security-Theory 02:39
72 Configuring Roles Authorization inside web app using Spring Security-Coding 05:31
73 Introduction to Filters in Spring Security and the sample use cases 04:57
74 Demo of Inbuilt Filters of Spring Security framework 07:30
75 How to create our own custom filter 04:21
76 Adding a custom filter using addFilterBefore() method 08:55
77 Adding a custom filter using addFilterAfter() method 05:54
78 Adding a custom filter using addFilterAt() method 05:35
79 Details about GenericFilterBean and OncePerRequestFilter 07:02
80 Demo of JSESSIONID and issues with it 03:45
81 Advantages of Token based Authentication 08:22
82 Deep dive about JWT Tokens - Part 1 06:31
83 Deep dive about JWT Tokens - Part 2 08:51
84 Making project configuration to use JWT tokens 06:16
85 Configuring filters to generate the JWT tokens 08:28
86 Configuring filters to validate JWT tokens 08:17
87 Making changes on the client side for JWT token based authentication 02:55
88 Validating the JWT changes made by running the applications 05:42
89 Validating the JWT token expiration scenario 02:59
90 Introduction to method level security in Spring Security 05:45
91 Details about method invocation authorization in method level security 08:23
92 Demo of method level security using @PreAuthorize 05:51
93 Demo of method level security using @PostAuthorize 03:28
94 Details about filtering authorization in method level security 03:38
95 Demo of @PreFilter annotation 07:46
96 Demo of @PostFilter annotation 04:20
97 Problems that OAUTH2 trying to solve 11:04
98 Introduction to OAUTH2 06:31
99 OAuth2 terminologies or jargons 04:55
100 OAuth2 Sample flow - Theory 06:05
101 Demo of OAuth2 Sample flow 06:36
102 Deep dive on Authorization code grant type flow in OAUTH2 09:37
103 Demo of Authorization code grant type flow in OAUTH2 05:51
104 Deep dive & Demo of implicit grant flow in OAUTH2 05:25
105 Deep dive of password grant type flow in OAUTH2 04:24
106 Deep dive of client credentials grant type flow in OAUTH2 03:32
107 Deep dive of refresh token grant type flow in OAUTH2 06:19
108 How resource server validates the tokens issued by Auth server 02:55
109 Introduction to OpenID Connect 10:22
110 Registering the client details with the GitHub to use it's OAUTH2 Auth server 04:57
111 Building a springboot application that uses GitHub Auth server during OAuth2 07:42
112 Running and verifying the sample application using GitHub OAUTH2 04:41
113 Introduction to OAUTH2 flow inside EazyBank web App 02:22
114 Introduction to KeyCloak Auth Server 04:43
115 Installation of KeyCloak server & setup admin account 04:22
116 Setup a Realm inside KeyCloak Server for EazyBank App 02:01
117 Creating Client Credentials inside KeyCloak for API-API secured invocations 04:48
118 Setup of EazyBank Resource Server 14:20
119 Getting Access token from KeyCloak using client credentials grant type 07:55
120 Passing Access token to Resource server for response through Postman 04:58
121 Understanding Authorization code grant type for EazyBank App 02:43
122 Creating Client and User details inside KeyCloak for Auth code grant flow 03:58
123 Testing Authorization code grant type using Postman App 09:04
124 Deep dive on Authorization code grant type with PKCE 09:28
125 Demo of Authorization code grant type with PKCE 06:29
126 Creating public facing client details inside KeyCloak server 03:08
127 Implementing PKCE Authorization code grant type inside Angular UI App - Part 1 08:32
128 Implementing PKCE Authorization code grant type inside Angular UI App - Part 2 08:02
129 Testing PKCE flow inside Eazy Bank application 05:52
130 Important features of KeyCloak 07:37
131 Social Login integration with the help of KeyCloak Server 05:28
132 Thank You and Congratulations 01:37

Similar courses to Spring Security 6 Zero to Master along with JWT,OAUTH2

Java Crew #2

Java Crew #2podlodka.io

Duration 12 hours 12 minutes 58 seconds
Go Full Stack with Spring Boot and React

Go Full Stack with Spring Boot and Reactudemy

Duration 11 hours 43 minutes 36 seconds
Mastering Java 17

Mastering Java 17javaspecialists.eu

Duration 8 hours 20 minutes 27 seconds
Data Structures in Java

Data Structures in Javajavaspecialists.eu

Duration 8 hours 3 minutes 54 seconds
Learn Spring 5 and Spring Boot 2

Learn Spring 5 and Spring Boot 2baeldung

Duration 4 hours 57 minutes 32 seconds
Learn Spring Security: The Master Class

Learn Spring Security: The Master Classbaeldung

Duration 9 hours 22 minutes 39 seconds