Video description
Understand how to protect Java framework applications by learning cutting-edge Spring Security techniques
About This Video
- Gain a deep understanding of Spring Security
- Explore the Spring Security toolset for authentication and authorization of users
- Become familiar with the Test-Driven Development (TDD) approach
In Detail
Increasing cases of online security breaches have made it important for every organization to ensure that their applications are secure. With this video course, you'll explore Spring Security techniques that'll help you in authenticating and authorizing users, and protecting your applications from hazardous security breaches.
The course begins with an introduction to Spring Security, enabling you to understand its importance in securing framework applications. You’ll leverage the auto-configuration capabilities of Spring Boot to secure a web application using HTTP basic authentication. Next, you’ll learn how to replace and customize the default Spring Boot auto-configuration with the help of a series of exercises. Moving ahead, you’ll discover the unique security aspects in a Spring Boot web application that mimics a robust monolithic application with web pages and RESTful endpoints. Later, you’ll follow a Test-Driven Development (TDD) approach to understand the features of Spring Security. With the help of interesting examples, you’ll also be able to write a failing test using JUnit 5, Mockito, and Spring MockMVC
By the end of this video course, you’ll have developed the skills you need to use Spring Security to secure your framework applications.
Publisher resources
Table of contents
- Chapter 1 : Introduction
- Chapter 2 : Introduction to Spring Security
- Chapter 3 : HTTP Basic Auth
- Chapter 4 : Spring Security Java Configuration
- Chapter 5 : In-Memory Authentication Provider
-
Chapter 6 : Password Security
- Introduction
- Password Encoding
- Message-Digest Algorithm (MD5) Hash and Password Salt
- NoOpPasswordEncoder
- LdapPasswordEncoder
- Secured Hash Algorithm 256 (SHA-256) Password Encoder
- BCryptPasswordEncoder
- Delegating Password Encoder
- Custom Delegating Password Encoder
- Assignment - Add Custom Bcrypt Encoder
- Chapter 7 : Custom Authentication Filter
-
Chapter 8 : Database Authentication
- Introduction
- Database Authentication Overview
- Java Persistence API (JPA) Entities
- Project Lombok Configuration
- Spring Data Java Persistence API (JPA) Repositories
- Assignment - Bootstrap User Data
- Hypersonic 2 (H2) Database Console Access
- User Details Service
- Spring Security Configuration
- 8.10Spring Boot Test Context
-
Chapter 9 : User Roles
- Introduction
- Authorization in Spring Security
- Configuring User Roles
- Verify Role in Filter - Delete
- Assignment - Limit List Breweries to Customer
- Allow Multiple Roles
- Refactor JUnit 5 Tests
- Assignment - Use Multiple Roles
- Introduction to Method Security
- Security Expression Based Syntax
- Assignment - Use Method Expression
-
Chapter 10 : User Authorities
- Introduction
- Overview Database Refactoring
- Update Java Persistence API (JPA) Configuration
- Defining Roles for Beer Operations
- Assignment - Define Roles for Customer Operations
- Update Spring Security for RESTful Beer API
- Assignment - Update Remaining Controllers
- Custom Authorization Annotations
- Assignment - Update to Use Custom Auth Annotations
-
Chapter 11 : Multi-tenancy Security
- Introduction
- Multi-tenancy Overview
- Order Controller Code Review
- Define Roles for Beer Orders
- Update Java Persistence API (JPA) User
- User Customer Java Persistence API (JPA) Mapping
- Refactor Bootstrap Data
- Test-driven development (TDD) - Write Failing Tests
- Custom Authentication Manager
- Secure Read Order
- Using Authentication Principle
- Spring Security with Spring Data Java Persistence API (JPA)
- Chapter 12 : Cross-Site Request Forgery (CSRF) Protection with Spring Security
- Chapter 13 : Login Form
- Chapter 14 : Remember Me
-
Chapter 15 : User Lockout Using Spring Security Events
- Overview of Spring Security Authentication Events
- Configuration of Spring Security Event Publisher
- Logging Off Authentication Success Events
- Persistence of Authentication Success Events
- Locking User Account After Failed Attempts
- Account Locked Message
- Automatically Unlocking Accounts After a Period of Time
-
Chapter 16 : Two-factor Authentication (2FA)
- Two-factor Authentication (2FA) Overview
- Google Authenticator with Spring Security
- Configure User Entity for Two-factor Authentication (2FA)
- Configure Two-factor Authentication (2FA) Registration Controller
- Configure Google Secret Persistence
- Generate Quick Response Code (QR Code) for Google Authenticator
- Verify Two-factor Authentication (2FA) Opt-In
- Two-factor Authentication (2FA) Verification UI
- Spring Security Two-factor Authentication (2FA) Filter
- Spring Security Two-factor Authentication (2FA) Failure Handler
- Exclude Static Resources from Filter
- Java Configuration and Two-factor Authentication (2FA) Demo
- Two-factor Authentication (2FA) Retrospective
-
Chapter 17 : Cross-Origin Resource Sharing (CORS)
- Overview of Cross-Origin Resource Sharing (CORS)
- Disable Spring Security for Testing
- Spring Model-View-Controller (MVC) Cross-Origin Resource Sharing (CORS) Configuration
- Spring Model-View-Controller (MVC) Cross-Origin Resource Sharing (CORS) Annotation Config
- Spring Security Cross-Origin Resource Sharing (CORS) Configuration
Product information
- Title: Spring Security Core: Beginner to Guru
- Author(s):
- Release date: September 2020
- Publisher(s): Packt Publishing
- ISBN: 9781800560000
You might also like
book
Clean Code: A Handbook of Agile Software Craftsmanship
Even bad code can function. But if code isn't clean, it can bring a development organization …
book
40 Algorithms Every Programmer Should Know
Learn algorithms for solving classic computer science problems with this concise guide covering everything from fundamental …
book
Building Microservices, 2nd Edition
Distributed systems have become more fine-grained as organizations shift from code-heavy monolithic applications to smaller, self-contained …
book
Head First Design Patterns, 2nd Edition
You know you don’t want to reinvent the wheel, so you look to design patterns—the lessons …