Spring Security Master Class

May 11, 2021 Courses
Spring Security Master Class

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 13 Hours | 6.78 GB

Learn how to implement the Spring Security module

This course is a deep-dive into the Spring Security project. In this course, we will learn how to identify security issues with our applications and how Spring Security can help solve those issues.

This application has extensive testing and extensive documentation so you will completely understand each security task in each section and why that task is being done as well as what side-effects might occur due to the changes we make.

We will take a very incremental approach to each and every section task, so you will build your deep knowledge of Security and the Spring Security module and by the end of this course, you will have a deep theoretical as well as hands-on practical knowledge of all of the Security topics covered in this course.

Course Outline:

  • By the end of the course you will:
  • Detail the topics of this course including:
  • Introduction to Application Security
  • Introduction to the Spring Ecosystem
  • Introduction to Spring Security
  • How to perform security-based tests in Spring
  • Testing support for Spring-based Applications
  • Customizing Authentication
  • Leverage JDBC for Authentication and Authorization
  • Leverage Spring-Data JPA for Authentication and Authorization
  • Leverage MongoDB and Spring-Data for Authentication and Authorization

Course Overview:

  • Section 1: Introduction to this course
  • Section 2: Introduction To Security
  • Section 3: The Spring Ecosystem
  • Section 4: Getting Started with Spring Security
  • Section 5: Spring Security Testing
  • Section 6: Customizing Authentication
  • Section 7: Leveraging JDBC for Authentication and Authorization
  • Section 8: Leveraging JPA for Authentication and Authorization

What you’ll learn

  • Understand how Spring Security fits into the Spring Ecosystem
  • Understand Security Concepts
  • Learn the Spring Security architecture
  • Learn how to implement Spring Security
  • Learn how to leverage Spring Boot test support including Junit 5, BDD, Mockito, MockMvc
  • Learn how to leverage Spring Security JUnit test support
  • Learn how to leverage various Authentication and Authorization features using Spring Security
  • Learn how to implement Jdbc-based authentication and authorization
  • Learn how to implement JPA-based authentication and authorization
  • Learn how to implement Document-based authentication and authorization with MongoDB
  • Learn Spring Security with a code-base that has been tested with 99% branch coverage
  • Learn how to use the remeber-me service
  • Learn x.509 client certificates
Table of Contents

Course Introduction
1 Introduction
2 Course Overview
3 IMPORTANT NOTES FOR STARTING THIS COURSE
4 Getting the project code
5 Intelli-j IDE setup
6 Code Layout
7 Running the application chapter01.00
8 Project Overview
9 H2 Database Administration
10 About your instructor
11 Questions before we begin

Introduction to Application Security
12 Introduction
13 Authentication
14 Authorization
15 Credential security
16 Sensitive information
17 Transport-Layer Security
18 Open Web Application Security Project (OWASP)
19 Spring Security to the rescue
20 Summary

Introduction to the Spring Framework Testing
21 Introduction
22 Spring Junit 5 Testing
23 BDD Mockito Testing
24 Spring Mvc Mock Testing
25 Spring Mvc HtmlUnit Testing
26 Executing application tests

Getting Started with Spring Security
27 Introduction
28 Section Documentation Review
29 Introduction to Spring Security
30 Spring AOP
31 Servlet Filters and Security FilterChain
32 Updating project dependencies
33 Implementing a base Security Configuration
34 Implement in-memory Authentication
35 Implement base HttpSecurity
36 Running application with custom configuration
37 Common issues with our project
38 Customizing Login
39 Configuring user logout
40 Running the application chapter02.02
41 Basic Role-based authorization
42 Pattern Matching with antMatchers
43 Running the application – chapter02.03
44 Expression-based authorization
45 Running chapter02.04
46 Conditionally displaying information
47 Running chapter02.05
48 Customizing behavior after login and run chapter02.06
49 Summary

Spring Security Debugging and Testing
50 Spring Security Debugging
51 Overview of Spring Security Testing
52 Updating project dependencies
53 Security MockMvc Test Integration
54 Method Security Testing
55 Mocking Security Users
56 Security MockMvc PostProcessor’s
57 Security MockMvc RequestBuilder’s
58 Security MockMvc ResultMatcher’s
59 Security MockMvc Login Tests
60 Custom MockUser Annotations
61 Issues with MockUser annotations and RequestBuilders

Customizing Authentication
62 Introduction
63 Section Documentation Review
64 Architecture for custom Authentication
65 Implement custom UserContext
66 Running chapter03.01
67 New user registration
68 Expose UserDetailsManager
69 Creating new Authentication Users
70 Logging in new User to Security Context
71 Auto-login for new registrations
72 Running chapter03.02
73 Custom UserDetailsService Object
74 Configuring UserDetailsService
75 Removing references to UserDetailsManager
76 Running chapter03.03
77 Update UserDetailsService
78 Displaying custom user attributes
79 Update Tests with @WithUserDetails annotation
80 Mocking UserDetailsService Users
81 Running chapter03.04
82 Custom AuthenticationProvider
83 Configure Custom AuthenticationProvider
84 Running chapter03.05
85 Mocking AuthenticationProvider Users
86 Authenticating with different parameters
87 Updating AuthenticationProvider to utilize additional parameters
88 Refactor login.html file adding an additional parameter
89 Create Custom Authentication Filter
90 Configure Custom Authentication Filter
91 How does the Custom Authentication Filter Work
92 Running chapter03.06
93 Which authentication method to use

JDBC for Authentication and Authorization
94 Introduction
95 Section Documentation Review
96 Updating project dependencies
97 Configuring H2 embedded database
98 Defining user and authorities schema (DML) and data (DDL)
99 Configuring Jdbc-based UserDetailsManager
100 Running chapter04.01
101 Review Group-based access control (GBAC)
102 Configure Group-based access control (GBAC)
103 Running chapter04.02
104 Support for custom security schema
105 Configuring support for custom security schema
106 Running chapter04.03
107 Securing passwords
108 Configuring bcrypt password encoding
109 Updating existing user passwords
110 Running chapter04.04
111 Summary

JPA for Authentication and Authorization
112 Section Documentation Review
113 Updating project dependencies
114 Update datasource configuration
115 Initializing the JPA RDBMS database
116 Refactor JPA mapping for domain objects
117 Creating Spring-Data Repository Objects
118 Refactoring UserDao from JDBC to JPA
119 Refactoring EventDao from JDBC to JPA
120 Updating UserDetailsService
121 Clean-up misc code
122 Update JPA Repository Tests
123 Running chapter05.01
124 Refactoring from an RDBMS to a document database
125 Updating chapter05.02 project dependencies
126 Reconfiguring the database configuration to MongoDB
127 Initializing the MongoDB database
128 Mapping domain objects with MongoDB
129 Refactor JPA repositories to MongoDB
130 Migrate DAO Services from JPA to MongoDB
131 Running chapter05.02

Miscellaneous course details
132 Promotional Course Video

Homepage

Resolve the captcha to access the links!