Securing REST Services Using Spring Security 5

Focused View

Federico Mestrone

2:32:08

109 View

1. Course Overview

1. Course Overview.mp4

01:51

2. Manually Securing a CLI Application

1. Introduction.mp4

03:14

2. An Overview of the Sample Application - NekoShlink.mp4

04:36

3. Demo - Getting Familiar with NekoShlink.mp4

02:13

4. Introducing Spring Security Internals.mp4

06:33

5. Demo - Securing the NekoShlink CLI.mp4

06:13

6. Summary.mp4

00:31

3. Adding Authentication to a RESTful API with Spring Security and Spring Boot

1. Introduction.mp4

03:20

2. The NekoShlink REST Project.mp4

02:20

3. Demo - Getting Familiar with the NekoShlink REST .mp4

02:25

4. Demo - Adding API Key Authentication with a Custo.mp4

05:39

5. Transport Layer Security (TLS) and Server X.509 C.mp4

02:32

6. Demo - Adding TLS to NekoShlink.mp4

04:46

7. Mutual Transport Layer Security (mTLS) and Client.mp4

01:08

8. Demo - Adding mTLS to NekoShlink.mp4

04:47

9. Summary.mp4

00:35

4. Creating and Maintaining a User Base for your RESTful API

1. Introduction.mp4

02:14

2. User Repositories in Spring Security.mp4

04:15

3. Demo - A Custom DAO Authentication Provider for NekoShlink.mp4

04:52

4. Spring Security Login Options.mp4

04:59

5. Demo - Basic and Form-based Challanges in NekoShlink.mp4

03:26

6. Summary.mp4

01:06

5. Implementing OIDC Authentication with KeyCloak

1. Introduction.mp4

02:48

2. OAuth2 Overview.mp4

03:37

3. OpenID Connect (OIDC) Overview.mp4

02:18

4. OAuth2 (and OIDC) Servers.mp4

01:43

5. Demo - Setting up the Spring Authorization Server.mp4

04:11

6. OAuth2 Flows.mp4

02:06

7. Demo - Using the Spring Authorization Server in NekoShlink.mp4

02:57

8. Demo - Using KeyCloak in NekoShlink.mp4

06:14

9. Summary.mp4

00:32

6. Adding Authorization to the RESTful API Endpoints

1. Introduction.mp4

02:06

2. Authorizing HTTP Endpoints.mp4

04:28

3. Demo - Role-based Authorization for NekoShlinks REST Endpoints.mp4

02:47

4. Role Hierarchies.mp4

02:05

5. Demo - Using Role Hierarchies with NekoShlink Roles.mp4

01:49

6. Summary.mp4

00:34

7. Adding Authorization to the Business Logic Services

1. Introduction.mp4

03:07

2. Applying Method-level Security to Web Endpoints.mp4

03:54

3. Applying Method-level Security to Service Beans.mp4

01:33

4. Declaring and Using Custom Security Annotations.mp4

01:15

5. The Need for RunAs Delegation.mp4

01:37

6. Demo - Using RunAs Delegation in NekoShlink.mp4

01:41

7. Summary.mp4

01:04

08. Auditing Access to the Application

01. Introduction.mp4

02:03

02. Auditing User Access to a Spring Application.mp4

02:44

03. Demo - Auditing User Access in NekoShlink with Spring Security and Spring Actuator Event.mp4

03:21

04. Auditing Access to Data in a Spring Application.mp4

02:49

05. Demo - Auditing Data Access in NekoShlink with JPA Callbacks and Spring Data Audit.mp4

02:51

06. Auditing Changes to Data and Storing Historical Data with Hibernate Envers.mp4

01:43

07. Demo - Integrating Hibernate Envers to NekoShlink.mp4

01:53

08. Auditing Changes to Data and Storing Historical Data with JaVers.mp4

01:18

09. Demo - Integrating JaVers to NekoShlink.mp4

02:26

10. Summary.mp4

00:34

11. Course Wrap-up.mp4

02:25

Description

Learn the best practices to protect HTTP-based APIs using Spring Security. This course will teach you not only how to secure new Spring Boot applications that you are beginning to work on, but also how to add security to existing ones.

What You'll Learn?

As REST APIs become more and more common, securing them from unauthorized access and protecting them from hacking attacks is vital. In this course, Securing REST Services Using Spring Security 5, you’ll learn exactly that: how to make sure only authorized users can access your APIs and protecting them against common attacks. First, you’ll explore how to add authentication to your REST endpoints. Next, you’ll discover how to pass claims and scopes into your web-based application. Finally, you’ll learn how to secure both your HTTP endpoints and the service layer methods that implement their logic. When you’re finished with this course, you’ll have the skills and knowledge of Spring Security needed to write secure HTTP-based APIs for your websites, mobile apps, and other programmatic clients

More details

User Reviews

Rating

average 0

Total votes0

Focused display

REST API

Spring Framework

Federico Mestrone

Instructor's Courses

Also known as Fed in the English-speaking world, Federico has an intriguing eclectic approach to technology. In love with it since he was 12 - back in the days of the Commodore 64 - he betrays it on a regular basis: first with ballet and contemporary dance, then with synchronised swimming, recently with Japanese language and culture. Mostly a Java/Scala developer and Linux/Mac OS user, over the course of 20+ years he has had commercial experience in several other platforms and programming languages, from C++ to iOS/Android to Python to Angular. Currently he concentrates on (technical) training and education, but hasn't really decided what he wants to do when he grows up yet!

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.