Companies Home Search Profile
TrainingHub TrainingHub

Security in Spring Boot REST Web Service Applications

Focused View

Howard Hyde

7:56:58

0 View
  • 1. Introduction and Part 0 Is this course right for me.mp4
    06:43
  • 1. Its a dangerous world out there..mp4
    06:56
  • 2. Consequences of Security Breaches.mp4
    02:00
  • 3. The Mighty PASS-WORD.mp4
    06:03
  • 4. Introduction to Cryptography.mp4
    05:39
  • 5. Cryptography Algorithms and Keys.mp4
    05:43
  • 6. Symmetric and Asymmetric Cryptography.mp4
    03:07
  • 7. Named Branded Cryptography Algorithms.mp4
    07:45
  • 8. SSL and TLS.mp4
    02:34
  • 9. Digital Certificates and the Public Key Inftrastructure (PKI).mp4
    11:30
  • 10. TLS v1.2 Cipher Suites and Handshake.mp4
    06:55
  • 11. TLS v1.3 Cipher Suites and Handshake.mp4
    03:42
  • 12. The Mighty PASS-WORD Redux.mp4
    04:30
  • 1.1 readme-2024.07.25a.zip
  • 1. Part 2 Introducing the Demo App and its Components Overview.mp4
    10:52
  • 2. Database Schema Design Considerations.mp4
    03:56
  • 3.1 fboace-db-sql-ddl-dml-2024.07.24b.zip
  • 3.2 LICENSE.txt
  • 3. Business Application DB tables, columns, keys, views.mp4
    06:50
  • 4. UserSecurity DB tables, views and reference data.mp4
    09:31
  • 5.1 fboace04completerestws-develop-2024.07.23b.zip
  • 5.2 fortress-develop-2024.07.23b.zip
  • 5.3 LICENSE.txt
  • 5.4 radspringsecurity-master-2024.07.24b.zip
  • 5. Demo App web services overview and resource bundles.mp4
    08:47
  • 6.1 fboace04q-angular-develop-2024.07.23a.zip
  • 6. Client User Interface App AngularTypescript.mp4
    02:27
  • 1. Enabling HTTPS Overview Certificates, Spring Boot, Web Server.mp4
    03:09
  • 2. Deploying your Web App to your Domain.mp4
    02:41
  • 3. Acquire the Certificate from a Certificate Authority.mp4
    05:27
  • 4. Deploy Private Key and Certificate to Spring Boot project.mp4
    05:00
  • 5. Deploy Private Key and Certificate to web application server.mp4
    03:37
  • 1. Part 4 The Spring Security Framework in our Demo App Overview.mp4
    04:38
  • 2. Representing Users interfaces UserDetails, GrantedAuthority, and Authentication.mp4
    06:01
  • 3. Populating GrantedAuthority UserRoles and SubjectAction pairs.mp4
    04:46
  • 4. UserDetailsService, UserDetailsManager, and custom extensions.mp4
    04:47
  • 5. @EnableWebSecurity, @Bean PasswordEncoder and encryptingvalidating passwords.mp4
    05:36
  • 6. Overview of the Authentication and Authorization Cycle.mp4
    07:11
  • 7. Custom AuthenticationProvider, UserDetails and UserDetailsService; JWTs.mp4
    17:17
  • 8. UserDetailsService implementation deeper dive.mp4
    08:12
  • 9. Authorization Introducing @EnableWebSecurity and @Bean SecurityFilterChain.mp4
    07:23
  • 10. Authentication, Authorization Filter and Validating the JWT.mp4
    06:35
  • 11. One Spring Boot Webservice authenticates another WebClient.mp4
    16:30
  • 12. Endpoint Authorization with requestMatchers(), hasAnyRoles() hasAnyAuthorities().mp4
    11:41
  • 13. Method-based Authorization with @EnableMethodSecurity.mp4
    26:19
  • 14. Implementing Authentication and (Role-based) Authorization in Angular.mp4
    01:24
  • 15. Authentication using Angular and Typescript.mp4
    06:02
  • 16. Authorization using Angular and Typescript.mp4
    11:45
  • 1. Part 5 Spring Security Theory, Architecture and Variations Overview.mp4
    07:30
  • 2.1 fboace04completerestws-Spring-Security-Inception-2024.07.23b.zip
  • 2.2 LICENSE.txt
  • 2. Spring Security Inception.mp4
    07:41
  • 3. Filters and Configuration - Introduction.mp4
    04:56
  • 4. Filters and Configuration CORS (Cross-Origin Resource Sharing).mp4
    11:17
  • 5. Filters and Configuration CSRF, SessionManagement, httpBasic, formLogin.mp4
    05:33
  • 6. Filters and Configuration requestMatchers() and Actionapplied policies.mp4
    12:41
  • 7. Filters and Configuration Custom Filters and insertion into the chain.mp4
    08:20
  • 8.1 fboace04completerestws-AuthenticationManager-2024.07.23b.zip
  • 8.2 LICENSE.txt
  • 8. User Account Representation, Persistence and Management.mp4
    10:35
  • 9. Spring Security standard User SQL database schema.mp4
    02:21
  • 10. Basic Authentication Scenarios.mp4
    18:52
  • 11. Basic Authentication Review.mp4
    06:32
  • 12. Authentication Endpoint.mp4
    06:58
  • 13. Authorization with JWT.mp4
    05:17
  • 14. UserDetailsManager Maintaining User and Authorities data.mp4
    18:21
  • 15. Conclusion.mp4
    00:57
  • 1. Introduction to this Appendix.html
  • 2. PostgreSQL Database installation and tools.mp4
    01:31
  • 3. PostGreSQL Installation on Windows.mp4
    02:36
  • 4. Using pgAdmin.mp4
    09:19
  • 5. Using the psql command-line tool.mp4
    11:14
  • 1. EXTRA APPENDIX II Maintaining Data with the Java Persistence API (JPA).html
  • 2. JPA Sneak Peek.mp4
    02:54
  • 3. JPA Model Entities.mp4
    14:47
  • 4. JPA Repositories.mp4
    09:27
  • 1. Advanced Database Design Concepts.html
  • 2. FboAce Schema and Set-based Business Rules.mp4
    15:48

    • Description

    With Spring Security, authentication, filters, JWT, TLS/HTTPS, Digital Certificates, PKI and Role-based Authorization

    What You'll Learn?

    • Comprehensive Security for Spring Boot REST web service applications: HTTPS, User management, Authentication, Role-based Authorization
    • General principles of cyber security: Threats and defenses, Cryptography (encryption/decryption/hashing; symmetric/asymmetric), TLS, cypher suites
    • Implementing user/security and business databases, JSON Web Tokens (JWTs) and SSL/TLS over HTTP (HTTPS) communication with web services
    • Spring Security Framework: Architecture, Theory, practical examples: Configuration, filters, authentication and authorization

    Who is this for?

  • Web service developers/software engineers, architects, cyber security professionals

    • What You Need to Know?

  • Intermediate Java programming and Spring Boot development knowledge

    • More details

    Description

    A complete practical case study and tutorial featuring the Spring Security framework.

    • Filters and configuration

    • Authentication

    • JSON Web Tokens (JWT)

    • Role-based Authorization

    • In-depth theory


    Also:

    • General Cybersecurity principles and concepts

    • Cryptography: Encryption, encoding and hashing

    • Symmetric and Asymmetric (public/private key) encryption

    • HTTP over SSL/TLS (HTTPS)

    • Digital Certificates & Public Key Infrastructure (PKI)

    • TLS Cipher Suites and handshakes


    Case study of a Demo App with 2 Spring Boot REST web services, an Angular/Typescript UI client app and PostGreSQL database(s), which

    • Encrypts all communication between browser and server via HTTP over SSL/TLS (HTTPS)

    • Establishes trust via signed digital certificates (Public Key Infrastructure -- PKI)

    • Requires valid credentials to log in.

    • Custom example user/role/resource/action/authority database.

    • Limits access to resources in web service and client app according to roles / authorities of user account; detailed development of Authorization

    • Employs JSON Web Tokens (JWTs) as its authorization mechanism.

    • NOT WebMvc: Does NOT track sessions or JSESSONID cookies; does not output HMTL, login forms etc. (not JSP or Thymeleaf)

    • Rather, REpresentational State Transfer (REST): Exchanges JSON data payloads with clients

    • Assumes clients take care of all UI elements, HTML code, css, Javascript etc.


    Course Structure

    • Part 0: Is this Course Right for Me?

    • Part 1: General Cyber Security Principles

    • Part 2: Introducing the Demo App and its Components

    • Part 3: Application Security elements BEFORE adding the Spring Security Framework

    • Part 4: The Spring Security Framework in our Demo App

    • Part 5: A Deeper Dive into Spring Security Architecture and Theory


    Who this course is for:

    • Web service developers/software engineers, architects, cyber security professionals

    User Reviews
    Rating
    0
    0
    0
    0
    0
    average 0
    Total votes0
    Focused display
    Category

    REST API

    Howard Hyde
    Howard Hyde
    Instructor's Courses
    Howard has 29 years experience in the Information Technology field, with expertise in Java (Spring Boot webservices) relational database application development and AWS. His past clients and employers include Kajeet (formerly Arterra Mobility), Oracle Corp, Bank of America, Kaiser, the New York Stock Exchange, Cardinal Health, Amgen and Union Bank.He holds a Bachelor of Arts degree in Music from the University of Southern California, where he played trumpet in the symphony orchestra. Prior to that he played with the  Jazz orchestra Bekummernis in Paris, France.
    Udemy
    Udemy
    View courses Udemy
    Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.
    • language english
    • Training sessions 63
    • duration 7:56:58
    • Release Date 2024/10/05

    Courses related to REST API

    Using REST APIs and JSON Online Training
    CBT Nuggets Chuck Keith
    Chuck Keith
    Using REST APIs and JSON Online Training
    1:27:27
    03/27/2023
    REST API using GoLang, PostgreSQL, Keycloak, Docker
    Udemy Aman Bhardwaj
    Aman Bhardwaj
    REST API using GoLang, PostgreSQL, Keycloak, Docker
    2:33:55
    11/15/2023
    Postman: An Incredible Tool for API Development and Testing
    Pluralsight THAT Conference
    THAT Conference
    Postman: An Incredible Tool for API Development and Testing
    1:01:12
    10/13/2023