Spring Security 5: Authentication / Authorization - Building Effective Layers of Defense

Focused View

Wojciech Lesniak

3:31:06

71 View

01.Course Overview

0101.Course Overview.mp4

01:50

02.Introduction Why Spring Security

0201.Introduction.mp4

02:36

0202.Prerequisites.mp4

01:20

03.Diving Under the Hood of Spring Security Authentication

0301.Introduction.mp4

01:26

0302.High-level View of Spring Security.mp4

03:38

0303.The Architecture of the Spring Security Filter Chains.mp4

04:32

0304.How Requests Are Authenticated.mp4

04:26

0305.Authentication Architecture Recap.mp4

01:46

0306.Spring Boots Default Spring Security Configuration.mp4

10:02

0307.Configuring Basic Authentication.mp4

02:53

0308.Configuring Digest Authentication.mp4

10:32

0309.Penetration Testing the Web Application.mp4

05:18

0310.Wrap Up.mp4

01:11

04.Dealing with Common Security Threats

0401.Module Introduction.mp4

01:47

0402.Out-of-the-Box Security Protection.mp4

09:20

0403.Demo Test the Default Protection.mp4

05:21

0404.HTTPS for Everything.mp4

04:31

0405.Demo MITM (Man-in-the-Middle).mp4

02:40

0406.Configuring HSTS, Public Key Pinning, and Free HTTPS CA Certificate.mp4

06:14

0407.Final Points.mp4

01:27

05.Securing User Credentials

0501.Module Introduction.mp4

01:28

0502.Handling Credentials.mp4

03:44

0503.Demo Injections.mp4

02:29

0504.Password Encoding.mp4

04:43

0505.Configuring Bcrypt.mp4

02:24

0506.User Registration and Password Strength.mp4

07:56

0507.Securing Secrets with Spring Cloud Vault.mp4

07:48

0508.Module Recap.mp4

01:32

06.Adding Additional Layers for Authentication

0601.Module Introduction.mp4

01:06

0602.Email Verification Using Events.mp4

04:11

0603.Additional Security Challenge, Extending UserDetails, and Authentication and Authenti..mp4

05:42

0604.Two-Factor Authentication.mp4

01:40

0605.Demo Implement Two-Factor Authentication Using a Custom Authentication Filter.mp4

08:52

0606.Module Recap.mp4

00:49

07.Persisting Access with Remember-Me

0701.Module Introduction.mp4

01:24

0702.Hash-based Token Remember-Me.mp4

03:28

0703.Hacking Remember-Me.mp4

03:44

0704.Persistent Token Remember-Me.mp4

03:16

0705.Improving Logout.mp4

01:11

0706.Adding reCAPTCHA.mp4

05:39

0707.Module Recap.mp4

00:42

08.Outsourcing Authentication with OpenID OAuth2

0801.Authentication with Spring Security OAuth2.mp4

03:25

0802.Sign in with Google or Facebook.mp4

03:59

0803.Module Recap.mp4

01:31

09.Layering Authorization with Spring Security

0901.Module Introduction.mp4

01:09

0902.A Peak under the Hood of Spring Security Authorization.mp4

04:52

0903.Overview of Spring Expression Language.mp4

02:11

0904.Working with the Authentication Object.mp4

03:35

0905.Cleaning up the Security Configuration.mp4

01:08

0906.Spring Security Tag Library.mp4

02:12

0907.Securing Your URLs.mp4

08:23

0908.Securing Your Methods.mp4

05:30

0909.Securing Your Domain Objects with Spring Security ACL.mp4

12:51

0910.Creating a Custom PermissionEvaluator to Secure Your Domain Objects.mp4

02:58

0911.Wrap Up.mp4

00:44

Description

Spring Security is one of the most popular frameworks for securing Java applications. In this course, you will learn what makes it so powerful by configuring it with Spring Boot and adding multi-factor Authentication and Authorization to pages

What You'll Learn?

Getting security wrong can have major repercussions for you, your organization, and your users. In this course, Spring Security 5: Authentication / Authorization - Building Effective Layers of Defense, you will learn what's under the covers, the architecture and components, and how they can be configured to provide a Defense-in-Depth solution to contain and limit the impact of any security breaches. First, you will explore how to configure Spring Security within Spring Boot and add multi-factor authorization using basic, digest, HTTPS, 2FA, additional security questions, and email verification. Next, you will learn the effects of configuring security incorrectly and how to secure your secrets and users credentials. Finally, you will discover how to outsource authorization with Oauth2 social login and how to add authorization to your pages, URLs, methods, and domain objects with security configuration, expressions, and annotations. When you are finished with this course, you will have a foundational knowledge of how to effectively configure Authentication and Authorization with Spring Security that will help you as you move forward to building more robust security solutions for your applications.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Spring Boot

Spring Framework

Software Engineering

Network Security

Information Security

Wojciech Lesniak

Instructor's Courses

Wojciech is a Technical Lead and Scrum Master. He has over 15 years' experience in software development working in a variety of industries from financial services and online gaming. He has extensive experience with anything Java, Spring framework, Microservices and has a passion for developing secure and scalable applications.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.