SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Video accessible from your Account page after purchase.
Register your product to gain access to bonus material or receive a coupon.
8+ Hours of Video Instruction
Overview
In Spring Security LiveLessons, learn from Spring experts Rob Winch, Spring Security project lead, and Josh Long, Spring developer advocate. Rob and Josh will teach you how to leverage both built-in and custom authentication and authorization in Spring Security. They also discuss the common exploits and how Spring Security can defend against them, how to easily test a Spring Security application, and how to properly design your code.
Skill Level
Beginner/Intermediate
Learn How To
* Leverage both built-in and custom authentication
* Leverage both built-in and custom authorization
* Use Spring Security to defend against common exploits
* Easily test a Spring Security application
* Properly design your code
Who Should Take This Course
* Developers who know they need to address security upfront but struggle with how to do so
* Developers who know they don’t know enough about security and would happily embrace industry-proven solutions to take the shortcut to production
* Developers who want to level up their security practices and bring them to the modern age
Course Requirements
* Experience programming with Java, Spring, and Spring Boot
* Previous Web application development experience
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.
Video Lessons are available for download for offline viewing within the streaming format. Look for the green arrow in each lesson.
Introduction
Lesson 1: Boot Camp
Learning objectives
1.1 Things You’ll Need: Java 8, an IDE, Maven, Spring Boot CLI
1.2 Dependency Injection
1.3 SpEL
1.4 Portable Service Abstractions
1.5 AOP
1.6 How Servlet Filter Works
1.7 Auto Config
Lesson 2: Hello Spring Security
Learning objectives
2.1 Creating Hello Security
2.2 What You Get Out of the Box
2.3 How it Works
2.4 What Spring Security Provides
Lesson 3: Authentication 101
Learning objectives
3.1 What is Authentication?
3.2 In Memory Authentication
3.3 JDBC Based Authentication
3.4 LDAP Based Authentication
3.5 Login and Logout
3.6 Custom AuthenticationProviders
3.7 Custom UserDetailsServices
3.8 Password Encoding and Migration
3.9 Audit Events
Lesson 4: Web Based Authorization
Learning objectives
4.1 What is Authorization?
4.2 Setting Up Our Sample Application
4.3 Configuring Web Based Authorization
4.4 Understanding Web Based Authorization
4.5 Actuator
Lesson 5: Protection Against Common Attacks
Learning objectives
5.1 Cache Control
5.2 HTTPS
5.3 XSS
5.4 Content Sniffing
5.5 CSRF Protection
5.6 Session Fixation
5.7 Click Jacking
5.8 CSP
5.9 RFD Attacks
5.10 HttpFirewall
Lesson 6: Method Security
Learning objectives
6.1 Why Method Security?
6.2 Creating Our Insecure Application
6.3 Integrating with Spring Security
6.4 JSR 250 Annotations
6.5 @Secured
6.6 @PreAuthorize/@PostAuthorize
6.7 Spring Data integration
Lesson 7: OAuth2
Learning objectives
7.1 Introduction
7.2 Authenticating with OAuth2
7.3 Resource Server
7.4 WebClient Integration
7.5 Authorization Code Flow
Lesson 8: Testing
Learning objectives
8.1 Test Method Security
8.2 Test Web Security with MockMvc
8.3 Test Web Security with HtmlUnit Integration
Summary