IT Training

Spring Security

This course teaches attendees how to secure their applications using Spring security. The course covers all of the fundamentals of Spring Security and its integration with Spring boot. Through hands-on exercises, you’ll practice how to implement authentication and authorization, client integration with taglibs as well as method level permissions, and forcing connections over HTTPS.

Who should attend this course?

Java Developers, Java Application Architects

Prerequisites

Participants should have experience with Java and Spring Core development.

This course teaches attendees how to secure their applications using Spring security. The course covers all of the fundamentals of Spring Security and its integration with Spring boot. Through hands-on exercises, you’ll practice how to implement authentication and authorization, client integration with taglibs as well as method level permissions, and forcing connections over HTTPS.

Introduction to Spring Security

  • What is Spring Security?
  • Configuration of Spring security using Spring Boot
  • Getting Started with Spring Security
  • Understanding the default configuration

Spring Security Architecture

  • Spring Security Core Components
  • Authentication
  • Access-Control (Authorization)
  • Web security: FilterChainProxy and the filter chains
  • Method Security
  • HTTPS

Authenticating users

  • The Spring Security API
  • The Filter Chain
  • Authentication Manager and Providers
  • The Security Context
  • Implementing UserDetailsService
  • Password Encoding

Resource Authorization

  • FilterSecurityInterceptor
  • The AccessDecisionManager
  • Voting
  • Access-Decision Strategies
  • Implementing AccessDecisionVoter
  • The Role Prefix
  • Forcing HTTPS

Method Authorization

  • Using Spring AOP
  • XML vs. Annotations
  • @PreAuthorize and @PostAuthorize
  • Spring EL for Authorization
  • @PreFilter and @PostFilter
  • Domain-Object Authorization

OAuth 2 for Spring Security

  • Third-Party Authorization
  • OAuth 2 roles and flows
  • Access Tokens
  • The AuthorizationEndpoint
  • The TokenEndpoint
  • Integration with Google OAuth API

Practical information

Duration

3 Days

Languages

EN

Price

€1450,00 + 21% VAT

Location

Classroom/Online Courses

Schedule

Guaranteed to run

English courses
02/2 - 03/2 - 04/2Book
23/5 - 24/5 - 25/5Book
12/10 - 13/10 - 14/10Book
05/12 - 06/12 - 07/12Book

Share this course on

Book your training

Enter your information to confirm your booking.

    Prerequisite test

    Looking for a tailor made solution?