IT Training

Spring Security

This course teaches attendees how to secure their applications using Spring security. The course covers all of the fundamentals of Spring Security and its integration with Spring boot. Through hands-on exercises, you’ll practice how to implement authentication and authorization, client integration with taglibs as well as method level permissions, and forcing connections over HTTPS.

Who should attend this course?

Java Developers, Java Application Architects

Prerequisites

Participants should have experience with Java and Spring Core development.

This course teaches attendees how to secure their applications using Spring security. The course covers all of the fundamentals of Spring Security and its integration with Spring boot. Through hands-on exercises, you’ll practice how to implement authentication and authorization, client integration with taglibs as well as method level permissions, and forcing connections over HTTPS.

Introduction to Spring Security

  • What is Spring Security?
  • Configuration of Spring security using Spring Boot
  • Getting Started with Spring Security
  • Understanding the default configuration

Spring Security Architecture

  • Spring Security Core Components
  • Authentication
  • Access-Control (Authorization)
  • Web security: FilterChainProxy and the filter chains
  • Method Security
  • HTTPS

Authenticating users

  • The Spring Security API
  • The Filter Chain
  • Authentication Manager and Providers
  • The Security Context
  • Implementing UserDetailsService
  • Password Encoding

Resource Authorization

  • FilterSecurityInterceptor
  • The AccessDecisionManager
  • Voting
  • Access-Decision Strategies
  • Implementing AccessDecisionVoter
  • The Role Prefix
  • Forcing HTTPS

Method Authorization

  • Using Spring AOP
  • XML vs. Annotations
  • @PreAuthorize and @PostAuthorize
  • Spring EL for Authorization
  • @PreFilter and @PostFilter
  • Domain-Object Authorization

OAuth 2 for Spring Security

  • Third-Party Authorization
  • OAuth 2 roles and flows
  • Access Tokens
  • The AuthorizationEndpoint
  • The TokenEndpoint
  • Integration with Google OAuth API

Practical information

Duration

3 Days

Languages

EN

Price

€ 1450 + 3% VAT

Location

Classroom Course

Schedule

Guaranteed to run

Sessions in English
29 - 31/2/2024Book
27 - 29/5/2024Book
16 - 18/10/2024Book
02 - 04/12/2024Book

Share this course on

Book your training

Enter your information to confirm your booking.

    Prerequisite test

    Looking for a tailor made solution?