Learn how to secure your apps and services with Spring Security and extensions such as LDAP, Active Directory, OAuth, and WebFlux.
- [Instructor] Security concepts are some of the most complex problems software developers face. We as a group are really good at building things to work but often struggle to view our applications as an attacker would see them. As such, security frameworks provide us with valuable and required feature sets with little effort. In the Java world, the premier framework of choice for security tasks is Spring Security.
Hi, my name is Frank Moley. I am a software, technology, and security architect with significant time working in all aspects of the STLC. I have been working in the JVM space for a large part of my career, and have focused on both internet and enterprise-based applications using the Spring framework. Spring Security is one of the most powerful projects in the Spring toolkit, but it is often one of the most overlooked, because often, when someone figures out a pattern for your company, everyone just copies that pattern and moves on.
In this course, I will aim to provide you with the information you need to understand how the Spring Security framework works to solve authentication and authorization concerns. We will also look at some of the most common extension points, like LDAP, active directory, and Oauth2. We will also focus on showing you how to use Spring Security to set up your own Oauth servers for securing your applications and services.
This course will be fast-paced but will aim to provide you with enough material and knowledge to discern how Spring Security works, how to make it work for you, and how to extend it to maximize your value. Let's get started.
- Authentication vs. authorization
- Implementing in-memory and JDBC authentication
- Form-based authentication
- Building login and logout pages
- Configuring LDAP authentication
- Leveraging OAuth 2
- WebFlux basic security