Spring Security | | Software Development

Spring Security
This training offers participants an overview of the framework. You will learn how to build secured enterprise J2EE application using Spring Security framework.
24 hours
Online
English
JVA-013
Spring Security
Sign Up
Duration
24 hours
Location
Online
Language
English
Code
JVA-013
Schedule and prices
400.00 *
Training for 7-8 or more people? Customize trainings for your specific needs
Spring Security
Sign Up
Duration
24 hours
Location
Online
Language
English
Code
JVA-013
Schedule and prices
400.00 *
Training for 7-8 or more people? Customize trainings for your specific needs

Description

Spring Security is the most popular framework for user authentication and restricting access to Enterprise applications. This course deals with authentication and authorization mechanisms (and their application in real practice).

This course covers the following:
  1. Theoretical foundations of restricting access to Enterprise applications
  2. Spring Security Abstractions
  3. X509 authentication, SSL certificates
  4. Setting Spring Security configuration in practice
  5. Using Spring Security to restrict access to various parts of the application
  6. Using JWT tokens, OAuth protocol
  7. Using Spring authorization server and Keycloak server
  8. Developing resource servers

Plus the course includes several practical tasks.
After completing the course, a certificate
is issued on the Luxoft Training form

Objectives

Teach trainees how to solve various tasks of authentication and access control for Enterprise Applications using Spring Security.

Target Audience

Java developers with experience of over 1 year (experience in Spring + Spring Boot)

Prerequisites

a:2:{s:4:"TEXT";s:191:"• Experience in working with Java SE >= 8 • Experience of working with Spring Framework and Spring Boot or passed through the JVA-010 Spring Framework 5 for Application Development course";s:4:"TYPE";s:4:"TEXT";}

Roadmap

a:2:{s:4:"TEXT";s:1998:"1. Introduction to Spring Security
  • Security Tasks
  • Identification, Authentication, Authorization
  • Examples of Spring Security Configuration
  • Hands-on Lab “Spring Security Overview”
  • Spring Security Capabilities

2. Authentication
  • HTTP Basic Authentication
  • Hands-on Lab “Setting HTTP Basic Authentication”
  • Deny-by-Default / Allow-by-Default
  • Main Abstractions of Spring Security
  • Hands-on Lab “Adding the User Storage”
  • Integration with Web, Authentication in a Web Application
  • Servlets API, DelegatingFilterProxy, FilterChain, Spring Security Filters
  • Form-based Authentication
  • Tokens vs. Session Key
  • CORS, CSRF, CSRF Token, XSS
  • Hands-on Lab “Login Form”
  • Anonymous Authentication
  • Hands-on Lab “Adding Anonymous Authentication”
  • Remember-Me Authentication
  • Persistent Tokens
  • Hash-based Tokens
  • JWT
  • Hands-on Lab “Hash-based Tokens”
  • X509 Authentication
  • Hands-on Lab “Authentication with X509 Certificates”

3. Authorization
  • Spring Security Authorization Abstractions
  • URL-based Authorization
  • Method-based Authorization
  • @Secured, @Pre/@Post Annotations
  • Domain Objects Security (ACL)
  • Hands-on Lab “ACL and Method-based Authorization”

4. OAuth 2.0
  • OAuth 2.0 Roles
  • Access and Refresh Tokens
  • Grant Type: Authorization Code
  • Grant Type: Password
  • Grant Type: Client Credentials
  • Grant Type: Implicit
  • Spring authorization server
  • Keycloak authorization server
  • Implementing resource servers
  • Lab: creating resource server, using authorization server
";s:4:"TYPE";s:4:"HTML";}
Schedule and prices
View:
Register for the next course
Registering in advance ensures you have priority. We will notify you when we schedule the next course on this topic
+
Courses you may be interested in
Spring Framework 5 for Application Development
In this training you’ll learn how to use the core features of the Spring Framework, create production ready applications and discover how to use Spring in your projects.
Spring Core
It covers the major aspects of the Spring Core framework used for the inversion of control (IoC), Spring Expression Language (SpEL) and aspect oriented programming (AoP) applications constructing.
Spring Databases
This training is an introduction to the Spring Databases, covering all the major aspects of the Spring Databases framework: Spring JDBC, Spring ORM, transactions. During the course participants will also get learn how to write their own applications using the Spring Databases framework.
View Catalog
Your benefits
Expertise
Our trainers are industry experts, involved in software development project
Live training
Facilitated online so that you can interact with the trainer and other participants
Practice
A focus on helping you practice your new skills
Залишилися запитання?
Зв'яжіться з нами
Thank you!
The form has been submitted successfully.