Spring Security Zero to Master along with JWT,OAUTH2

سرفصل های دوره

Spring Security, SpringBoot Security, CORs, CSRF, JWT, OAUTH2, OpenID Connect, KeyCloak

1 - Getting Started

1 - Course Introduction

2 - Course content.html

3 - What is Security & Why it is important

4 - Creating a simple Spring security project

5 - Understanding on how multiple requests work with out credentials

6 - Other Courses from EazyBytes.html

7 - Spring Security Internal flow and Architecture

8 - Summary of the Section.html

springsecuritybasic.zip

2 - Changing the default security configurations

1 - Understanding about UI part of the project

2 - Creating backend services needed for the application

3 - Testing the backend services with default configurations

4 - Checking the default configuration inside the spring security library

5 - Modifying the code as per our custom requirements

6 - Denying all the requests

7 - Permit all the requests

8 - Summary of the Section

springsecsection2.zip

3 - Defining & Managing Users

1 - Configuring users using inMemoryAuthentication

2 - Configuring users using InMemoryUserDetailsManager

3 - Understanding User Management interfaces and Classes

4 - Deep Dive of UserDetails Interface

5 - Deep Dive of UserDetailsService Interface

6 - Deep Dive of UserDetailsManager Interface

7 - Deep Dive of UserDetailsManager Implementations

8 - Creating MySQL Database in AWS

9 - Creating Users inside the DB as per JdbcUserDetailsManager class

10 - Using JdbcUserDetailsManager to perform authentication

11 - Creating our own custom implementation of UserDetailsService

12 - Summary of the section

springsecsection3.zip

4 - Password Management with PasswordEncoders

1 - How our passwords validated in Spring Security by default

2 - Encoding Vs Encryption Vs Hashing

3 - How Our passwords will be validated with hashing by Spring Security

4 - Definition of the PasswordEncoder

5 - Deepdive into NoOpPasswordEncoder

6 - Deepdive into StandardPasswordEncoder

7 - Deepdive into Pbkdf2PasswordEncoder

8 - Deepdive into Bcrypt and Scrypt PasswordEncoders

9 - Implementing and enhancing our application to use Bcrypt password encoder

10 - Details about Spring Security Crypto package

11 - Summary of the section

springsecsection4.zip

5 - Understanding Authentication Provider and Implementing it

1 - Role of AuthenticationProvider in the Spring Security flow

2 - Scenarios where we need to implement Authentucation Provider

3 - Understanding Authentication Provider definition

4 - Understanding Authentication & Principal Interfaces

5 - Implementing and Customizing the Authentication Provider inside our application

6 - Summary of the Section

springsecsection5.zip

6 - Understanding CORs & CSRF

1 - Angular-Project-Setup.pdf

1 - Setting up the EazyBank UI project

2 - Understanding the UI project and walkthrough of the Angular code

3 - Understanding the backend project and walkthrough of the latest code

4 - Testing the EazyBank application with both UI and Backend applications up

5 - Deep dive into CORS (CROSS-ORIGIN RESOURCE SHARING)

6 - Making code changes to resolve CORS issue

6 - Understanding CORs & CSRF.zip

7 - Deep dive into CSRF (CROSS-SITE REQUEST FORGERY)

8 - Resolving CSRF error by disabling it in Spring Security

9 - Resolving CFRF error by generating a CSRF token

10 - Making Spring Security changes to make CSRF not applicable for Contact page

11 - Summary of the Section

7 - Understanding & Implementing Authorization

1 - Authentication Vs Authorization

2 - Spring Security Internal flow for AUTHN & AUTHZ

3 - How Authorities stored in Spring Security

4 - Configuring Authorities in Spring Security

5 - Authority Vs Role

6 - Configuring Roles in Spring Security

7 - Deep dive of Ant, MVC, Regex matchers for applying restrictions on the paths

8 - Summary of the Section

springsecsection7.zip

8 - Filters in Spring Security

1 - Introduction to Filters in Spring Security and the sample use cases

2 - Inbuilt Filters provided by Spring Security and validating them inside our app

3 - Implementing our own custom filter in Spring Security

4 - Adding a custom filter using addFilterBefore() method

5 - Adding a custom filter using addFilterAfter() method

6 - Adding a custom filter using addFilterAt() method

7 - Details about GenericFilterBean and OncePerRequestFilter

8 - Summary of the Section

springsecsection8.zip

9 - Token based Authentication using JSON Web Token (JWT)

1 - Introduction to Tokens in Authentication flow

2 - Advantages of Token based Authentication

3 - Exploring the JSESSIONID & CSRF Tokens inside our application

4 - Deep dive about JWT Tokens

5 - Making project configuration to use JWT tokens

6 - Configuring filters to generate and validate JWT tokens

7 - Making changes on the client side for JWT token based authentication

8 - Validating the JWT changes made by running the applications

9 - Token based Authentication using JSON Web Token (JWT).zip

9 - Validating the JWT token expiration scenario

10 - Summary of the Section

10 - Method Level Security

1 - Introduction to method level security in Spring Security

2 - Details about method invocation authorization in method level security

3 - Implementing method level security using preauthorize and postauthorize

4 - Details about filtering authorization in method level security

5 - Implementing method level security using prefilter and postfilter

6 - Summary of the section

springsecsection10.zip

11 - Deep dive of OAUTH2

1 - Problems that OAUTH2 framework trying to solve

2 - Introduction to OAUTH2

3 - Different Components involved in OAUTH2 flow

4 - Authorization code grant type flow in OAUTH2

5 - Implicit grant type flow in OAUTH2

6 - Resource owner credentials grant type flow in OAUTH2

7 - Client credentials grant type flow in OAUTH2

8 - Refresh token grant type flow in OAUTH2

9 - How resource server validates the tokens issued by Auth server

10 - Summary of the Section

12 - Implementing OAUTH2 using spring security

1 - Registering the client details with the GitHub to use it's OAUTH2 Auth server

2 - Building a sample spring application that uses GitHub Auth server during OAUTH2

3 - Running and verifying the sample application using GitHub OAUTH2

SpringSecOAUTHGitHub.zip

13 - Implementing OAUTH2 style login inside EazyBank using KeyCloak

1 - Introduction to OAUTH2 flow inside EazyBank web App

2 - Introduction to OpenID Connect

3 - Introduction to KeyCloak Auth Server

4 - Installation of KeyCloak server & setup admin account

5 - Setup a Realm inside KeyCloak Server for EazyBank App

6 - Creating Client Credentials inside KeyCloak for API-API secured invocations

7 - Setup EazyBank Resource Server

8 - Getting Access token from KeyCloak using client credentials grant type

9 - Passing Access token to Resource server for response through Postman

10 - Understanding Authorization code grant type for EazyBank App

11 - Creating Client and User details inside KeyCloak for Auth code grant flow

12 - Testing Authorization code grant type using Postman App

13 -file.zip

13 - Deep dive on Authorization code grant type with PKCE

14 - Creating public facing client details inside KeyCloak server

15 - Angular-Project-Setup.pdf

15 - Understanding PKCE Authorization code grant type inside Angular UI App

16 - Important features of KeyCloak

17 - Social Login integration with the help of KeyCloak Server

18 - Summary of the Section

14 - Thank You and Congratulations

1 - Other Courses from EazyBytes.html

2 - Thank You and Congratulations

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy-Training