Skip to content
+
Course List
Free Ebook
Knowledge Sharing
Back-end
Java Interview
Soft Skill
Search for:
Search Button
Log in
Course Content
Subtitle Guide – Hướng dẫn thêm phụ đề
0/1
Set up subtitle for video – Hướng dẫn thêm phụ đề
01 – Getting Started
0/14
Subtitle File Resource
001 Course Introduction
07:32
002 Details of Source Code, PDF Content & other instructions for the course
03:59
002 GitHub-Repo
003 What is Security & Why it is important
07:07
004 Creating a simple Spring Boot app with out security
11:44
005 Securing Spring Boot basic app using Spring Security
06:42
006 Configure static credentials inside application properties file
04:46
007 Why should we use Spring Security framework
04:34
008 Quick introduction to Servlets & Filters
05:06
009 Introduction to Spring Security Internal flow
10:24
010 Demo of Spring Security internal flow
11:18
011 Sequence flow of the Spring Security default behaviour
04:50
012 Understanding on how multiple requests work with out credentials
04:11
02 – Changing the default security configurations
0/10
Subtitle File Resource
001 Understanding about UI part of the EazyBank application
05:42
002 Backend REST services required for EazyBank app
03:08
003 Creating backend services needed for the EazyBank application – Part 1
07:33
004 Creating backend services needed for the EazyBank application – Part 2
05:57
005 Checking the default configuration inside the spring security framework
07:18
006 IMPORTANT NOTE
007 Modifying the code as per our custom requirements
06:50
008 Denying all the requests
04:35
009 Permit all the requests
04:47
03 – Defining & Managing Users
0/15
Subtitle File Resource
001 Introduction to the agenda of the section
04:18
002 Configuring users using InMemoryUserDetailsManager – Approach 1
09:37
003 Configuring users using InMemoryUserDetailsManager – Approach 2
05:23
004 Understanding User Management interfaces and Classes
08:51
005 Deep Dive of UserDetails Interface
12:00
006 Deep Dive of UserDetailsService & UserDetailsManager Interfaces
04:52
007 Deep Dive of UserDetailsManager
12:06
008 Creating MySQL Database in the cloud
13:13
009 Connecting to DB & Creating Users inside the DB as per JdbcUserDetailsManager
08:35
010 Using JdbcUserDetailsManager to perform authentication
11:18
011 Creating our own custom tables for Authentication
05:02
012 Creating JPA Entity and repository classes for new table
08:55
013 Creating our own custom implementation of UserDetailsService
09:54
014 Building a new REST API
13:53
04 – Password Management with PasswordEncoders
0/10
Subtitle File Resource
001 How our passwords validated in Spring Security by default
08:45
002 Encoding Vs Encryption Vs Hashing – Part 1
06:34
003 Encoding Vs Encryption Vs Hashing – Part 2
10:07
004 How Our passwords will be validated with hashing & PasswordEncoders
03:01
005 Deep dive of PasswordEncoder interface
04:48
006 Deep dive of PasswordEncoder implementation classes – Part 1
09:05
007 Deep dive of PasswordEncoder implementation classes – Part 2
06:16
008 Demo of registration of new user with Bcrypt password encoder
07:56
009 Demo of login with Bcrypt password encoder
09:44
05 – Understanding Authentication Provider and Implementing it
0/6
Subtitle File Resource
001 Why should we consider creating our own AuthenticationProvider
04:32
002 Understanding AuthenticationProvider methods
07:10
003 Implementing and Customising the AuthenticationProvider inside our application
08:15
004 Testing our custom AuthenticationProvider implementation
08:50
005 Spring Security Sequence flow with custom AuthenticationProvider
02:37
06 – Understanding CORs & CSRF
0/16
Subtitle File Resource
001 Setting up the EazyBank UI project
09:42
002 Understanding the UI project and walkthrough of the Angular code
13:33
003 Creating new DB schema for EazyBank scenarios
09:42
004 Updating Backend project based on the latest DB schema
09:30
005 Testing registration of the new user with latest changes
03:53
006 Taste of CORs error
05:42
007 Introduction to CORs
03:53
008 Possible options to fix the CORs issue
05:50
009 Fixing CORs issue using Spring Security
07:17
010 Demo of default CSRF protection inside Spring Security
05:33
011 Introduction to CSRF attack
05:26
012 Solution to handle CSRF attacks
05:56
013 Ignoring CSRF protection for public APIs
05:11
014 Implementing CSRF token solution inside our web application
20:23
015 Testing the CSRF related changes
09:46
07 – Understanding & Implementing Authorization
0/10
Subtitle File Resource
001 Authentication Vs Authorization
05:57
002 How Authorities stored inside Spring Security
07:10
003 Creating new table authorities to store multiple roles or authorities
05:32
004 Making backend changes to load authorities from new DB table
09:38
005 Configuring Authorities inside web application using Spring Security-Theory
03:14
006 Configuring Authorities inside web application using Spring Security – Coding
06:31
007 Authority Vs Role in Spring Security
04:06
008 Configuring Roles Authorization inside web app using Spring Security-Theory
02:38
009 Configuring Roles Authorization inside web app using Spring Security-Coding
05:30
08 – Writing our own Custom Filters in Spring Security
0/8
Subtitle File Resource
001 Introduction to Filters in Spring Security and the sample use cases
04:56
002 Demo of Inbuilt Filters of Spring Security framework
07:29
003 How to create our own custom filter
04:20
004 Adding a custom filter using addFilterBefore() method
08:54
005 Adding a custom filter using addFilterAfter() method
05:53
006 Adding a custom filter using addFilterAt() method
05:34
007 Details about GenericFilterBean and OncePerRequestFilter
07:01
09 – Token based Authentication using JSON Web Token (JWT)
0/11
Subtitle File Resource
001 Demo of JSESSIONID and issues with it
03:44
002 Advantages of Token based Authentication
08:21
003 Deep dive about JWT Tokens – Part 1
06:30
004 Deep dive about JWT Tokens – Part 2
08:50
005 Making project configuration to use JWT tokens
06:15
006 Configuring filters to generate the JWT tokens
08:27
007 Configuring filters to validate JWT tokens
08:16
008 Making changes on the client side for JWT token based authentication
02:54
009 Validating the JWT changes made by running the applications
05:41
010 Validating the JWT token expiration scenario
02:58
10 – Method Level Security
0/8
Subtitle File Resource
001 Introduction to method level security in Spring Security
05:44
002 Details about method invocation authorization in method level security
08:22
003 Demo of method level security using @PreAuthorize
05:50
004 Demo of method level security using @PostAuthorize
03:27
005 Details about filtering authorization in method level security
03:37
006 Demo of @PreFilter annotation
07:45
007 Demo of @PostFilter annotation
04:19
11 – Deep dive of OAUTH2 & OpenID Connect
0/14
Subtitle File Resource
001 Problems that OAUTH2 trying to solve
11:03
002 Introduction to OAUTH2
06:30
003 OAuth2 terminologies or jargons
04:54
004 OAuth2 Sample flow – Theory
06:04
005 Demo of OAuth2 Sample flow
06:35
006 Deep dive on Authorization code grant type flow in OAUTH2
09:36
007 Demo of Authorization code grant type flow in OAUTH2
05:50
008 Deep dive & Demo of implicit grant flow in OAUTH2
05:24
009 Deep dive of password grant type flow in OAUTH2
04:23
010 Deep dive of client credentials grant type flow in OAUTH2
03:31
011 Deep dive of refresh token grant type flow in OAUTH2
06:18
012 How resource server validates the tokens issued by Auth server
02:54
013 Introduction to OpenID Connect
10:21
12 – Implementing OAUTH2 using spring security
0/4
Subtitle File Resource
001 Registering the client details with the GitHub to use it’s OAUTH2 Auth server
04:56
002 Building a springboot application that uses GitHub Auth server during OAuth2
07:41
003 Running and verifying the sample application using GitHub OAUTH2
04:40
13 – Implementing OAUTH2 style login inside EazyBank using KeyCloak
0/20
Subtitle File Resource
001 Introduction to OAUTH2 flow inside EazyBank web App
02:21
002 Introduction to KeyCloak Auth Server
04:42
003 Installation of KeyCloak server & setup admin account
04:21
004 Setup a Realm inside KeyCloak Server for EazyBank App
02:00
005 Creating Client Credentials inside KeyCloak for API-API secured invocations
04:47
006 Setup of EazyBank Resource Server
14:19
007 Getting Access token from KeyCloak using client credentials grant type
07:54
008 Passing Access token to Resource server for response through Postman
04:57
009 Understanding Authorization code grant type for EazyBank App
02:42
010 Creating Client and User details inside KeyCloak for Auth code grant flow
03:57
011 Testing Authorization code grant type using Postman App
09:03
012 Deep dive on Authorization code grant type with PKCE
09:27
013 Demo of Authorization code grant type with PKCE
06:28
014 Creating public facing client details inside KeyCloak server
03:07
015 Implementing PKCE Authorization code grant type inside Angular UI App – Part 1
08:31
016 Implementing PKCE Authorization code grant type inside Angular UI App – Part 2
08:01
017 Testing PKCE flow inside Eazy Bank application
05:51
018 Important features of KeyCloak
07:36
019 Social Login integration with the help of KeyCloak Server
05:27
14 – Thank You and Congratulations
0/2
001 Thank You and Congratulations
01:36
Subtitle File Resource
Spring Security 6 Zero to Master along with JWT,OAUTH2
Overview
Exercise Files
About Lesson
Subtile file including English and Vietnamese is attached here
Exercise Files
en.zip
Size: 86.64 KB
vi.zip
Size: 33.38 KB
Please contact me via telegram
Quick Links
Resource