Spring Security is one of the most popular frameworks for securing Java applications. In this course, you will learn what makes it so powerful by configuring it with Spring Boot and adding multi-factor Authentication and Authorization to pages
Getting security wrong can have major repercussions for you, your organization, and your users.
In this course, Spring Security: Authentication / Authorization - Building Effective Layers of Defense, you will learn what's under the covers, the architecture and components, and how they can be configured to provide a Defense-in-Depth solution to contain and limit the impact of any security breaches.
First, you will explore how to configure Spring Security within Spring Boot and add multi-factor authorization using basic, digest, HTTPS, 2FA, additional security questions, and email verification. Next, you will learn the effects of configuring security incorrectly and how to secure your secrets and users credentials. Finally, you will discover how to outsource authorization with Oauth2 social login and how to add authorization to your pages, URLs, methods, and domain objects with security configuration, expressions, and annotations. When you are finished with this course, you will have a foundational knowledge of how to effectively configure Authentication and Authorization with Spring Security that will help you as you move forward to building more robust security solutions for your applications.
Wojciech is a Technical Lead and Scrum Master. He has over 15 years' experience in software development working in a variety of industries from financial services and online gaming. He has extensive experience with anything Java, Spring framework, Microservices and has a passion for developing secure and scalable applications.
Course Overview Hi everyone. My name is Wojciech Lesniak, and welcome to my course, Spring Security: Authentication and Authorization - Building Effective Layers of Defense. I have been using Spring now, back before it was even called Spring Security. Getting security wrong can have significant repercussions, especially to your users. Hence, in this course, we will take a peek under the covers of Spring Security at the moving parts, which will allow you to more effectively mold the framework around your security requirements. Some of the major topics that we will cover include multi-factor authentication; user sign-in, additional security challenges, two-factor authentication, email verification, and enforcing HTTPS, authorization in your pages, URLs, methods, and domain objects; dealing with common security threats and how Spring Security protects you against them right out of the box; securing secrets and user credentials; social sign-in, outsourcing authentication with Spring Security OAuth2. By the end of this course, you will have a deeper understanding of the Spring Security framework, allowing you to tailor it to your security requirements, as well as allowing you to more easily debug issues when they inevitably arise. Before beginning the course, you should be familiar with Java and the Spring framework. I hope you will join me on this journey to learn how to build secure applications with the Spring Security Authentication and Authorization: Building Effective Layers of Defense course at Pluralsight.