Set up your local environment for this project. We'll walk you through everything you need to know, including how to install and configure your environment to be able to complete all of the tasks.
Authenticating Requests to a Spring Data REST API with HTTP Basic
In this module, you'll create a REST API that authenticates with a username and password against a database.
Authorizing Requests to a Spring Data REST API with HTTP Basic
Now that you can authenticate, in this module, you'll build authorization rules into your REST API. You'll focus on method-based security.
Using CORS and HTTP Basic
In this module, you'll configure the REST API to perform a CORS handshake so that it can be used by clients from a different hostname.
Authenticating and Authorizing Requests with JWT
In this module, you'll add JWT-based Bearer Token Authentication as a more secure alternative to HTTP Basic.
Authenticating and Authorizing Requests with Opaque Token
In this module, you'll change JWTs out for Opaque Tokens for additional security.
Using CORS and Bearer Tokens
In this module, you'll create a more secure CORS setup as well as a secure handshake between `Resolutions` and another REST API.
Jun 3, 2020
Would you ever give out your credit card number to an unidentified text? Yet, we do this whenever we expose REST API functionality without knowing who is making the request.
In this project, you'll reinforce the concepts learned in the Securing Spring Data REST APIs course by securing a real-world REST API. You'll learn three different authentication mechanisms - HTTP Basic, JWT, and Opaque Token, several authorization techniques, and how to enable CORS for ingress and filter functions for egress.
Like many software craftsmen, Josh eats, sleeps, and dreams in code. He codes for fun, and his kids code for fun! Right now, Josh works as a full-time committer on Spring Security and loves every minute.