Spring Mvc and Security Insights
Create Spring security web application via Spring boot using Oauth2, and OpenConnect Id
Description
Basically the course is divided into 2 major sections
Web part
Security part.
We are going to start off by making a basic spring mvc web application, and will learn how to apply security to different parts of the application.Then we are going to add on the more advanced features inside application i.e. configuration of multiple web application context inside application plus implementation of DAO authentication provider inside our application, and than we are going to explore how to integrate and implement OAuth2 features inside our application
It's a super hands on course.
My goal at this course is to get you through the entire process of configuring and implementing security inside a spring project
Web
In the web section of this course, we are going to start off with most basic configurations of the DispatcherServlet then we are going to create our first controller, and will look into functionalities that how controller component Intercepts incoming requests plus how it sends the data to Model for further processing then we are going to explore request param, and pathvariable annotations plus we are also going to explore how to configure multiple web application context, and root context. We are going to do all these steps both via xml configurations and java configurations
Security - Basics
In Security-Basics section of this course, we are going to explore how to implement the basic security with a default login form. Later in the section, we are going to explore authentication provider, authentication managers, and we are going to use them inside our project. We are also going to create our own customize login form then we are going to use authenticate and authorize tag inside our application to implement how to display contents based on the assigned authorities
Java Configurations
In Java configurations section of this course, we are going to explore, how to configure the ServletContext programmatically instead of configuring it via web.xml. Later in the section, We are going to integrate our application with DaoAuthenticationProvider to use user names, and roles configured in database tables
Spring boot
In Spring boot section of this course, we are going to migrate our application to spring boot
Spring OAuth2
In Spring OAuth2 section of this course, we are going to explore OAuth2 plus we are also going to explore how to customize application to use OAuth2 for authorization mechanism, and we are going to use Google and GitHub as the authentication provider. We are going to start off by configuring our application to use google and github as the authentication Provider’s with the default oAuth2Login form. Later we are going to customize login page for the authentication providers then we are going to explore how to use UserInfo endpoint to access the claims of the authenticated end-user plus we are also going to explore explore standard OAuth 2.0 Provider’s implementation of OAuth2UserService plus the implementation of OAuth2UserService with OpenIDConnect ,and lastly, we are going to explore how to map the authorities of the user for the provider having standard OAuth2 implementation, and Open id connect implementation
What You Will Learn!
- Develop a web application using Spring MVC, Spring security, and OAut2
- Configurations to register and initialise the DispatcherServlet
- How controller component Intercepts incoming requests
- How view resolvers allow us to render models in a browser without tying us to a specific view technology
- How to populate a model to display the information in the view
- How to bind a servlet request parameter to a specific method argument using request param
- How to bind a method parameter to a URI template variable
- How to specify the config location for the web context
- How to configure multiple web application context inside the web application
- How to configure root context inside the web application
- How to implement the basic security with a default login form
- Explore authentication provider, and authentication manager
- How to use the BCrypt encoder for hashing of password
- How to implement the security inside a customise login page
- How to enable the CSRF inside the project
- Explore authenticate and authorize tag, and how to display contents based on the assigned authorities
- How to configure the ServletContext programatically instead of configuring it via web xml
- How to use java configuration to initialise and load the security application context instead of loading it from xml configuration file
- How to integrate our application with DaoAuthenticationProvider to use user names, and roles configured in database
- How to migrate our application to spring boot
- How to customise our application to use OAuth2 for authorisation mechanism
- How to configure our application to use google as the authentication provider with the default oAuth2Login form
- How to configure our application to use github as the authentication provider with the default oAuth2Login form
- How to customise login page for the authentication providers
- How to use UserInfo endpoint to access the claims of the authenticated end-user
- Explore standard OAuth 2.0 Provider’s implementation of OAuth2UserService for GitHub Authentication provider
- Explore the implementation of OAuth2UserService with OpenIDConnect for Google authentication provider
- How to map the authorities of the user for the provider having standard OAuth2 implementation
- How to map the authorities of the user for the provider having Open id connect implementation
Who Should Attend!
- Java Developers who want to explore Spring MVC, Spring security, Spring boot and Spring OAuth2
- Web Developers who want to explore Spring MVC, Spring security, Spring boot and Spring OAuth2
- Any one with Java background who wants to learn the insights of Spring MC, and Spring Security