Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Learn Spring Security Core
Module 0 - Before you Start
Course Introduction
Mindset and How to Go Through the Course Material
The Project in your IDE
How I keep the course updated
Course Changelog
Troubleshooting and How to Ask for Support
Module 1: Secure a Simple Spring MVC Application (~ 3 hours)
Lesson 1: Intro to Spring Security (6:45)
Lesson 2: A Basic Security Java Config (9:55)
Lesson 3: URL Authorization (10:32)
Lesson 4: Building a Login Form (9:48)
Lesson 5: Implementing Logout (7:14)
Lesson 6: Anonymous “Authentication” (5:01)
Lesson 7: Overview of Spring Security Objects (text-only)
Module 2: A Full Registration Flow (~ 2.5 hours)
Lesson 1: A Simple Registration Flow (6:53)
Lesson 2: Authentication using Real Users (4:27)
Lesson 3: Activate a New Account via Email (8:16)
Lesson 4: Deal with “I forgot my password” (9:00)
Lesson 5: Doing Security Questions Right (10:52)
Lesson 6: Ensure Password Strength during Registration - part 1 (6:31)
Lesson 6: Ensure Password Strength during Registration - part 2 (4:15)
Module 3: Remember Me (~ 1 hour)
Lesson 1: A Simple Remember Me Flow (6:05)
Lesson 2: Remember Me with Cookie (9:31)
Lesson 3: Remember Me with Persistence (8:08)
Module 4: Spring Security on the Client (~ 1.5 hours)
Lesson 1: Spring Security with JSP (8:23)
Lesson 2: The Authentication Tag and Displaying the Current User (8:00)
Lesson 3: Spring Security with Thymeleaf (6:13)
Lesson 4: The Authorize Tag (10:39)
Module 5: Spring Security Expressions (~ 1.5 hours)
Lesson 1: By URL Authorization with Expressions (15:02)
Lesson 2: On-method Authorization with Expressions
Lesson 3: In-page URL Authorization with Expressions (same as Module 4 - Lesson 4)
Lesson 4: Programmatic Expressions and a custom PermissionEvaluator (text-only)
Module 6: Password Storage (~ 2 hours)
Lesson 1: Introduction to Storing Passwords (7:13)
Lesson 2: Hashing Passwords (MD5 and SHA-256) (8:54)
Lesson 3: Why Hashing Isn't Enough - Using Salts (9:47)
Lesson 4: Key Stretching (6:35)
Lesson 5: The bcrypt Solution (5:39)
Module 7: Spring Security Advanced Configuration (~ 2 hours)
Lesson 1: Breaking Down the Authentication Flow (16:25)
Lesson 2: Run As a Different User (10:17)
Lesson 3: The Security Context (8:44)
Lesson 4: Configure the Filter Chain (7:08)
Module 8: Advanced Authentication (~ 2.5 hours)
Lesson 1: A Custom Authentication Provider (9:00)
Lesson 2: Multiple Providers and the Authentication Manager (7:02)
Lesson 3: In-Memory, JDBC and Hibernate/JPA User Storage (8:43)
Lesson 4: Tracking Logged-in Users (9:04)
Lesson 5: Setting up Users at Startup (Text-Only)
Module 9: Advanced Authorization (~ 2.5 hours)
Lesson 1: How Authorization Works (10:30)
Lesson 2: The Topology of Roles and Privileges - Part 1 (9:13)
Lesson 2: The Topology of Roles and Privileges - Part 2 (6:32)
Lesson 3: Secure Method Invocations with AOP (text-only)
Lesson 4: Defining Custom Access-Control Logic (text-only)
Module 10: Basic REST API Security (~ 1 hour)
Lesson 1: The Basics of API Security (7:01)
Lesson 2: Basic Authentication for the API (6:12)
Lesson 3: Certificates and HTTPS for Tomcat (6:57)
Module 11: ACL with Spring Security (~ 2 hours)
Lesson 1: Introduction to ACL and Domain Object Security (6:32)
Lesson 2: The Data Structure of ACL (9:12)
Lesson 3: ACL with Spring Security - part 1 (10:09)
Lesson 3: ACL with Spring Security - part 2 (9:20)
Module 12: Two-Factor Authentication (~ 1 hour)
Lesson 1: A Simple Two-Factor Implementation with a Soft Token (14:26)
Lesson 2: A Two-Factor Implementation with SMS (8:58)
Reference Project (text-only)
Module 13: Advanced Spring Security Scenarios (~ 2 hours)
Lesson 1: Spring Security for a non-Spring Application (8:40)
Lesson 2: Multi-Tenancy with Spring Security (13:04)
Lesson 3: Session Management with spring-session (7:58)
Lesson 4: Spring Security with LDAP (9:21)
Module 14: Reactive Security (~ 1 hour)
Lesson 1: A Basic Reactive Security Example (8:56)
Lesson 2: Reactive Method Security (5:55)
Lesson 3: WebFlux Form Login (Text Only)
Keep Learning
Upgrade to Baeldung All Access
Upgrade to Baeldung Pro
Upgrade to Baeldung All Access
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock