Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Learn Spring Security: The Certification Class (Legacy)
Module 0 - Before you Start
Course Introduction
The Project in your IDE
Mindset and How to Go Through the Course Material
How I keep the course updated
Why this Course is Marked as Legacy?
Module 1: Secure a Simple Spring MVC Application (49 min)
Lesson 1: Intro to Spring Security (6:45)
Lesson 2: A Basic Security Java Config (9:55)
Lesson 3: URL Authorization (10:32)
Lesson 4: Building a Login Form (9:48)
Lesson 5: Implementing Logout (7:14)
Lesson 6: Anonymous “Authentication” (5:01)
Module 2: A Full Registration Flow (50 min)
Lesson 1: A Simple Registration Flow (6:53)
Lesson 2: Authentication using Real Users (4:27)
Lesson 3: Activate a New Account via Email (8:16)
Lesson 4: Deal with “I forgot my password” (9:00)
Lesson 5: Doing Security Questions Right (10:52)
Lesson 6: Ensure Password Strength during Registration - part 1 (6:31)
Lesson 6: Ensure Password Strength during Registration - part 2 (4:15)
Module 3: Remember Me (24 min)
Lesson 1: A Simple Remember Me Flow (6:05)
Lesson 2: Remember Me with Cookie (9:31)
Lesson 3: Remember Me with Persistence (8:08)
Module 4: Spring Security on the Client (33 min)
Lesson 1: Spring Security with JSP (8:23)
Lesson 2: The Authentication Tag and Displaying the Current User (8:00)
Lesson 3: Spring Security with Thymeleaf (6:13)
Lesson 4: The Authorize Tag (10:39)
Module 5: Spring Security Expressions (34 min)
Lesson 1: By URL Authorization with Expressions (15:02)
Lesson 2: On-method Authorization with Expressions (10:07)
Lesson 3: In-page URL Authorization with Expressions (same as Module 4 - Lesson 4)
Lesson 4: Programmatic Expressions and a custom PermissionEvaluator (8:58)
Module 6: Password Storage (38 min)
Lesson 1: Introduction to Storing Passwords (7:13)
Lesson 2: Hashing Passwords (MD5 and SHA-256) (8:54)
Lesson 3: Why Hashing Isn't Enough - Using Salts (9:47)
Lesson 4: Key Stretching (6:35)
Lesson 5: The bcrypt Solution (5:39)
Module 7: Spring Security Advanced Configuration (43 min)
Lesson 1: Breaking Down the Authentication Flow (16:25)
Lesson 2: Run As a Different User (10:17)
Lesson 3: The Security Context (8:44)
Lesson 4: Configure the Filter Chain (7:08)
Module 8: Advanced Authentication (34 min)
Lesson 1: A Custom Authentication Provider (9:00)
Lesson 2: Multiple Providers and the Authentication Manager (7:02)
Lesson 3: In-Memory, JDBC and Hibernate/JPA User Storage (8:43)
Lesson 4: Tracking Logged-in Users (9:04)
Module 9: Advanced Authorization (47 min)
Lesson 1: How Authorization Works (10:30)
Lesson 2: The Topology of Roles and Privileges - Part 1 (9:13)
Lesson 2: The Topology of Roles and Privileges - Part 2 (6:32)
Lesson 3: Secure Method Invocations with AOP (9:14)
Lesson 4: A Custom AccessDecisionVoter (11:20)
Module 10: Basic REST API Security (32 min)
Lesson 1: The Basics of API Security (7:01)
Lesson 2: Basic Authentication for the API (6:12)
Lesson 3: How OAuth2 Works for REST - Part 1 (7:05)
Lesson 3: How OAuth2 Works for REST - Part 2 (5:03)
Lesson 4: Certificates and HTTPS for Tomcat (6:57)
Module 11: ACL with Spring Security (35 minutes)
Lesson 1: Introduction to ACL and Domain Object Security (6:32)
Lesson 2: The Data Structure of ACL (9:12)
Lesson 3: ACL with Spring Security - part 1 (10:09)
Lesson 3: ACL with Spring Security - part 2 (9:20)
Module 12: Advanced REST API Security - OAuth2 (31 minutes)
Lesson 1: Setup OAuth2 with Spring Security (12:45)
Lesson 2: Tokens, OAuth2 and JWT (9:22)
Lesson 3: Refreshing a Token (9:19)
Module 13: OAuth2 Beyond the REST API (29 minutes)
Lesson 1: The OAuth2 Implicit Flow and the Authorization Code Flow (7:12)
Lesson 2: Using the Authorization Code Flow in OAuth2 (11:14)
Lesson 3: Confidential Clients and the Client Credentials Flow (10:11)
Module 14: Two-Factor Authentication (23 minutes)
Lesson 1: A Simple Two-Factor Implementation with a Soft Token (14:26)
Lesson 2: A Two-Factor Implementation with SMS (8:58)
Reference Project (text-only)
Module 15: Advanced Spring Security Scenarios (39 minutes)
Lesson 1: Spring Security for a non-Spring Application (8:40)
Lesson 2: Multi-Tenancy with Spring Security (13:04)
Lesson 3: Session Management with spring-session (7:58)
Lesson 4: Spring Security with LDAP (9:21)
Module 16: Reactive Security (15 minutes)
Lesson 1: A Basic Reactive Security Example (8:56)
Lesson 2: Reactive Method Security (5:55)
Lesson 3: WebFlux Form Login (Text Only)
Module 17: The New OAuth2 Stack in Spring Security 5
The new OAuth2 stack in Spring Security 5, and an upgrade option
Lesson 1: The State of OAuth2 in Spring Security 5 (4:47)
Keep Learning
Upgrade to Baeldung Pro
Upgrade to Baeldung All Access
The new OAuth2 stack in Spring Security 5, and an upgrade option
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock