Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Learn Spring Security: The Master Class (Legacy)
Module 0 - Before you Start
Course Introduction
The Project in your IDE
Mindset and How to Go Through the Course Material
How I keep the course updated
Why this Course is Marked as Legacy?
Module 1: Secure a Simple Spring MVC Application (49 min)
Lesson 1: Intro to Spring Security (6:45)
Lesson 2: A Basic Security Java Config (9:55)
Lesson 3: URL Authorization (10:32)
Lesson 4: Building a Login Form (9:48)
Lesson 5: Implementing Logout (7:14)
Lesson 6: Anonymous “Authentication” (5:01)
Module 2: A Full Registration Flow (50 min)
Lesson 1: A Simple Registration Flow (6:53)
Lesson 2: Authentication using Real Users (4:27)
Lesson 3: Activate a New Account via Email (8:16)
Lesson 4: Deal with “I forgot my password” (9:00)
Lesson 5: Doing Security Questions Right (10:52)
Lesson 6: Ensure Password Strength during Registration - part 1 (6:31)
Lesson 6: Ensure Password Strength during Registration - part 2 (4:15)
Module 3: Remember Me (24 min)
Lesson 1: A Simple Remember Me Flow (6:05)
Lesson 2: Remember Me with Cookie (9:31)
Lesson 3: Remember Me with Persistence (8:08)
Module 4: Spring Security on the Client (33 min)
Lesson 1: Spring Security with JSP (8:23)
Lesson 2: The Authentication Tag and Displaying the Current User (8:00)
Lesson 3: Spring Security with Thymeleaf (6:13)
Lesson 4: The Authorize Tag (10:39)
Module 5: Spring Security Expressions (34 min)
Lesson 1: By URL Authorization with Expressions (15:02)
Lesson 2: On-method Authorization with Expressions (10:07)
Lesson 3: In-page URL Authorization with Expressions (same as Module 4 - Lesson 4)
Lesson 4: Programmatic Expressions and a custom PermissionEvaluator (8:58)
Module 6: Password Storage (38 min)
Lesson 1: Introduction to Storing Passwords (7:13)
Lesson 2: Hashing Passwords (MD5 and SHA-256) (8:54)
Lesson 3: Why Hashing Isn't Enough - Using Salts (9:47)
Lesson 4: Key Stretching (6:35)
Lesson 5: The bcrypt Solution (5:39)
Module 7: Spring Security Advanced Configuration (43 min)
Lesson 1: Breaking Down the Authentication Flow (16:25)
Lesson 2: Run As a Different User (10:17)
Lesson 3: The Security Context (8:44)
Lesson 4: Configure the Filter Chain (7:08)
Module 8: Advanced Authentication (34 min)
Lesson 1: A Custom Authentication Provider (9:00)
Lesson 2: Multiple Providers and the Authentication Manager (7:02)
Lesson 3: In-Memory, JDBC and Hibernate/JPA User Storage (8:43)
Lesson 4: Tracking Logged-in Users (9:04)
Module 9: Advanced Authorization (47 min)
Lesson 1: How Authorization Works (10:30)
Lesson 2: The Topology of Roles and Privileges - Part 1 (9:13)
Lesson 2: The Topology of Roles and Privileges - Part 2 (6:32)
Lesson 3: Secure Method Invocations with AOP (9:14)
Lesson 4: A Custom AccessDecisionVoter (11:20)
Module 10: Basic REST API Security (32 min)
Lesson 1: The Basics of API Security (7:01)
Lesson 2: Basic Authentication for the API (6:12)
Lesson 3: How OAuth2 Works for REST - Part 1 (7:05)
Lesson 3: How OAuth2 Works for REST - Part 2 (5:03)
Lesson 4: Certificates and HTTPS for Tomcat (6:57)
Module 11: ACL with Spring Security (35 minutes)
Lesson 1: Introduction to ACL and Domain Object Security (6:32)
Lesson 2: The Data Structure of ACL (9:12)
Lesson 3: ACL with Spring Security - part 1 (10:09)
Lesson 3: ACL with Spring Security - part 2 (9:20)
Module 12: Advanced REST API Security - OAuth2 (31 minutes)
Lesson 1: Setup OAuth2 with Spring Security (12:45)
Lesson 2: Tokens, OAuth2 and JWT (9:22)
Lesson 3: Refreshing a Token (9:19)
Module 13: OAuth2 Beyond the REST API (29 minutes)
Lesson 1: The OAuth2 Implicit Flow and the Authorization Code Flow (7:12)
Lesson 2: Using the Authorization Code Flow in OAuth2 (11:14)
Lesson 3: Confidential Clients and the Client Credentials Flow (10:11)
Module 14: Two-Factor Authentication (23 minutes)
Lesson 1: A Simple Two-Factor Implementation with a Soft Token (14:26)
Lesson 2: A Two-Factor Implementation with SMS (8:58)
Reference Project (text-only)
Module 15: Advanced Spring Security Scenarios (39 minutes)
Lesson 1: Spring Security for a non-Spring Application (8:40)
Lesson 2: Multi-Tenancy with Spring Security (13:04)
Lesson 3: Session Management with spring-session (7:58)
Lesson 4: Spring Security with LDAP (9:21)
Module 16: Reactive Security (15 minutes)
Lesson 1: A Basic Reactive Security Example (8:56)
Lesson 2: Reactive Method Security (5:55)
Lesson 3: WebFlux Form Login (Text Only)
Module 17: The New OAuth2 Stack in Spring Security 5 (5 minutes)
The new OAuth2 stack in Spring Security 5, and an upgrade option
Lesson 1: The State of OAuth2 in Spring Security 5 (4:47)
Keep Learning
Upgrade to Baeldung All Access - Master
Upgrade to Baeldung Pro
Lesson 2: Remember Me with Cookie
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock