Spring Security is a powerful and highly customisable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications.
Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements
In this full course you will learn everything in detail about Spring Security. Before you begin this course you need to at least have a basic knowledge about Java and Spring Boot.
👉🏾Download repo here: bit.ly/2PujUEn or git clone git@github.com:amigoscode/spring-boot-security-course.git
👉🏾Full course also available here: amigoscode.com/courses/spring...
👉🏾Join private Facebook group: bit.ly/2FbuIkx
⭐ Timestamps ⭐
00:00 INTRO
01:48 QUICK WORD BEFORE WE BEGIN
02:33 BOOTSTRAPPING
05:47 RUNNING APP WITH INTELLIJ
10:19 - LETS BUILD AN API
17:12 - INSTALLING SPRING SECURITY
20:16 - FORM BASED AUTHENTICATION OVERVIEW
25:28 - BASIC AUTH OVERVIEW
28:39 - BASIC AUTH
34:12 - POSTMAN
38:06 - ANT MATCHERS
42:37 - APPLICATION USERS
45:51 - IN MEMORY USER DETAILS MANAGER
50:39 - PASSWORD ENCODING WITH BCRYPT
56:05 - ROLES AND PERMISSIONS
59:05 - ADMIN USER
1:01:51 - ROLES & PERMISSIONS USING ENUMS
1:10:08 - ROLE BASED AUTHENTICATION
1:16:22 - PERMISSION BASED AUTHENTICATION
1:25:58 - DISABLING CSRF
1:32:54 - hasAuthority()
1:36:49 - ADDING AUTHORITIES TO USERS
1:45:22 - PERMISSION BASED AUTHENTICATION IN ACTION
1:48:37 - ORDER DOES MATTER
1:51:11 - preAuthorize()
1:56:57 - UNDERSTANDING CSRF
2:03:30 - CSRF TOKEN
2:08:10 - HOW CSRF TOKEN GENERATION WORKS
2:12:29 - LETS DISABLE CSRF AGAIN
2:14:10 - FORM BASED AUTHENTICATION
2:17:15 - ENABLE FORM BASED AUTHENTICATION
2:20:39 - SESSION ID
2:24:20 - CUSTOM LOGIN PAGE
2:32:30 - REDIRECT AFTER SUCCESS LOGIN
2:35:04 - REMEMBER ME
2:40:00 - REMEMBER ME COOKIE AND EXTRA OPTIONS
2:45:20 - LOGOUT
2:53:41 - LOGOUT BUTTON
2:58:00 - PASSWORD, USERNAME, REMEMBER-ME PARAMETERS
3:00:29 - DB AUTHENTICATION OVERVIEW
3:09:00 - APPLICATION USER CLASS
3:09:17 - APPLICATION USER SERVICE
3:10:21 - APPLICATION USER CLASS
3:11:43 - APPLICATION USER DAO INTERFACE
3:15:00 - FAKE APPLICATION USER SERVICE
3:25:19 - DAO AUTHENTICATION PROVIDER
3:33:54 - HELLO
3:35:24 - INTRO TO JSON WEB TOKEN (JWT)
3:42:30 - JWT LIBRARY
3:46:16 - JwtUsernameAndPasswordAuthenticationFilter - attemptAuthentication()
3:54:34 - JwtUsernameAndPasswordAuthenticationFilter - successfulAuthentication
4:01:45 - REQUEST FILTERS
4:04:06 - FILTERS AND STATELESS SESSIONS
4:08:02 - JWT USERNAME AND PASSWORD FILTER
4:14:36 - JWT TOKEN VERIFIER FILTER
4:29:49 - JWT TOKEN VERIFIER FILTER IN ACTION
4:39:10 - JWT CONFIG
4:49:24 - JWT CONFIG IN ACTION
4:55:00 - QUICK WORD ABOUT JWT
⭐️ FEW MORE THINGS BEFORE I FORGET ⭐️
▶️ Don't forget to subscribe | bit.ly/2HpF5V8
▶️ Join Closed Facebook Group for discussion and early access videos and courses | bit.ly/2FbuIkx
▶️ Follow me on Instagram | bit.ly/2TSkA9w
Catch you on the next one...