This 2-day course offers hands-on experience with the major features of Spring Security, which includes configuration, authentication, authorization, password handling, testing, protecting against security threats, and the OAuth2 support to secure applications. On completion, participants will have a foundation for securing enterprise and microservices applications.
This Advanced course is delivered directly by VMware.
Who should attend
Application developers who want to increase their understanding of Spring Security with hands-on experience and build secure Spring and Spring Boot applications.
Developer experience building applications with Spring Boot, experience using an IDE (Eclipse, Spring Tools, IntelliJ, or VS Code), and experience using build tools such as Maven or Gradle.
By the end of the course, you should be able to meet the following objectives:
- Use Spring Security in Spring and Spring Boot applications
- Configure the Spring Security filter chain
- Protect HTTP endpoints with expression-based access control and the AuthorizationManager API
- Protect method execution
- Use different authentication mechanisms
- Handle passwords in an efficient way
- Integrate Spring Security with Junit 5 and MockMVC to test HTTP and method security
- Protect against common vulnerabilities and threats
- Understand what OAuth2 is
- Use and configure the Spring Authorization Server
- Implement a resource server and client
- Security Introduction
- Spring Security Basics
- Customizing Authentication
- Securing Web Applications
- Method Security
- Security Testing
- Handling Passwords
- (Optional) Protecting Against Common Vulnerabilities
- OAuth2 and OIDC Concepts
- Spring Authorization Server
- Protecting and accessing resources with OAuth2