Advanced Spring Boot Security for Backend Engineers
Master Spring Security in Spring Boot to build robust, secure backend applications, covering authentication, authorization, JWT, OAuth 2.0, and best practices for preventing common web vulnerabilities.
...
Introduction to Spring Security
Unit 1: Spring Security Fundamentals
Unit 2: Spring Security Architecture
Unit 3: Project Setup and Dependencies
Configuring Spring Security with Spring Boot
Unit 1: Spring Security Auto-Configuration
Unit 2: Customizing the SecurityFilterChain
Unit 3: Advanced Security Configuration
Authentication Fundamentals
Unit 1: Authentication Concepts
Unit 2: Spring Security's Authentication Architecture
Unit 3: Diving Deeper into Authentication
In-Memory Authentication
Unit 1: Getting Started with In-Memory Authentication
Unit 2: Advanced In-Memory Authentication
Unit 3: Limitations and Alternatives
JDBC Authentication
Unit 1: Setting Up JDBC Authentication
Unit 2: Implementing JDBC Authentication
Unit 3: Advanced JDBC Authentication
LDAP Authentication
Unit 1: Introduction to LDAP Authentication
Unit 2: Spring Security and LDAP Integration
Unit 3: Advanced LDAP Configuration and Customization
Custom Authentication Providers
Unit 1: Understanding and Implementing Custom Authentication
Unit 2: Building a Custom Authentication Provider
Unit 3: Advanced Custom Authentication
Authorization Fundamentals
Unit 1: Authorization Concepts
Unit 2: Spring Security Authorization
Unit 3: Advanced Authorization
Role-Based Access Control
Unit 1: Introduction to Role-Based Access Control
Unit 2: RBAC with Spring Security Annotations
Unit 3: Advanced RBAC Concepts
Unit 4: Practical RBAC Implementation
Unit 5: Real-World RBAC Scenarios
Permission-Based Access Control
Unit 1: ACL Module Introduction
Unit 2: Working with ACLs
Unit 3: Advanced ACL Concepts
Expression-Based Access Control (SpEL)
Unit 1: SpEL Fundamentals in Spring Security
Unit 2: Advanced SpEL Features for Authorization
Unit 3: Real-World SpEL Applications and Best Practices
Securing REST APIs with JWT
Unit 1: JWT Fundamentals and Setup
Unit 2: JWT Generation
Unit 3: JWT Validation and Authorization
JWT Generation and Validation
Unit 1: JWT Generation Deep Dive
Unit 2: Configuring Signing Algorithms and Keys
Unit 3: JWT Validation Techniques
JWT Refresh Tokens
Unit 1: Understanding Refresh Tokens
Unit 2: Implementing Refresh Tokens in Spring Boot
Unit 3: Refresh Token Endpoint and Security
Unit 4: Testing and Best Practices
JWT Token Revocation
Unit 1: Understanding JWT Revocation
Unit 2: Implementing Blacklist Revocation
Unit 3: Implementing Whitelist Revocation
Unit 4: Advanced Revocation Techniques
OAuth 2.0 and OpenID Connect (OIDC) Fundamentals
Unit 1: OAuth 2.0 Core Concepts
Unit 2: OAuth 2.0 Grant Types
Unit 3: OpenID Connect (OIDC)
Configuring OAuth 2.0 Authorization Server
Unit 1: Setting Up the Authorization Server
Unit 2: Configuring Endpoints and Grant Types
Unit 3: Advanced Configurations and Security
Configuring OAuth 2.0 Resource Server
Unit 1: Resource Server Setup and Configuration
Unit 2: Token Validation and User Information
Unit 3: Integration and Advanced Topics
Preventing CSRF Attacks
Unit 1: CSRF Fundamentals
Unit 2: Enabling CSRF Protection in Spring Security
Unit 3: Handling CSRF Tokens in Views and APIs
Unit 4: Advanced CSRF Considerations
Preventing XSS Attacks
Unit 1: Understanding XSS Attacks
Unit 2: Preventing XSS: Input Validation
Unit 3: Preventing XSS: Output Encoding
Unit 4: Content Security Policy (CSP)
Preventing SQL Injection Attacks
Unit 1: Understanding SQL Injection
Unit 2: Preventing SQL Injection with Parameterized Queries
Unit 3: Preventing SQL Injection with ORM Frameworks
