Spring Security Tutorial

Spring Security is a powerful framework used to secure Java applications by providing authentication and authorization features. It helps protect web applications from common security threats and integrates easily with Spring Boot and Spring MVC.

• Provides secure authentication and authorization for users.
• Supports form login, JWT, OAuth2, and LDAP authentication.
• Protects applications against CSRF, CORS, and session attacks.

Introduction to Spring Security

Learn the core concepts, architecture and basic setup of Spring Security, including annotations, authentication and auto-configuration.

• Introduction
• Architecture
• Annotations
• Spring Boot Security Auto-Configuration
• UserDetailsService and UserDetails
• Method Level

Securing Web Applications

Understand how to protect web applications using endpoints, filter chains, password storage and role-based access.

• Securing Endpoints Using antMatchers()
• Filter Chain with Example
• Password Storage
• Password Encoder
• Role-Based Authentication
• Secure Your Web Application

Authentication with Spring Security

Explore user login, registration, logout, password management and custom authentication workflows in Spring Security.

• Basic Authentication
• Authentication and Authorization in Spring Boot
• Registration and Login Process
• Logout Process
• Custom Login
• Custom Form Login with Database Authentication
• Activate a New Account by Email
• Updating Your Password
• Redirect to Different Pages After Login
• Making Registration API RESTful
• Authentication Failure Handler

Authorization and Access Control

Learn to manage access with roles, permissions, in-memory and database authentication and advanced control mechanisms.

• Role Based Authentication
• Role Based and Permission Based Access Control
• In-Memory Authentication
• JDBC Authentication
• Form Based Authentication
• Remember MeFunctionality

JWT and API Security

Implement stateless authentication with JWTs, compare OAuth2 with JWT and secure REST APIs using tokens or API keys.

• JWT Authentication with Spring Boot
• Spring Security OAuth2 VS JWT(JSON Web Tokens)
• Securing Spring Boot API With API Key

CSRF and CORS In Spring Security

This section will show you how to set up both CSRF protection and CORS settings within Spring Security, keeping your online world secure and worry-free.

• CSRF Protection
• How to Enable and Disable CSRF
• CORS
• CORS Configuration

Advanced Topics of Spring Security

Enhance security with two-factor authentication, brute-force prevention, JUnit testing and advanced login customization features.

• Two Factor Authentication
• Prevent Brute Force Authentication Attempts
• Testing Spring Security Auth with JUnit
• Extra Login Fields with Spring Security
• Resend Verification Email
• Disable Security for a Profile in Spring Boot