Description
An empirical approach to securing your web applications
This video course will help you secure your web application with the use of highly practical examples. You will also learn how to implement security checks, thus enabling you to create a staunch authentication mechanism that will prevent spoofing. Integrate with LDAP and progress on to more advanced security techniques such as Remember Me or the powerful ACL mechanism.
These pragmatic videos will help you learn how to implement various techniques for securing your web application through the use of simple to advanced use cases that follow the development of a web application using practical, step-by-step examples.
Each video section shows different ways to empower Spring Security for the web. The authentication techniques comprising of login, registration, and logout are implemented in this course. Moreover, the Remember Me functionality is added to the web app in addition to integration with a production-ready LDAP server. Further on, the authorization method is used and discussed in detail with simple roles, before moving on to the more flexible Spring expressions and finally the extremely powerful Access Control Lists mechanism, which allow security rules per object.
Ultimately, this video course is meant to help you hit the ground running with proper security for your web applications. The primary goal of the course is to be efficient, utilitarian, and immediately applicable for a web application.
About the Author
Eugen Paraschiv is a Senior Software Engineer living in Bucharest, Romania, and has more than six years of experience developing and securing a wide range of web applications and systems. His current work is focused on security, REST, and machine learning. He has hands-on experience with Spring Security on several large systems and with a variety of security standards (SSO/CAS, LDAP, UAA, OAuth, and so on).
Basic knowledge
Viewers should be acquainted with basic Java and XML and should have knowledge of the Spring framework
What will you learn
Implement the basic security for a web application starting with authentication and authorization techniques
Dig deeper into the process of registration, from raw JDBC to the implementation of a more mature and production-ready Hibernate/JPA implementation
Discuss and learn how to implement Remember Me for a web application along with the benefits that it brings, and also learn about the standard Cookie implementation and the harder-to-attack persistence-backed implementation
Integrate and set up Spring Security to talk to LDAP
Map both the users and the authorities/roles and finish with some advanced scenarios
Explore practical usages of Spring Expressions, from securing full pages by their URL to securing elements within a page and finally securing business functionality in the Service Layer
Implement the security of a REST API and learn how to set up both basic and advanced authentication processes
Learn how to utilize Spring Security for higher levels of security scenarios including the Access Control Lists for all domain entities in the application
Learn how to spot potential design flaws that can make an application vulnerable and how to address these concerns by using and adapting the highly flexible Spring Security framework to your own environment and security need