VMware Spring Security

4.6 out of 5 rating

Jump to dates

Duration

2 Days

12 CPD hours

About this course

Application developers who want to increase their understanding of Spring Security with hands-on experience and build secure Spring and Spring Boot applications.

Overview

By the end of the course, you should be able to meet the following objectives:
Use Spring Security in Spring and Spring Boot applications
Configure the Spring Security filter chain
Protect HTTP endpoints with expression-based access control and the AuthorizationManager API
Protect method execution
Use different authentication mechanisms
Handle passwords in an efficient way
Integrate Spring Security with Junit 5 and MockMVC to test HTTP and method security
Protect against common vulnerabilities and threats
Understand what OAuth2 is
Use and configure the Spring Authorization Server
Implement a resource server and client

Description

This 2-day course offers hands-on experience with the major features of Spring Security, which includes configuration, authentication, authorization, password handling, testing, protecting against security threats, and the OAuth2 support to secure applications. On completion, participants will have a foundation for securing enterprise and microservices applications.

Security Introduction
  • Need for security
  • Basic security concepts
  • Common security vulnerabilities
Spring Security Basics
  • Introduction to Spring Security
  • High-level architecture
  • Overview of SecurityContext
  • Spring Security with Spring Boot
Customizing Authentication
  • Building blocks for authentication
  • Authentication mechanisms based on user name and password
  • Other authentication mechanisms
  • Authentication events
Securing Web Applications
  • Configuring authorization
  • Using AccessDecisionsManager for authorization
  • Using AuthorizationManager for authorization
  • Bypassing security
Method Security
  • Method security architecture
  • Declarative method security with annotations
Security Testing
  • Spring Security Testing Support
  • Security mock annotations and meta-annotations
  • Using MockMvc to test security
Handling Passwords
  • Password hashing
  • Upgrading passwords
(Optional) Protecting Against Common Vulnerabilities
  • Hardening web applications with security headers
  • Preventing cross-site request forgery
  • Encrypting data in transit
OAuth5 and OIDC Concepts
  • Need for OAuth
  • Overview of OAuth5 and OIDC
  • OAuth5 grant types
  • Types of tokens
  • Spring Security OAuth5 support and OAuth5 login
Spring Authorization Server
  • Introduction to Authorization Server
  • Spring Authorization Server endpoints
  • Spring Authorization Server configuration
Protecting and accessing resources with OAuth5
  • Resource server
  • Using JWT tokens
  • Using opaque tokens
  • Configuring an OAuth5 client
Additional course details:

Notes

Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC)

Nexus Humans VMware Spring Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward.

This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts.

Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.

While we feel this is the best course for the VMware Spring Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.

Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us


Find out more about this course

Interested in alternative dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.