Talk to an instructur:
+41 61 551 00 82
jonas@letsboot.ch

Spring Security 

Course & Training

Join our 2-day course and discover the practical use of Spring Security in Spring and Spring Boot applications. Get not only the basics, but also a deep dive into the features of the latest versions 6 and 6.1 to effectively protect your applications.

Spring Security is a powerful and highly customisable authentication and authorisation module from the Spring ecosystem. It is the de facto standard for securing Spring-based applications, but can also be used in non-Spring Java applications. As with all Spring projects, the real strength of Spring Security is that it can be easily extended to meet individual requirements.
This 2-day course provides a step-by-step introduction to using Spring Security in the context of Spring or Spring Boot applications. You will not only learn the basics of Spring Security, but also get a deep insight into the features of the new versions 6 and 6.1.
This course will give you the knowledge you need to effectively secure your Spring based applications.

In-House Course:

We are happy to conduct tailored courses for your team - on-site, remotely or in our course rooms.

Request In-House Course

 

  Rolf Jufer  

Content:


- Introduction to Spring security
--- The importance of security in applications
--- Spring security basics
- Authentication and authorisation
--- The difference between authentication and authorisation
--- Implementing these concepts in Spring Security
- Configuring Spring Security
--- Become familiar with the configuration of Spring Security
--- Create a basic security configuration
- User authentication
--- Implement user authentication
--- Using in-memory and database backends for authentication
- Custom Authentication
--- Adapting authentication with custom providers
--- Understanding password encryption and salting
- Access control and permissions
--- Managing permissions and roles in Spring Security
--- Implementing access control in the application
- Session management and CSRF protection
--- Understand how Spring Security handles session management
--- Implement CSRF protection
- Authentication Mechanisms
--- Understand the differences between form-based and token-based authentication
--- Implement token-based authentication with Spring Security
- OAuth 2.0 and OpenID Connect
--- Introduction to OAuth 2.0 and OpenID Connect
--- Understanding the OAuth 2.0 and OpenID Connect protocol
--- Implementing OAuth 2.0 and OpenID Connect in Spring Security
- Identity Provider with Keycloak
--- Introduction to Keycloak as an identity provider
--- Integrating Keycloak into Spring Security
--- Understanding Single Sign-On (SSO) with Keycloak
- Upgrade to Spring Security 6.1
--- Introduction to the new features and enhancements in Spring Security 6.1
--- Step-by-step guide for upgrading from version 5 or 6.0 to 6.1
- Best practices and security tips
--- Best practices for using Spring Security
- Q&A and closing discussion

We will focus on deepening and understanding a specific selection of topics.


Disclaimer: The actual course content may vary from the above, depending on the trainer, implementation, duration and constellation of participants.

Whether we call it training, course, workshop or seminar, we want to pick up participants at their point and equip them with the necessary practical knowledge so that they can apply the technology directly after the training and deepen it independently.

Goal:

This two-day Spring Security course will provide participants with a solid understanding of the fundamentals and advanced concepts of security in Spring applications. The goal is for you to be able to implement effective security measures, from basic authentication to the integration of advanced security protocols such as OAuth 2.0 and OpenID Connect. The course also focuses on practical applicability, enabling participants to apply what they have learned directly to their own projects.


Form:

A proven mix of concepts, live coding and collaboration on an exemplary microservice application. Always geared towards the efficient usage of Spring Security in real-life projects and production.


Target Audience:

The target audience of this course are software developers, system architects and IT professionals who want to expand their knowledge in the area of application security with a focus on Spring Security. The course is designed for participants who already have experience in developing Spring or Java applications and want to deepen their understanding of security aspects.


Requirements:

Experience in the development of Spring or Java applications.


Preparation:

Each participant receives a questionnaire and installation instructions after registration. Matching the answers we send individual feedback.

Request In-House Course:

In-House Kurs Anfragen

Waitinglist for public course:

Sign up for the waiting list for more public course dates. Once we have enough people on the waiting list, we will determine a date that suits everyone as much as possible and schedule a new session. If you want to participate directly with two colleagues, we can even plan a public course specifically for you.

Waiting List Request

(If you already have 3 or more participants, we will discuss your preferred date directly with you and announce the course.)

Share by: