Securing REST Services Using Spring Security 5
Learn the best practices to protect HTTP-based APIs using Spring Security. This course will teach you not only how to secure new Spring Boot applications that you are beginning to work on, but also how to add security to existing ones.
What you'll learn
As REST APIs become more and more common, securing them from unauthorized access and protecting them from hacking attacks is vital. In this course, Securing REST Services Using Spring Security 5, you’ll learn exactly that: how to make sure only authorized users can access your APIs and protecting them against common attacks. First, you’ll explore how to add authentication to your REST endpoints. Next, you’ll discover how to pass claims and scopes into your web-based application. Finally, you’ll learn how to secure both your HTTP endpoints and the service layer methods that implement their logic. When you’re finished with this course, you’ll have the skills and knowledge of Spring Security needed to write secure HTTP-based APIs for your websites, mobile apps, and other programmatic clients
Table of contents
- Introduction 3m
- The NekoShlink REST Project 2m
- Demo: Getting Familiar with the NekoShlink REST APIs 2m
- Demo: Adding API Key Authentication with a Custom Authentication Provider 6m
- Transport Layer Security (TLS) and Server X.509 Certificates 3m
- Demo: Adding TLS to NekoShlink 5m
- Mutual Transport Layer Security (mTLS) and Client X.509 Certificates 1m
- Demo: Adding mTLS to NekoShlink 5m
- Summary 1m
- Introduction 2m
- Auditing User Access to a Spring Application 3m
- Demo: Auditing User Access in NekoShlink with Spring Security and Spring Actuator Events 3m
- Auditing Access to Data in a Spring Application 3m
- Demo: Auditing Data Access in NekoShlink with JPA Callbacks and Spring Data Audit 3m
- Auditing Changes to Data and Storing Historical Data with Hibernate Envers 2m
- Demo: Integrating Hibernate Envers to NekoShlink 2m
- Auditing Changes to Data and Storing Historical Data with JaVers 1m
- Demo: Integrating JaVers to NekoShlink 2m
- Summary 1m
- Course Wrap-up 2m
About the author
Also known as Fed in the English-speaking world, Federico has an intriguing eclectic approach to technology. In love with it since he was 12 - back in the days of the Commodore 64 - he betrays it on a regular basis: first with ballet and contemporary dance, then with synchronised swimming, recently with Japanese language and culture. Mostly a Java/Scala developer and Linux/Mac OS user, over the course of 20+ years he has had commercial experience in several other platforms and programming langua... more