This repository contains my projects and exercises from the "Spring Security: Zero to Master" course on Udemy. This course covers a wide range of topics related to Spring Security, aiming to provide a comprehensive understanding of authentication, authorization, and security features in Spring applications.
'Spring Security Zero to Master' course will help in understanding the Spring Security Architecture, important packages, interfaces, classes inside it which handles authentication and authorization requests in the web applications. It also covers most common security related topics like CORs, CSRF, JWT, OAUTH2, password management, method level security, user, roles & authorities management inside web applications.
- Spring Security framework details and it features
- How to adapt security for a Java web application using Spring Security
- Password Management in Spring Security with PasswordEncoders
- Deep dive about encoding, encryption and hashing
- What is CSRF, CORS and how to address them
- What is Authentication and Authorization. How they are different from each other.
- Securing endpoint URLs inside web applications using Ant, MVC & Regex Matchers
- Filters in Spring Security and how to write own custom filters
- Deep dive about JWT (JSON Web Tokens) and the role of them inside Authentication & Authorization
- Deep dive about OAUTH2 and various grant type flows inside OAUTH2.
- Deep dive about OpenID Connect & how it is related to OAUTH2
- Applying authorization rules using roles, authorities inside a web application using Spring Security
- Method level security in web/non-web applications
- Social Login integrations into web applications
- Set up of Authorization Server using KeyCloak
- Basic Authentication Project: Implementing basic login and user authentication.
- OAuth2 Integration: Integrating OAuth2 for external authentication.
- Role-Based Access Control: Implementing role-based access controls for different user types.
- Java
- Spring Boot
- Spring Security
- Maven/Gradle
- OAuth2
- JWT