This plan includes
- Limited free courses access
- Play & Pause Course Videos
- Video Recorded Lectures
- Learn on Mobile/PC/Tablet
- Quizzes and Real Projects
- Lifetime Course Certificate
- Email & Chat Support
What you'll learn?
- Implement user authentication and authorization using Spring Security
- Encrypt user passwords using BCrypt
- Implement role-based authorization with Spring Security
- Use JSON Web Tokens (JWT) to provide a secure, stateless method of authentication
- ntegrate JWT into a Spring Boot application
Course Overview
Are you looking to secure your Spring Boot applications and keep them safe from unauthorized access? Look no further! Our course, "Spring Security with JWT: Protect Your Applications from Unauthorized Access," is the perfect solution for you.
In this course, you'll learn everything you need to know about using Spring Security and JSON Web Tokens (JWT) to secure your applications. We'll start by teaching you the basics of Spring Security and how it can be used to authenticate and authorize users in your application. From there, you'll learn how to implement JWT to provide a secure, stateless method of authentication.
With our step-by-step instructions and hands-on exercises, you'll gain the knowledge and skills you need to confidently secure your Spring Boot applications. Plus, with lifetime access to the course materials, you can revisit the lessons anytime you need a refresher.
Don't let unauthorized access threaten the security of your applications. Enroll in "Spring Security with JWT: Protect Your Applications from Unauthorized Access" today and take the first step towards safeguarding your valuable assets.
A JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is digitally signed using JSON Web Signature (JWS).
A JWT consists of three parts: a header, a payload, and a signature.
-
The header typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA.
-
The second part of the token is the payload, which contains the claims. Claims are statements about an entity (typically, the user) and additional data. There are three types of claims: registered, public, and private claims. Registered claims are a set of predefined claims which are not mandatory but recommended, to provide a set of useful, interoperable claims. Some of the registered claims are:
-
iss (issuer) claim identifies the principal that issued the JWT.
-
sub (subject) claim identifies the subject of the JWT.
-
aud (audience) claim identifies the recipients that the JWT is intended for.
-
exp (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
Public claims are claims that are defined in the IANA JSON Web Token Registry or are public by nature. Private claims are custom claims created to share information between parties that agree on using them.
-
The third part of the token is the signature, which is used to verify that the sender of the JWT is who it claims to be and to ensure that the message wasn't changed along the way.
To create the signature part you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that. For example if you want to use the HMAC SHA256 algorithm, the signature will be created in the following way:
HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), secret)
The final JWT will be three base64-URL strings separated by dots, which can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML.
Pre-requisites
- Java Knowledge
Target Audience
- Students
- Beginners
- Mid level
Curriculum 35 Lectures 00:15:10
Section 1 : Introduction
Section 2 : Bootstrapping the application
- Lecture 1 :
- Create a new spring boot 3.0 Project
- Lecture 2 :
- Add a new data source
- Lecture 3 :
- Establish connection to the database
Section 3 : Create an application user
- Lecture 1 :
- Create a new User java class
- Lecture 2 :
- Transform the user to an Entity
- Lecture 3 :
- Extend the user and make it a UserDetails object
- Lecture 4 :
- Create the User repository
Section 4 : Implement the JWT authentication filter
- Lecture 1 :
- Create the JWT authentication filter
- Lecture 2 :
- Checking the JWT token
- Lecture 3 :
- Create the JWT Service
- Lecture 4 :
- Add the JJWT dependencies
- Lecture 5 :
- What is a JWT toekn
- Lecture 6 :
- Extract claims from the JWT
- Lecture 7 :
- Implement the SignIn key method
- Lecture 8 :
- Extract a single claim from JWT
- Lecture 9 :
- Extract the username from the token
- Lecture 10 :
- Generate the JWT token
- Lecture 11 :
- Check if the token is valid
- Lecture 12 :
- Check the user existence in the database (JwtAuthFilter)
- Lecture 13 :
- Implement the user details service
- Lecture 14 :
- Update the SecuritContextHolder and finalise the filter
- Lecture 15 :
- Add the security configuration
- Lecture 16 :
- Create the authentication provider bean
- Lecture 17 :
- Create the authentication manager bean
Section 5 : Implement the authentication controller
- Lecture 1 :
- Create the authentication controller
- Lecture 2 :
- Create the authentication response
- Lecture 3 :
- Create the register request object
- Lecture 4 :
- Create the authentication request object
- Lecture 5 :
- Create the authentication service
- Lecture 6 :
- Implement the register method
- Lecture 7 :
- Implement the authenticate method
- Lecture 8 :
- Update the security configuration whitelist
- Lecture 9 :
- Create a demo controller
Section 6 : Test the application
- Lecture 1 :
- Test the application
Our learners work at
Frequently Asked Questions
How do i access the course after purchase?
It's simple. When you sign up, you'll immediately have unlimited viewing of thousands of expert courses, paths to guide your learning, tools to measure your skills and hands-on resources like exercise files. There’s no limit on what you can learn and you can cancel at any time.Are these video based online self-learning courses?
Yes. All of the courses comes with online video based lectures created by certified instructors. Instructors have crafted these courses with a blend of high quality interactive videos, lectures, quizzes & real world projects to give you an indepth knowledge about the topic.Can i play & pause the course as per my convenience?
Yes absolutely & thats one of the advantage of self-paced courses. You can anytime pause or resume the course & come back & forth from one lecture to another lecture, play the videos mulitple times & so on.How do i contact the instructor for any doubts or questions?
Most of these courses have general questions & answers already covered within the course lectures. However, if you need any further help from the instructor, you can use the inbuilt Chat with Instructor option to send a message to an instructor & they will reply you within 24 hours. You can ask as many questions as you want.Do i need a pc to access the course or can i do it on mobile & tablet as well?
Brilliant question? Isn't it? You can access the courses on any device like PC, Mobile, Tablet & even on a smart tv. For mobile & a tablet you can download the Learnfly android or an iOS app. If mobile app is not available in your country, you can access the course directly by visting our website, its fully mobile friendly.Do i get any certificate for the courses?
Yes. Once you complete any course on our platform along with provided assessments by the instructor, you will be eligble to get certificate of course completion.For how long can i access my course on the platform?
You require an active subscription to access courses on our platform. If your subscription is active, you can access any course on our platform with no restrictions.Is there any free trial?
Currently, we do not offer any free trial.Can i cancel anytime?
Yes, you can cancel your subscription at any time. Your subscription will auto-renew until you cancel, but why would you want to?
Instructor
3727 Course Views
5 Courses