Spring Boot - Security
$10.00
Minimum price
$20.00
Suggested price

Spring Boot - Security

Version: 2.0 - Date: 04.2021

About the Book

This is third Book in the series

1. Spring Boot - Quick Start

2. Spring Boot - Accessories

3. Spring Boot - Security

Content

Intention of this Book is to quickly get you started with Spring Boot security like: Authentication, Authorization, Roles, Authorities, Credentials, Login Form, Username, Password, CSRF, CORS, Remember Me, 2FA, JWT.

Standalone Tutorials

The core of this Book are standalone tutorials that explain different functionalities of Spring Boot.

Each tutorial contains minimum amount of code needed to explain specific functionality.

And also minimum amount of encompassing text that explains related theory and different parts of the code.

This approach allows students to grasp presented concepts in a very fast and efficient manner.

Full code, which can also be downloaded from GitHub, prevents any time being wasted trying to make the code work.

Simple examples allow for full understanding of the functionality without any unnecessary distractions.

Theoretical Background

Where needed tutorials are preceded by chapters focusing on theoretical background.

This way reader can fully understand functionalities explained in the subsequent chapters.

But such chapters are in minority and of secondary importance because the main focus is on practical applications.

Demo Application

Book contains demo Application that show how to combine some of the security features covered in previous tutorials by focusing on JWT and Database Authentication.

About the Author

Ivor Online
Ivor Online

WHY TUTORIALS?

"Things are only as complicated as they are badly explained" 

Proper documentation is essential to avoid struggle and frustration when working with simple things that only seem complicated by not being properly documented and explained. 

 

WHAT KIND OF TUTORIALS?

"Working example is worth thousand words"

Just like the picture is worth thousand words the same goes for the working example. Documentation in the form of working examples is proved to be the fastest and the most effective way of transferring knowledge. Sometimes an example is all you need to get the things done. And if there are some accompanying comments that explain what is going on even better. This approach is used in this book. This results in fast learning and the ability to apply tutorials when you need them in the spirit of Just In Time Support. 

I wish you rapid learning!

www.ivoronline.com

 

 

Bundles that include this book

$60.00
Suggested Price
$40.00
Bundle Price

Table of Contents

  • 1. Theory
    • 1.1 Authentication
      • 1.1.1 Identity/Principal
      • 1.1.2 Credentials vs Principal
      • 1.1.3 UserDetails Object
      • 1.1.4 Authentication Object
      • 1.1.5 Session Object
    • 1.2 Authorization
      • 1.2.1 Authorities vs Roles
  • 2. Main Terms
    • 2.1 Define Users
      • 2.1.1 Default User
      • 2.1.2 application.properties
      • 2.1.3 application.properties - Profiles with Authorities
      • 2.1.4 WebSecurityConfig - configure()
      • 2.1.5 WebSecurityConfig - userDetailsService()
      • 2.1.6 MyUserDetailsService - Hard Coded Users
      • 2.1.7 MyUserDetailsService - Database
      • 2.1.8 MyUserDetailsService - Database - Profiles with Authorities
    • 2.2 Add Authorities to Endpoints
      • 2.2.1 @Secured - Roles
      • 2.2.2 @PreAuthorize - Roles & Authorities
      • 2.2.3 @PreAuthorize - Custom Methods
      • 2.2.4 @PreAuthorize - Custom Methods - Books
      • 2.2.5 antMatchers() - Select Endpoints
      • 2.2.6 antMatchers() - Add Authorities
      • 2.2.7 antMatchers() - Only check if Authenticated
    • 2.3 Read Credentials
      • 2.3.1 Automatic - Login Form - Default
      • 2.3.2 Automatic - Login Form - Custom
      • 2.3.3 Automatic - Authorization Header
      • 2.3.4 Manual - Controller - Headers
      • 2.3.5 Manual - Controller - Authorization Header
      • 2.3.6 Manual - Controller - HTTP Request Parameters
      • 2.3.7 Manual - Controller - Login Form
      • 2.3.8 Manual - Controller - JSON
      • 2.3.9 Manual - Filter - Headers
      • 2.3.10 Manual - Filter - Authorization Header
      • 2.3.11 Manual - Filter - HTTP Request Parameters
    • 2.4 Authentication
      • 2.4.1 Automatic - Login Form - Default - application.properties
      • 2.4.2 Automatic - Login Form - Default - configure(Auth...)
      • 2.4.3 Automatic - Login Form - Default - userDetailsService()
      • 2.4.4 Automatic - Login Form - Default - MyUserDetailsService
      • 2.4.5 Manual - authenticationManagerBean() - configure(Auth...)
      • 2.4.6 Manual - authenticationManagerBean() - userDetailsService()
      • 2.4.7 Manual - authenticationManagerBean() - MyUserDetailsService
      • 2.4.8 Manual - MyAuthenticationManager - userDetailsService()
      • 2.4.9 Manual - MyAuthenticationManager - MyUserDetailsService
      • 2.4.10 Events - Log to Console
    • 2.5 Password Encoders
      • 2.5.1 No Operation
      • 2.5.2 LDAP
      • 2.5.3 Sha256
      • 2.5.4 BCrypt
  • 3. Additional Terms
    • 3.1 Remember Me
      • 3.1.1 Login Form - Default
      • 3.1.2 Login Form - Custom
      • 3.1.3 Login Form - Default - DB - PostgreSQL
      • 3.1.4 Login Form - Default - DB - H2
    • 3.2 CSRF (Cross-Site Request Forgery)
      • 3.2.1 Theory - Normal User Interaction
      • 3.2.2 CSRF Attack - Theory
      • 3.2.3 CSRF Attack - Application
      • 3.2.4 CSRF Token - Theory
      • 3.2.5 CSRF Token - Application
    • 3.3 CORS (Cross Origin Resource Sharing)
      • 3.3.1 Application - Source
      • 3.3.2 Application - Destination
      • 3.3.3 CORS - Disabled
      • 3.3.4 CORS - Enabled - Annotations
      • 3.3.5 CORS - Enabled - API
    • 3.4 2FA (2 Factor Authentication)
      • 3.4.1 Step 1: Copy Project
      • 3.4.2 Step 2: Register
      • 3.4.3 Step 3: Enter Code
      • 3.4.4 Step 4: Restrict Access
    • 3.5 JWT (JSON Web Token)
      • 3.5.1 Step 1 - Get Token
      • 3.5.2 Step 2 - Send Token - As Request Parameter - Get Claims
      • 3.5.3 Step 3 - Send Token - In Authorization Header - Get Claims
      • 3.5.4 Step 4 - Send Token - In Authorization Header - Get Username
      • 3.5.5 Step 5 - Filter
      • 3.5.6 Step 6 - Authenticate
  • 4. Demo Applications
    • 4.1 JWT Authorities from DB
      • 4.1.1 Step 1 - DB Authorities
      • 4.1.2 Step 2 - JWT
  • 5. Appendix
    • 5.1 IntelliJ
      • 5.1.1 Install
      • 5.1.2 Create Project
      • 5.1.3 Run Application
    • 5.2 JWT
      • 5.2.1 Introduction
      • 5.2.2 Structure
      • 5.2.3 Usage
      • 5.2.4 Encode/Decode
    • 5.3 Google Chrome
      • 5.3.1 Disable Password Warning Popup
      • 5.3.2 Authorization Header - Encode with Web Page
  • 6. Summary
    • 6.1 Define Users
      • 6.1.1 Default User
      • 6.1.2 application.properties
      • 6.1.3 application.properties - Profiles with Authorities
      • 6.1.4 WebSecurityConfig - configure()
      • 6.1.5 WebSecurityConfig - userDetailsService()
      • 6.1.6 MyUserDetailsService - Hard Coded Users
      • 6.1.7 MyUserDetailsService - Database
    • 6.2 Add Authorities to Endpoints
      • 6.2.1 Annotations
      • 6.2.2 Annotations - Custom Method
      • 6.2.3 antMatchers()
    • 6.3 Password Encoders
    • 6.4 Authentication Classes & Objects
      • 6.4.1 MyAuthenticationManager
      • 6.4.2 MyUserDetailsService
      • 6.4.3 WebSecurityConfig
      • 6.4.4 MyController

The Leanpub 45-day 100% Happiness Guarantee

Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms

Do Well. Do Good.

Authors have earned$10,898,062writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF, EPUB and/or MOBI files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub