Improve your coding skills from beginner to expert with the largest online Java e-learning platform

Spring Security Module 2: OAuth2 and REST

featuring OAuth2
  • This course follows on from our Spring Security Module.
  • We use the CRM system built on the Webservices course, and we will convert this into an OAuth provider.
  • A third party website will then become a client of this site.
  • Part of our Spring Training series.

Pre-requisites

You will need to understand the basic concepts of Spring Security, as covered in Module 1. We use REST extensively, although you only need a basic familiarity with it.

Contents - This module runs for around 6 hours and is equivalent to a 3 day live course.

 

Having problems? check the errata for this course.

1

Introduction


21m 18s
In this course we will be using the CRM system from the Spring Remoting course. You don't need experience of REST, this chapter will explain how to set the system up.

2

Securing a REST Webservice


44m 17s
Adding security to REST is really a case of applying standard Spring Security. We'll use Basic Authentication in this chapter.

3

An Overview of OAuth


41m 52s
OAuth is not the easiest to understand - in this chapter a very basic (and simplified) overview of OAuth 2.

4

The Authorization Code Grant Type - Leg 1


32m 40s
We will implement a full OAuth 2 process - this is the first section where the user (resource owner) authenticates and authorizes.

5

The Authorization Code Grant Type - Leg 2


32m 15s
In Leg 2, we need to authenticate the client

6

The Authorization Code Grant Type - Leg 3


37m 26s
And in Leg 3, we finally grant access to the resources

7

The OAuthRestTemplate


22m 2s
This template improves the client's code dramatically!

8

Additional Scopes


35m 53s
A feature of OAuth is that you can define fine grained scopes - in this chapter we will add a "write" scope.

9

Other Grant Types


41m 5s
There are other, less secure grant types available in OAuth. When should you use them? We also implement one of the grant types in our project.

10

HTTPs (TLS/SSL)


55m 17s
How to encrypt the traffic using HTTPs. This is hard work but an essential step.

11

Module Summary


4m 11s
A preview of what is coming up in Module 3 of this series.

12

Bonus Chapter - JavaConfig for Security


66m 15s
This bonus chapter has been borrowed from our JavaConfig module - it shows how to use JavaConfig to configure the security aspects of your application, including OAuth.

Let the Course Come to You

About Us Pricing Frequently Asked Questions Contact Privacy T&Cs Affiliates and Resellers
Facebook Twitter YouTube LinkedIn