Securing Your Spring Boot 3.0 Applications With Jwt Token
Published 1/2023
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 788.69 MB | Duration: 1h 59m
Published 1/2023
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 788.69 MB | Duration: 1h 59m
Spring Security with JWT: Protect Your Applications from Unauthorized Access
What you'll learn
Implement user authentication and authorization using Spring Security
Encrypt user passwords using BCrypt
Implement role-based authorization with Spring Security
Use JSON Web Tokens (JWT) to provide a secure, stateless method of authentication
ntegrate JWT into a Spring Boot application
Requirements
Java Knowledge
Description
Are you looking to secure your Spring Boot applications and keep them safe from unauthorized access? Look no further! Our course, "Spring Security with JWT: Protect Your Applications from Unauthorized Access," is the perfect solution for you.In this course, you'll learn everything you need to know about using Spring Security and JSON Web Tokens (JWT) to secure your applications. We'll start by teaching you the basics of Spring Security and how it can be used to authenticate and authorize users in your application. From there, you'll learn how to implement JWT to provide a secure, stateless method of authentication.With our step-by-step instructions and hands-on exercises, you'll gain the knowledge and skills you need to confidently secure your Spring Boot applications. Plus, with lifetime access to the course materials, you can revisit the lessons anytime you need a refresher.Don't let unauthorized access threaten the security of your applications. Enroll in "Spring Security with JWT: Protect Your Applications from Unauthorized Access" today and take the first step towards safeguarding your valuable assets.A JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is digitally signed using JSON Web Signature (JWS).A JWT consists of three parts: a header, a payload, and a signature.The header typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA.The second part of the token is the payload, which contains the claims. Claims are statements about an entity (typically, the user) and additional data. There are three types of claims: registered, public, and private claims. Registered claims are a set of predefined claims which are not mandatory but recommended, to provide a set of useful, interoperable claims. Some of the registered claims are:iss (issuer) claim identifies the principal that issued the JWT.sub (subject) claim identifies the subject of the JWT.aud (audience) claim identifies the recipients that the JWT is intended for.exp (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.Public claims are claims that are defined in the IANA JSON Web Token Registry or are public by nature. Private claims are custom claims created to share information between parties that agree on using them.The third part of the token is the signature, which is used to verify that the sender of the JWT is who it claims to be and to ensure that the message wasn't changed along the way.To create the signature part you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that. For example if you want to use the HMAC SHA256 algorithm, the signature will be created in the following way:HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), secret)The final JWT will be three base64-URL strings separated by dots, which can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML.
Overview
Section 1: Introduction
Lecture 1 How JWT based security works
Lecture 2 Source code
Section 2: Bootstrap the application
Lecture 3 Create a new Spring boot 3.0 project
Lecture 4 Add a new datasource
Lecture 5 Establish connection to the database
Section 3: Create an application User
Lecture 6 Create a new User java class
Lecture 7 Transform the user to an Entity
Lecture 8 Extend the user and make it a UserDetails object
Lecture 9 Create the User repository
Section 4: Implementing the JWT authentication filter
Lecture 10 Create the JWT authentication filter
Lecture 11 Checking the JWT token
Lecture 12 Create the JWT Service
Lecture 13 Add the JJWT dependencies
Lecture 14 What is a JWT toekn
Lecture 15 Extract claims from the JWT
Lecture 16 Implement the SignIn key method
Lecture 17 Extract a single claim from JWT
Lecture 18 Extract the username from the token
Lecture 19 Generate the JWT token
Lecture 20 Check if the token is valid
Lecture 21 Check the user existence in the database (JwtAuthFilter)
Lecture 22 Implement the user details service
Lecture 23 Update the SecuritContextHolder and finalise the filter
Lecture 24 Add the security configuration
Lecture 25 Create the authentication provider bean
Lecture 26 Create the authentication manager bean
Section 5: Implement the authentication controller
Lecture 27 Create the authentication controller
Lecture 28 Create the authentication response
Lecture 29 Create the register request object
Lecture 30 Create the authentication request object
Lecture 31 Create the authentication service
Lecture 32 Implement the register method
Lecture 33 Implement the authenticate method
Lecture 34 Update the security configuration whitelist
Lecture 35 Create a demo controller
Section 6: Test the application
Lecture 36 Test the application
Students,Beginners,Mid level