Spring Security [Video]

Eugen Paraschiv

Spring Security [Video]
Downloadable video: $39.99
save 15%!

Packt Video. Stream online or download for unrestricted offline use. Learn more

Course Contents
The Author
Sample Clip
  • New! Packt Video courses: practical screencast-based tutorials that show you how to get the job done. Bite sized chunks, hands on instructions, and powerful results.
  • Fully secure your web application with Spring Security
  • Implement authentication and registration with the database as well as with LDAP
  • Utilize authorization examples that help guide you through the authentication of users step-by-step
  • Learn with precise and practical examples for advanced security scenarios such as ACL, REST, and Remember Me
  • See how to integrate with your choice of technology and framework

Video Details

Language : English
Release Date : Thursday, August 29, 2013
Course Length : 2 hour 10 minutes
ISBN : 1782168656
ISBN 13 : 9781782168652
Author(s) : Eugen Paraschiv
Topics and Technologies : All Books, Application Development, Video, e-Learning, Open Source

Table of Contents

  1. Spring Security Setup  [30:11 minutes]
    • Introduction to the Course
    • The Spring Security Setup and Form-based Authentication
    • Authentication – Log in and Log Out
    • Authorization – URL
    • Authorization – Security Expressions
    • Authorization – in Page

  2. Registration [15:00 minutes]
    • The Registration Process with an In-memory Authentication Provider
    • The Registration Process with a JDBC-backed Authentication Provider
    • The Registration and Authentication Process with JPA

  3. The Remember Me Authentication [14:08 minutes]
    • The Remember Me Mechanism with a Cookie - The Basic Setup
    • The Remember Me Mechanism with a Cookie - Advanced Analysis
    • The Remember Me Mechanism with Persistence
    • The Remember Me Mechanism with More Advanced Scenarios

  4. Spring Security with LDAP [13:31 minutes]
    • Authentication with LDAP
    • Authorization with LDAP
    • Authentication and Authorization with an External LDAP Server

  5. Authorization with Spring Expressions [16:15 minutes]
    • Authorization With Expressions - URL
    • Authorization With Expressions - in Page
    • Authorization With Expressions - on Methods

  6. REST Authentication and Authorization [19:35 minutes]
    • The REST Service and Its Setup
    • REST with Basic Authentication
    • REST with Digest Authentication

  7. Spring Security ACL [21:21 minutes]
    • Introduction to Domain Object Security and ACL
    • The ACL Data Structure
    • The ACL Setup and Configuration with Spring Security
    • Advanced ACL

Eugen Paraschiv

Eugen Paraschiv is a Senior Software Engineer living in Bucharest, Romania, and has more than six years of experience developing and securing a wide range of web applications and systems. His current work is focused on security, REST, and machine learning. He has hands-on experience with Spring Security on several large systems and with a variety of security standards (SSO/CAS, LDAP, UAA, OAuth, and so on).

For more information, Eugen blogs at http://www.baeldung.com, tweets at @baeldung, and his projects are live on https://github.com/eugenp.

Sorry, we don't have any reviews for this video yet.

Sorry, there are currently no downloads available for this video.

Code Downloads

Download the code and support files for this video.

Support, complaints and feedback.

Packt is committed to making Packt Video courses a valuable, useful way for IT professionals to learn new skills. We have made every effort to ensure that this course reaches the required standard and will work on our customer's devices. Please go to our support page.

What you will learn from this video course

  • Implement the basic security for a web application starting with authentication and authorization techniques
  • Dig deeper into the process of registration, from raw JDBC to the implementation of a more mature and production-ready Hibernate/JPA implementation
  • Discuss and learn how to implement Remember Me for a web application along with the benefits that it brings, and also learn about the standard Cookie implementation and the harder-to-attack persistence-backed implementation
  • Integrate and set up Spring Security to talk to LDAP
  • Map both the users and the authorities/roles and finish with some advanced scenarios
  • Explore practical usages of Spring Expressions, from securing full pages by their URL to securing elements within a page and finally securing business functionality in the Service Layer
  • Implement the security of a REST API and learn how to set up both basic and advanced authentication processes.
  • Learn how to utilize Spring Security for higher levels of security scenarios including the Access Control Lists for all domain entities in the application
  • Learn how to spot potential design flaws that can make an application vulnerable and how to address these concerns by using and adapting the highly flexible Spring Security framework to your own environment and security need.

Who this video course is for

This video course is for Java developers who are looking to build new web applications or secure existing ones by removing as much boilerplate as possible through practical solutions. Viewers should be acquainted with basic Java and XML and should have knowledge of the Spring framework.

In Detail

Secure a standard Java web application with Spring Security by implementing registration and authentication processes and setting up the Remember Me mechanism. This course shows you how to leverage the powerful authorization mechanisms available and allows you to grasp the full flexibility of Spring expressions. Learn how to secure the REST API of this application and how to set up the advanced ACL Authorization for practical application.

This video course will help you secure your web application with the use of highly practical examples. You will also learn how to implement security checks, thus enabling you to create a staunch authentication mechanism that will prevent spoofing. Integrate with LDAP and progress on to more advanced security techniques such as Remember Me or the powerful ACL mechanism.

These pragmatic videos will help you learn how to implement various techniques for securing your web application through the use of simple to advanced use cases that follow the development of a web application using practical, step-by-step examples.

Each video section shows different ways to empower Spring Security for the web. The authentication techniques comprising of login, registration, and logout are implemented in this course. Moreover, the Remember Me functionality is added to the web app in addition to integration with a production-ready LDAP server. Further on, the authorization method is used and discussed in detail with simple roles, before moving on to the more flexible Spring expressions and finally the extremely powerful Access Control Lists mechanism, which allow security rules per object.

Ultimately, this video course is meant to help you hit the ground running with proper security for your web applications. The primary goal of the course is to be efficient, utilitarian, and immediately applicable for a web application.


Packt video courses are designed to cover the breadth of the topic in short, hands-on, task-based videos. Each course is divided into short manageable sections, so you can watch the whole thing or jump to the bit you need. The focus is on practical instructions and screencasts showing you how to get the job done.

A comprehensive video course with clear examples for securing your system using Spring Security.

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software