Build Spring Boot Web Application with JPA, Spring Security
- Description
- Curriculum
- FAQ
- Reviews
In this course students can learn how to develop login and logout feature with spring security by using spring boot web application in easy way.
Key concepts implementation:
Sign Up, login, logout, forgot password, reset password, sending an email to user to reset the password, change password implementation (Spring security 6 + spring boot + MySQL database)
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications.
Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements
Features
-
Comprehensive and extensible support for both Authentication and Authorization
-
Protection against attacks like session fixation, clickjacking, cross site request forgery, etc
-
Servlet API integration
-
Optional integration with Spring Web MVC
Authentication :
Spring Security provides comprehensive support for authentication. Authentication is how we verify the identity of who is trying to access a particular resource. A common way to authenticate users is by requiring the user to enter a username and password. Once authentication is performed we know the identity and can perform authorization.
Spring Security provides built-in support for authenticating users. This section is dedicated to generic authentication support that applies in both Servlet and WebFlux environments. Refer to the sections on authentication for Servlet and WebFlux for details on what is supported for each stack.
Authorization :
Spring Security provides comprehensive support for authorization. Authorization is determining who is allowed to access a particular resource. Spring Security provides defense in depth by allowing for request based authorization and method based authorization.
Development features:
Software installation.
Spring boot web project development from scratch.
Bootstrap spring boot web application.
Create Login and Logout , registration, forgot password, change password web pages in easy way.
Understand spring security in easy way.
Understand Authentication and Authorization.
Understand CSRF attack and how attackers can hack web application.
Create User and Roles.
Implement Many to Many relationship between user and roles.
Create spring security custom configuration class.
login application by using static user credentials.
login application by using credentials from database
Ajax calls to validate user exist in database or not.
Forgot password implementation.
Send email with reset password link to end user.
Reset Password web page implementation.
Change password web page implementation and e.t.c.
-
2
Download and Install EclipseIn this lecture you can learn how to download and install eclipse
-
3
Download and install MySQL
In this lecture you can learn how to download and install mysql
-
4
Download and install SQLyog
In this lecture you can learn how to download and install SQLyog graphical interface. It is useful for to execute sql queries.
-
5
create spring boot project with spring initializer
1. Understand spring initializr
2. Create spring boot web project
3. Import project in to eclipse
-
6
Create LoginController class
In this lecture you can create login controller class and it's execution
-
7
Create login web page
In this lecture you can create login.jsp
-
8
Design login web page with bootstrap
download login.jsp source file
-
9
Optimize login web page
Instead of loading css file from website, we can download css file in to spring boot project and refer that file in our login web page
-
10
Create User Registration web page
In this lecture we can design user registration web page
-
11
Design User Registration web page with bootstrap
In this lecture we can design our user registration web page with bootstrap
-
12
Create home page
-
13
Spring security introduction
In this lecture you can understand what is spring security
-
14
Understand spring security execution flow
In this lecture you can understand execution flow of spring security.
-
15
Enable spring security to our web application
In this lecture you can understand how to enable spring security to our web application and authenticate with default user name (user) and spring security generated password.
-
16
Configure static user credentials by using application properties
In this lecture you can learn how to configure static credentials in spring security.
-
17
Create custom security configuration class
In this lecture you can learn how to create custom security configuration.
-
18
Create multiple static user credentials by using custom security class
In this lecture you can create multiple static user credentials by using SpringSercurityCustomConfiguration class.
-
19
Enhance defaultPasswordEncoder with BCryptPasswordEncoder
In this lecture encode password by using BCryptPasswordEncoder instead of defaultPasswordEncoder.
-
20
Understand JSESSIONID in Spring Security.
In this lecture you can understand how spring security is maintaining authentication for subsequent of requests without entering username and password again and again.
-
21
Understand CSRF attack in our web application.
In this lecture you can understand about what is CSRF attack in our web application
-
22
Understand how spring security protecting our web application from csrf attack
In this lecture you can understand how spring security protecting our web application by using csrf token
-
23
Display default home page after authentication
In this lecture you can learn, how to configure default home page for our web application.
-
24
Display custom login page instead of default login page of spring security
-
25
Display custom login page as default web page.
Display custom login page as default web page.
-
26
26. Login web application with custom login page.
In this lecture you can learn how to login web application with custom login page
-
27
Display login error message in login page for invalid credentials.
In this lecture you can learn how to handle login error messages.
-
28
Implement logout functionality
In this lecture you can learn how to implement logout functionality in spring security.
-
29
Display logout success message in login page
In this lecture you can learn how to display logout success message in login page.
-
31
Create User and Role entities
-
32
Create User and Role JPA Repository
-
33
Create many to many relationship between User and Role Entity
In this lecture you can learn how to create Many to Many relationship between UserEntity and RoleEntity.
-
34
Auto generate database tables
In this class you can learn how to auto generate database tables by using hibernate or jpa
-
35
Create DTO and service classes
In this lecture you can learn how to create user dto and service classes
-
36
Write logic to send data from registration web page to controller and service
-
37
User registration web page data validation.
-
38
Configure user roles in MySQL database
-
39
Understand about ModelMapper and create ModelMapper component
In this lecture you can understand about ModelMapper.
ModelMapper is used to convert DTO to Entity and Entity to DTO
-
40
Implement business logic to insert user data.
In this lecture you can implement business logic to insert the data
-
41
Insert user details in database
In this lecture, you can insert user details in database by using registration web page.
-
42
Display user registration successful message in login page.
In this lecture, you can learn how to display user registration successful message in login page
-
43
Duplicate email id server side validation
In this lecture you can lean server side validation for duplicate email id.
-
44
Download JQuery library and include it in user registration web page
In this lecture you can learn how to download jquery library and add this library in user registration web page.
-
45
Implement Ajax call to validate email id
In this lecture you can learn how to make an ajax call in jquery
-
46
Create findByEmail rest API
In this lecture, you can implement rest API to validate email address exists or not
-
47
Test JQuery Ajax call to validate email id present in database or not
-
50
Create and display forgot password web page
In this lecture, you can create forgot password web page
-
51
Create email sender service class
In this lecture, you can create Email sender service class to send an email to end user.
-
52
Configure SMTP properties in application.properties
In this lecture, you can configure smtp properties
-
53
Add reset password token and token created date columns in user table
In this lecture, two new column are added in user table for password reset functionality
-
54
Create send email method
In this lecture, you can create a method to send an email to end user
-
55
Generate Rest Password token and Reset Password link
In this lecture, will generate reset password token and reset password link.
-
56
Update reset password token in user table
In this lecture, we will insert reset password token in user table.
-
57
Construct email content to send an email to end user
In this lecture, you can construct an email content to send an email to end user.
-
58
Send an email to end user with reset password link
In this lecture, you can test forgot password functionality.
-
59
Create reset password web controller.
In this lecture, you can create reset password web page
-
60
Validate reset password token.
-
61
Validate reset password link expiry time.
In this lecture, you can write logic to validate reset password link expiry time.
-
62
Create change password web page and message web page.
-
63
Validate password and confirm password match
In this lecture, you can learn how to validate password and confirm password by using javascript.
-
64
What happens if I modify reset password link token in browser?
In this lecture , you can learn how to handle negative scenario like what happens if I modify reset password link
-
65
Create web controller method to update change password in database
In this lecture, write controller method to update change password in database
-
66
Implement logic to update change password in database
In this lecture, you can implement logic to update the change password in database.
