Securing your Spring apps with modern Spring Security
Laurentiu Spilca - Endava
Confused and worried about all the new and old ways of using Spring Security? Come and clarify your concerns before introducing vulnerabilities in your Spring apps. The workshop will include all the relevant details on major changes starting with Spring Security 6. We’ll work on both old and new configuration fashions with an accent on the new ones and how to upgrade. The focus will be mostly on the configurations you mostly need in real-world apps.
Agenda
The workshop will include all the relevant details on major changes starting with Spring Security 6. We’ll work on both old and new configuration fashions with an accent on the new ones and how to upgrade. The focus will be mostly on the configurations you mostly need in real-world apps.
- Spring Security authentication & authorization class design (before and after Spring Security 6)
- Credentials management
- Implementing authorization at the endpoint and method level
- Configuring CSRF & CORS
- OAuth 2/OpenID Connect in practice
- Implementing an OAuth 2/OpenID Connect authorization server (part 1)
- Implementing an OAuth 2/OpenID Connect authorization server (part 2)
- Implementing a resource server
- Testing security configurations