Spring security training in chennai


Spring security training covers latest 4.3 updates


Candidate can have a


                Free demo session before joining the spring framework course


                Clear discussion about the course coverage, syllabus and version to be covered

                

                Permanent trainer with 5+ years of post training support


         

        For experienced candidate we guide them with
      
                1. Real time project standards and best practices to be followed

                2. Writing generic and reusable codes to build any complex architecture.

                3. Support to migrate any older version of product to latest framework.

                4. Solving Architecture level issues.


                5. Interview and resume preparation guidance for experienced candidate


Spring security course content

Introduction

What is Spring Security?

Maven | gradle Configuration

Spring Security Dependencies

Spring-security-core

Spring-security-remoting

Spring-security-web

Spring-security-ldap

Spring-security-config

Spring-security-acl

Spring-security-cas

Spring-security-openid

Spring-security-taglibs



Servlet API integration

Servlet 2.5+ Integration

HttpServletRequest.getRemoteUser()

HttpServletRequest.getUserPrincipal()

HttpServletRequest.isUserInRole(String)

Servlet 3+ Integration

HttpServletRequest.authenticate(HttpServletRequest,HttpServletResponse)

HttpServletRequest.login(String,String)

HttpServletRequest.logout()

AsyncContext.start(Runnable)

Async Servlet Support

Servlet 3.1+ Integration

HttpServletRequest#changeSessionId()


Java Configuration

Hello Web Security Java Configuration

AbstractSecurityWebApplicationInitializer

AbstractSecurityWebApplicationInitializer without Existing Spring

AbstractSecurityWebApplicationInitializer with Spring MVC

HttpSecurity

Java Configuration and Form Login

Authorize Requests

Handling Logouts

LogoutHandler

LogoutSuccessHandler

Further Logout-Related References

Authentication

In-Memory Authentication

JDBC Authentication

LDAP Authentication

AuthenticationProvider

UserDetailsService

LDAP Authentication

Multiple HttpSecurity



Basic and Digest Authentication

BasicAuthenticationFilter Configuration

DigestAuthenticationFilter Configuration



Remember-Me Authentication

Simple Hash-Based Token Approach

Persistent Token Approach

Remember-Me Interfaces and Implementations

TokenBasedRememberMeServices

PersistentTokenBasedRememberMeServices

Cross Site Request Forgery (CSRF)

CSRF Attacks

Synchronizer Token Pattern

When to use CSRF protection

CSRF protection and JSON

CSRF and Stateless Browser Applications

Using Spring Security CSRF Protection

Use proper HTTP verbs

Configure CSRF Protection

Include the CSRF Token

Form Submissions

Ajax and JSON Requests

CookieCsrfTokenRepository

Timeouts

Logging In

Logging Out

Multipart (file upload)

MultipartFilter before Spring Security

Include CSRF token in action



CORS

Security HTTP Response Headers

Default Security Headers

Cache Control

Content Type Options

HTTP Strict Transport Security (HSTS)

HTTP Public Key Pinning (HPKP)

X-Frame-Options

X-XSS-Protection

Content Security Policy (CSP)

Configuring Content Security Policy

Additional Resources

Referrer Policy

Configuring Referrer Policy

Custom Headers

Static Headers

Headers Writer


Session Management

SessionManagementFilter

SessionAuthenticationStrategy

Concurrency Control

Querying the SessionRegistry for currently authenticated users and their sessions


Anonymous Authentication

Configuration

AuthenticationTrustResolver


Authorization

Authorization Architecture

Authorities

Pre-Invocation Handling

The AccessDecisionManager

Voting-Based AccessDecisionManager Implementations

RoleVoter

AuthenticatedVoter

Custom Voters

After Invocation Handling

Hierarchical Roles

Secure Object Implementations

AOP Alliance (MethodInvocation) Security Interceptor

Explicit MethodSecurityInterceptor Configuration

AspectJ (JoinPoint) Security Interceptor

Expression-Based Access Control


Common Built-In Expressions

Web Security Expressions

Referring to Beans in Web Security Expressions

Path Variables in Web Security Expressions


Method Security Expressions

@Pre and @Post Annotations

Access Control using @PreAuthorize and @PostAuthorize

Filtering using @PreFilter and @PostFilter


Built-In Expressions

The PermissionEvaluator interface

Method Security Meta Annotations


Spring MVC Integration

@EnableWebMvcSecurity

MvcRequestMatcher

@AuthenticationPrincipal

Spring MVC Async Integration

Spring MVC and CSRF Integration

Automatic Token Inclusion

Resolving the CsrfToken





Related Post

Inquiry Form
Name
Course
Phone
Email id
Your message





Find Us on Facebook
©candidjava.com