Spring Security Tutorial | In depth Course
HTML-код
- Опубликовано: 22 май 2024
- Visit brilliant.org/DailyCodeBuffer/ to get started learning STEM for free, and the first 200 people will get 20% off their annual premium subscription.
Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements.
We will be implementing Complete Registration Flow with Email Verification, Resend Email Verification Code, Forgot Password, Change Password, and Login Functionality with OAuth 2.0 and Open Id Connect.
🗒 Project Source Code: github.com/shabbirdwd53/sprin...
Eugen Complete Registration Flow Tutorial:
www.baeldung.com/registration...
OAuth:
developer.okta.com/blog/2017/...
OAuth Playground:
www.oauth.com/playground/
📚Course Content📚
⌚ (00:00) Introduction & What we will Build
⌚ (03:47) Creating Project
⌚ (08:51) Building Registration
⌚ (12:57) Building API for Registration Functionality
⌚ (20:10) Sending Verification Email Event for Registration
⌚ (23:33) Listen to Registration Verification Event
⌚ (25:36) Saving Token in DB
⌚ (38:06) Testing Registration Flow
⌚ (39:29) Implementing Spring Security
⌚ (46:22) Building Verify Token API for Registration
⌚ (53:12) Building Resend Verification Email Functionality
⌚ (01:02:02) Building Reset Password
⌚ (01:10:08) Save Reset Password
⌚ (01:21:30) Building Change Password
⌚ (01:29:04) Understanding OAuth 2.0
⌚ (01:37:59) Walkthrough of OAuth 2,0 Flows
⌚ (01:42:59) Implementing Authorization Server
⌚ (01:52:59) Configuring OAuth Server
⌚ (02:04:00) Spring Security Config for OAuth Server
⌚ (02:11:02) Configuring OAuth Client
⌚ (02:14:37) Spring Security Config for OAuth Client
⌚ (02:22:01) Creating OAuth Resource Server
⌚ (02:23:44) Configuring OAuth Resource Server
⌚ (02:28:16) Configuring WebClient for Resource Server
🎟 Join this channel to get access to perks:
/ @dailycodebuffer
RECOMMENDED COURSES
🎬 Microservices using SpringBoot | Full Example - • Microservices using Sp...
🎬 Event-Driven Microservices with CQRS Design Pattern - • Implement CQRS Design ...
🎬 Implement SAGA Design Pattern using Spring boot and Axon Framework - • Implement SAGA Design ...
🎬 Spring Data JPA Tutorial | Full In-depth Course - • Spring Data JPA Tutori...
🎬 Deploy Springboot Microservices to Kubernetes Cluster - • Deploy Springboot Micr...
🎬 Automate Microservices deployment with Github Actions - • GitHub Actions Tutoria...
🎬 Go / Golang Full Course for Beginners - • Golang Tutorial for Be...
🎬 Node JS Full Course for Beginners: Learn in 2 Hours - • Node JS Full Course fo...
🎬 Express.js Tutorial - Beginner | 2021 - • Express.js Tutorial - ...
🎬 Redis CLI Tutorial | Complete Course - • Redis CLI Tutorial | C...
BE MY FRIEND:
👨💻. Website: www.dailycodebuffer.com/
👨🏫 Facebook: / dailycodebuffer
🐦 Twitter: / dailycodebuffer
📸 Instagram: / dailycodebuffer
🎮 GitHub: github.com/dailycodebuffer
MY FAVOURITE GEAR:
👨💻 My Macbook Air M1: amzn.to/3eFXlID
💻 ASUS ROG Zephyrus G14, 14": amzn.to/32xsXhf
💻 ASUS ROG Zephyrus G14, 14" (US): amzn.to/3xa6X6m
🎤 My Main Mic: amzn.to/3qDl0z0
🎤 My Main Mic (US): amzn.to/3awzUj7
🎙 My Secondary Mic: amzn.to/3sOZCJW
🖥 My LG Monitor: amzn.to/3zhLY3e
🖱 My Mouse: amzn.to/3eDpRKT
⌨️ My Keyboard: amzn.to/32xthMZ
RECOMMENDED BOOKS:
📙 Mastering Spring Boot 2.0 (Kindle): amzn.to/3HsOiHu
📙 Mastering Spring Boot 2.0 (US): amzn.to/3tHNUy5
📙 Building Microservices(Kindle): amzn.to/3gsA1jL
📙 Building Microservices(US): amzn.to/3dDnfNn
📙 Spring Boot in Action: amzn.to/32Nf3qW
📙 Spring Boot in Action (US): amzn.to/32DkeX9
📙 Spring Microservices in Action: amzn.to/3mQ4sCH
📙 Spring Microservices in Action(US): amzn.to/32G3Hl7
🎻 MUSIC:
🎵 Hear the Noise (Sting): ruclips.net/user/audiolibrary...
“Sound effects obtained from www.zapsplat.com“
#SpringSecurity #OAuth #OpenID #Security #DailyCodeBuffer - Наука
Visit brilliant.org/DailyCodeBuffer/ to get started learning STEM for free, and the first 200 people will get 20% off their annual premium subscription.
0
Again what theme are you using? Can you make video on User Role, User Group.
Nice video. One suggestion, it would be better if you spend the first 15 mins of the video on which functions you plan to create and why. This would help us have a bigger picture in mind. Thank you for your effort.
Thanks for suggestion
I will try to implement that way from now on
Keep Supporting
This is the best Spring Security Course about Authorization and Resource Server so far. Thanks bro, you made my day!
Thanks 🙏
Hope you enjoy the tutorial 😊
Great videos, great explanation, great topics. I would like to see more Reactive Spring with Kotlin and Postgres (or just reactive spring with java and postgres)! Keep up the good work!
Thanks 🙏
An extremely important topic explained in a very simplified manner!
Thanks 🙏🏻
Ohohohoho... another excellent hands on series, which is like all in one here... this really helps us a lot... and thanks for sharing those links... I know its not easy to make such long informative tutorial without getting side tracked anywhere.... appreciate your efforts and patience in making such good videos... thank you much :)
Thanks 🙏🙏
This is gold, great concepts explained in a simple way
Thanks 🙏
The most awaited one i guess... All functionalities in a single course.. Loved it ❤️
If you could continue this course and add List of Roles instead of single role it would be really helpful..
Will plan on it 🙏
I felt that your explanation of the topics is awesome, I have only one suggestion that instead you do one video with long hours can break into small and share as a series would be very nice.
Your videos are great and on point...it helped me learn spring boot very clearly without any doubts...thanks
Glad to hear that you got value from th tutorial 🙏🙏
Keep Supporting
@@DailyCodeBuffer please make a video on Quartz scheduler implementing calender also as it is not well explained anywhere on RUclips
Probably the best tutorial I saw on this topic
Thanks 🙏🏻
Firstly, I find your video is a bit tough but now I'm learning more with your concepts.... Thanks
Thanks 🙏🏻
I will try more to make it more understandable
@@DailyCodeBuffer Can u suggest me from where I learnt about Spring Scheduling CRON
Very helpful for beginners and intermediate spring developers... Exceptional content 👏👍
Thanks 🙏🏻
Great video as always, everything is free, this is amazing. Thank you
🙏🏻
Really heartly appreciated...mind blowing explanation...keep it up...god bless you for sharing knowledge with us.
🙏🏻❤️
best thing about his video is how he creates bookmark chapter for each concept
Awesome tutorial, Thank you
Hi! Thank you again for the one of the best channels on youtube, fast and clear! I have a question, what is the difference between this and the
OAuth 2.0 Implementation with Spring Security and Spring Boot | Full Example video? I am learning about jwt and security and had read about a config server with spring cloud for store secret keys for authorization, something like that. Do you have any video like that?
Man, you are doing a great work!! Pls make some more videos.
Thanks 🙏
The best tech channel 😍😍to learn programming languages and advanced concepts.
Thanks 🙏🏻
Learning spring security is really making me scratch head (sorry, I am just a newbie to spring😂) . And this tutorial really helps me a lot, many thanks !❤
Bro, I am watching this video at 1.5x.
Your helpful videos are the give away for us.Thanks and all the best 🙏👍
🙏🙏
Great Job Bro👍 A small request from my side could you please make introductory video on applicationEvents and listener i am new learner and it will help new learners like me🙏🙏
The best lessons for Spring boot auth, security.
Thanks 🙏
Great video as Always, Allah grant you great success a head, as you are sharing such a valuable content for free.
Thank you so much 🙏
Whole course is just amazing almost solve my every doubt about spring security thing
You are amazing @dailycodebuffer
Just a one request could you please make one video for explaining that Oauth2 thing we are confused where do we have to make changes in "Application.yml" file.
Hello , very informative video.
Need to know how to track multiple failed login attempts and how to block the user using spring security
Brilliant Brother....You make coding easy as pie....👍👍
Thanks Krunal 🙏🙏
The video was good but I just have one doubt. When the token is expiring you are deleting it from the database, so if someone wants to regenerate the token after expiration then he will not be able to generate as the generation of new token requires the availability of old token in the database. So, do we need to delete the token if it has expired ?
Is there any video or a part of a video that you explained why we use events etc. ?? I dont get it why we need events in confirming user email and generally why we need events?
1:01:11 You are creating new token. Then I think you should also update the expiration time as well. Please let me know right or wrong.
do u have a playlist for newbies or could u plz recommend a source cuz found my self just copy pastin'
Hi, can anyone tell me which is the advantage of using the application events for the send of the email rather than using a simple service method to do it when the user is registered? Thank you
Nice and Informative with Clear explanation Thanks.😊
Most welcome 😊
Hi! Amazing video! What could be happening if after login, with correct credentials, the login page is shown again? Thanks!!
Hello, can i have a question? So, in this course, did you used spring security with JWT?
Why do you add the dependencies to the submodules pom and not to the parents pom? Isn't this supposed to be the other way around?
Very wonderful video explanation. Although I would like to know one more aspect that how can we write Unit Tests for this code. Rather in generic how can we write Unit Tests for Spring based projects.
Very in details explaining for concept, Thanks Shabbir.
But I'm stuck at auth-server:9000/login page its giving whitelabel error page ?
Where did I go wrong?
Thank you Shabbir ❤❤ I hope you are Listen my request this video. Your teaching style is amazing 👏 😍 🙌
Thanks buddy 😊
is it possible to have client and auth server in the same project (jar -file )???
how do we add security client project as a module in spring security tutorial project? I'm using eclipse IDE.
Time 1:50:00 you added transactional in the CustomUserDetailsService, is there any reason for that??
Please tell me why we create service interface and it's implementation seprate , what is its benefit??
Nice Tutorials❤Best Channel 👍
Thanks 🙏🏻
I just start watching this hope it will be another great video 🙂🙃
Please make a video series on angular + springboot+ microservices + security + MySQL etc. like a Realtime example of full stack application end to end .
Will plan something
@@DailyCodeBuffer Thanks it will be great
He is not robot
How would you get hold of old token in case the email is not received to regenerate token?
Hii broo I have one doubt, like how the role data have to give static, means when we are storing the data into database can we give the role
Which theme are you using? Is it Community Edition or Premium?
Weeknd stuff 🔥🙏🏻🙏🏻🥳
🙏🙏
Awesome Guy!
Please explain with the project react .Previous movie
Can you make a part how to configure and prevention of CSRF attacks in Spring web application. ( I am not talking about spring boot )
Hello! I really like the way you teach us how to do complex things easily. Really like your videos. Please, can you tell me which IntelliJ theme you're using? It looks very cool! Thanks!
Thank you so much 😊
I am using Xcode dark theme
@@DailyCodeBuffer thanks again.
Lets get started
hi, how can i redirect to a html page, where i can show user information instead of showing json. Can any one help ? I am working with separate frontend and backend. Thank you.
Very useful and very informative
Glad it was helpful!
thank you, your tutorial is helpful
🙏🙏
Amazing video. 👌
Thanks
Well done!!
Thanks 🙏🏻
Unknown provider ID 'spring' not sure why i am getting this issue
very useful and very informative
Glad to hear that
Could please do a plsylist on creating e commerce application using
1.spring boot microservices
2. Mongodb
3. Rabbitmq
4. Jwt auth
5. Api gsteway
6. Circuit breaker
7. Elk stack
8. Redis cache
With microservices user(admin, inventory, nrml customer )
Cart
Wishlist
Payment
Subscription (like amazon prime, Flipkart plus)
Please try to do it. It will help us a lot.
From your previous video we learn all individualy.
Please do this project. It helps us how to know how things work togethe
At 41:00 why we are disabling the cors and csrf. Can anyone tell me the exact purpose of this two functions.
lot of depricated API 's , methods , classes are there security is updated a lot in spring 6 pls do an updated tutorial .
yes
Please help me!
My code cannot redirect after authorization successfully, thems still login rollback.
Great tutorial!!!. Any videos regarding Vaadin and Springboot framework in future?
Will plan on it
In this project, How can we register the user after applying auth2 security.
Try to reimport your maven project right hand side and verify it has the right dependencies. You shouldn’t need to invalidate cache.
Thanks for the tip. I will do that from now
Hi , do you have vídeos of Spring webflux?
A nice masterpiece . Which of your videos did you implement email with springboot ?
@33:43 MINUTES , You said you have created a video for sending email. which of your videos please ?
Top notch 👌🙏
Thanks 🙏
Bro. Can you do a cloning project using spring-boots ?
Wow😊😊😊😊 Thanks Alot.
Do you have a video on Testing in springboot ?
I really enjoy how you teach spring🥺
Thanks 🙏
Spring boot tutorial covers the Testing as well
Yea..I mean writing unit testing and integration testing in springboot
Yes that. Please checkout that tutorial. If you think that any other topics needed, I will plan a video on that
Great 👌
Thanks
Thanks.
Hope you enjoy the tutorial 🙏
Hi The video was amazing . Just a small thought when we are resending verification token we should also update the time in verification token table . Seems like as per current implenentation the expiration time is not getting updated in database along with new token . Please share your thoughts if i am wrong
because he was setting the expiration time from entity and not updating VerificationToken entity expiration time before saving to db
Thanks!
🙏🏻🙏🏻
Thank you so much
Thanks 🙏
We want next video Spring MVC crash course. I hope you make video this topic
Tq so much bro...
🙏🙏
It's a very useful video. I tried to implement it to the end according to the tutorial. However, when I log in as a valid user, the "Content required" page does not appear. WhiteErrorPage (Bad Request / 400 error) is displayed.
What could be the cause?
same error for me too if you find the solution can you share it please
Hey 👋
I just wanted to ask you one thing, why we are using two different classes for model and entity, why they can’t be same?
Why we can’t use entity as modal(POJO), since we are having duplicate code.
i think model is same as dto.if u dont want to expose all the db column to client then u use model or dto
Great. I have really learn a lot from your video. On this one, you said we can resend token even if token was not gotten but resending token requires old token. Is there anything I’m missing?
Thank you so much if I had said so then I missspoke. sorry for that. But yeah once we get the tokrn then only will be able to send it.
Microservices video helped me a lot. Thanks for your efforts. 1 Question - Can I use this spring security code in my Login service in microservices? Please suggest me. waiting for your reply
Yes
Could you add JWT option ?
Hi Shabbir. Thanks for this detailed tutorial on Spring Security, easy to understand. However I am facing issue while building client app.
Error LogCaused by: java.lang.IllegalStateException: Unknown provider ID 'spring'
Is there any configuration I have missed to add. Kindly assist on this. TIA.
hey Soumen I am facing same issue.Did you find solution?
Greate video!
Thanks 🙏🏻
Bro in now they are saying there are lot of changes done in spring security is it older or new one is it ok for me to learn this
Suggest me bro
Hey, May I know which theme u have used in intellij idea?? Thanks 😀
Xcode Dark
@@DailyCodeBuffer Thank you.
Can we use @Bean inside @Service as PasswordEncoder is defined in CustomUserDetailService Class?
Btw Thank you for your efforts.
Also at 2:10:19 will bindAuthenticationProvider be @Autowired or @Bean?
I have given only one URL in whitelist but its permits all the end points.
I have cloned your code as well but its stil the same.
Can you please confirm what are the changes required
I am also facing th same issue, whitelisting doesn't works
This video is good but I have not understood anything. What is the difference between the model and the entity? Because I tried implementing things as you have done in the video but my code kept on pointing back to the entity class and not the model class
that's an approach called dto i think
Besides it'a an awesome tutorial (You really have a talent for this) - how did You customize Intellij like that? Is that kind of a theme or plugin?
Thanks 🙏
That is xcode dark theme and Atom icons packs
@@DailyCodeBuffer thanks :) Can I ask You one more question: how do You learn such concepts? You go through the documentation? Read books? How long does it take You to be comfortable with the topic? I ask because You have deep understanding of the matter and is very intriguing :)
I go through the documentation and sample examples provided by the library or framework
Thats gives a little better understanding of how to use the framework and library
Then I build a small project from it
And i don’t try to learn everything at s time. Whatever is needed I learn that only
Thank you so much and I am no expert in any matter ☺️
@@DailyCodeBuffer thanks for respond :) You are inspirng (at least for me) what makes You kinda expert :D
I love Your Setup..
u r using Intellij ?? & theme & icon theme..
Thanks
yo can you make file upload in springboot?
Thx bro
🙏🏻
you created another project as parent and added the two projects but you didn't said it in the video
Superb video. Can you make video with react app login and session management.
Yes, Planning on that
When the verification token expires, how would you handle the unverified user entry, in the database? In case that person wants to register with those same details.
Great video by the way
I think we can always check if that user already exists in the database before creating the user. If the user exists but the registration has not been verified then we can just resend a verification token to complete the pending registration instead of re-registration.
@@kareendawn4991 if the vertificationToken is expired then how are we going to get the user details, as he is deleting the token from the DB. I think the token shouldn't be deleted instead there should just be some service logic which just checks if the token is expired or not.
please tell me what theme u used in IJIdea?
Using Xcode Dark theme
Thanks sir