Horas:
Financiación:
Destinatarios:
Prazas
Datas, Horarios e Sesións
Data Inicio
Data Peche
Tipos Formación
Datas e horarios
Número Webinars
Enlace ao curso
Necesidades, prerrequisitos e inf. xeral
Necesidades a cubrir
Prerrequisitos
Carácter
Medios necesarios
Datos persoal Formador e Titor
Persoal formador
Empresa contratada
Titor
Descrición
This course will deal with the security layer of an application and the different ways that Spring Security guarantees the authentication and authorisation of a user and the access to the different media of the application.
Competencias a desenvolver
Students will be introduced to the security control of an application, learning the concepts and flow of the process, both authentication and authorisation for the use of different resources. They will also learn about different methods for the authentication and approval of a user and the CORS and CSRF mechanisms used by browsers to obtain permission to access/use a resource.
Metodoloxía
The course will consist of a theoretical part interspersed with practical exercises, which will be proposed to the student so that they can solve them before doing them together. In this way, the student will be able to consolidate the theoretical concepts seen in each chapter.
Temario
1. Introduction to Spring Security, concepts and flow
- Authentication
- Authorisation
- Roles
2. Using provided implementations
- Memory Authentication
- JDBC Authentication
3. Security Configuration
- Configuration using JAVA objects
- Annotations, roles and permissions
4. Security implementation using JWT
- Security of a REST API using JWT and Refresh Token
5. Implementing security against an LDAP
6. CORS and CSRF
- What are CORS and CSRF? And how they help us to provide more security
- Configuring CORS and CSRF
