To help you get access to the material during the current, global COVID-19 crisis, all courses are 15% off until:

30
Days
22
Hours
59
Minutes
54
Seconds

Learn Spring Security OAuth

The definitive guide to secure your application with OAuth2

Why Learn Spring Security?

The Java ecosystem is vast and quite mature, but when it comes to security, right now, in 2020, there's really no debate. If you're working on the security of your application, you're most likely using Spring Security. 

Simply put, the framework is able to handle everything you throw at it - from simple scenarios to highly complex, distributed security requirements. There are some OK alternatives, but nothing really comes close. 

Should I do OAuth?

There's a lot of confusion out there around what OAuth actually is.

So, before all the "deep-dives" into the advanced aspects of the standard - we're starting with the very basics, and we're building up a clear understanding of the protocol. 

It's critical to learn where OAuth fits well and is great solution, and in which scenarios you actually need to avoid it. 

And, once you know you're doing OAuth - you need to understand exactly how it works - to do it well. This is where this material gets interesting - the deep-dives.

After teaching more than 1900 students security through my "Learn Spring Security" course, 
I'm finally taking the OAuth material to the next level with this new, fully dedicated course!

The New OAuth2 Stack in Spring Security 5

About two years ago, the Spring Security core team did something unexpected - they announced they were going to do a full rewrite of the OAuth2 support in the framework. 

This was big news! 

It was also the very first time a core Spring project has made such a bold commitment towards a ground-up, major rewrite in the framework. 

The new OAuth2 stack is now moving fast with the Spring Security 5.2 release now out and with 5.3 on the horizon - and the new functionality is already significantly better than the old stack. 

That's what I'm focusing on in this new course, with the 3 classes below:

The Master Class

This is the full material - the comprehensive, start-to-finish path from just learning what OAuth is - to having a real-world, solid understanding of how to use it in practice. 

The 7 in-depth modules focus on the new OAuth2 stack in Spring Security 5 with Spring 5 and Boot 2, today, in 2020, not looking back at the XML days of Spring Security.

The Certification Class

This class is simple - it contains the full material from the Master Class, plus downloads, extensive exercises and multiple-choice questions - to help you get the most out of the material.

When you're done, you're going to get a "Certificate of Completion" for the course.

The Coaching Class

This is where we go beyond the course material, with a year-long group Coaching Program - where I'll take a small group of students through both the course but also their own specific implementations.

Past sessions and workshops are, of course, recorded and available.

Video, along with actual coding practice through a real-world project - is the best way to learn a complex framework like Spring Security 5

Practice by Coding

Each lesson in the course is either code-focused on a specific OAuth scenario, or theoretical, introducing you to the core concepts. Like all of my courses, the approach is "learn by doing" - or, more specifically, by coding. 

I've structured the material to show you how to secure very different types of applications, each with their own characteristics, where a specific flow that fits and others that don't. 

I'm Eugen, and I'll be your instructor through this course.

I've been using OAuth extensively in my own consulting practice for many years now. I've helped teams implement (most commonly re-implement) security in their systems over a ridiculous number of Spring versions. And I've been teaching security throughout most of that time.

The lessons here come out of that experience, with a simple goal - to get you super comfortable with OAuth2, Spring Security 5 and Spring Boot 2. 

To be clear - you can't get there by just watching videos - you'll need to code, along with me, through the material. The videos and the extensive exercises are your reference to come back to - whenever you need them.

This course, as I'm sure you're aware - is primarily focused on OAuth. 

Naturally, if you're doing OAuth in your own application, you'll get a lot out of the material here. 

But, if you're focusing on the full Spring Security 5 framework, beyond just OAuth, keep in mind this course is half of the full "Learn Spring Security" course

The Master Class

The canonical reference for securing a web application with Spring Security and OAuth2. 

The 6 modules cover everything from the basics of the OAuth2 flows to a full deep-dive into OpenID, JWT, Spring Boot support. 

And, most importantly, the material is focused on the entirely new OAuth2 stack the Spring Security team has been working on since late 2017 now. 

Simply put, every possible corner of an OAuth2 implementation with Spring Security 5. 

Due Date: January 2021

Normal Price: $247

Get access (COVID) for $210 →

1. Intro to OAuth2 and the OAuth2 Roles

4 VIDEO LESSONS 

  1. Intro to OAuth2 and the OAuth2 Roles (theory)
  2. Picking the Right OAuth Grant Type/Flow to Use (theory)
  3. The State of OAuth2 in Spring Security 5 (theory) (preview lesson)
  4. Setting up the Project

2. The Basics of OAuth2 (New Stack)

VIDEO LESSONS

  1. The Authorization Code Flow (theory) (preview lesson)
  2. The Authorization Server with Keycloak
  3. The New OAuth2 Client Support
  4. The New Resource Server Support
  5. Tokens, JWT and the New Stack

3. OAuth2 Beyond the Basics - The Resource Server (New Stack)

3 VIDEO LESSONS

  1. Basic Authorization with OAuth2
  2. Verify/Validate Claims from the JWT
  3. Accessing JWT Bearer Token Attributes

4. OAuth2 Beyond the Basics - The Client (New Stack)

3 VIDEO LESSONS

  1. New OAuth2 Social Login
  2. Refreshing a Token
  3. Testing OAuth2 Clients

5. OAuth2 Beyond the Basics - Deep-Dives (New Stack)

7 VIDEO LESSONS

  1. OAuth2 and SPAs (theory)
  2. OAuth2 and SPAs (implementation)
  3. Exploring JWS with OAuth2
  4. Testing OAuth2 with REST-assured
  5. OAuth2 and OpenID Connect
  6. The Client Credentials Flow
  7. The Legacy Stack Authorization Server

6. Microservices, Spring Security and OAuth2 (New Stack)

WORKSHOP

  1. OAuth Security Patterns in a Microservice Application
  2. Sharing Principal Information in Microservices

The Certification Class

This Class contains the same material as the Master Class, but goes beyond the core material with:

  • extensive exercises in each lesson to make sure the material stuck
  • Certificate of Completion (example)
  • the download ability for all video lessons - to help you learn offline

Of course, if you have any questions about the material, ping me directly here, on chat, or over email. 

Due Date: January 2021

Normal Price: $347

Get access (COVID) for $295 →

In the 9 years of running Baeldung, nothing like this pandemic ever happened. 

And, if making my courses more affordable for a while is going to help a company stay in business, or a developer land a job, make rent or be able to provide for their family - then it's well worth doing.

Effective immediately, all Baeldung courses are 15% off their normal prices!

Instance 1

Master Class

The canonical reference to doing OAuth2 properly with Spring Security

All 6 Modules

21 Video Lessons

-

-

-

-

Normal Price: $247

Get Access (COVID) → $210

Due Date: January 2021

Certification Class

This Class includes the Master Class material, exercises, downloads and the Certificate of Completion

All 6 Modules

21 Video Lessons

+ Exercises in Each Lesson

+ Full Downloads for All Videos

-

-

Normal Price: $347

Get Access (COVID) → $295

Due Date: January 2021

Coaching Class

This Class includes the Certification Class, 3 Workshops and 12 Group Coaching Calls

All 6 Modules

21 Video Lessons

+ Exercises in Each Lesson

+ Full Downloads for All Videos

All 3 Live Workshops (2+ hour events)

12 Group Coaching Calls

Normal Price: $547

Get Access (COVID) → $465

Due Date: January 2021

If you're looking to get both this course as well as Learn Spring Security Core,

Have a look at the full Learn Spring Security Course →

Do you have a team who would benefit from taking the course?

Here are our team licenses →

To help you get access to the material during the current, global COVID-19 crisis, all courses are 15% off until:

30
Days
22
Hours
59
Minutes
54
Seconds

30-Day Money Back Guarantee

I believe strongly in the quality of the course material to teach you the fundamentals of API design as well as the advanced tactics to take your API into production. I've put a lot of work and care into the material and hope you're going to use it and really make your REST APIs a lot better.

I confidently back all classes with a 30-Day Money Back Guarantee. I want you to dive in deep and experience the full wealth of this resource without hesitation.

 If the material isn't a good fit, just contact me within 30 days of purchase, and ask for a full refund for any single course package. 

The most common questions, answered -->

Support and Privacy

ACCOUNT LOGIN

PRIVACY POLICY

TERMS OF SERVICE

The Learn Spring Course

PRICING

MONEY BACK GUARANTEE

FAQ

Free Sample Lessons (Rest with Spring)

XML AND JSON SUPPORT IN SPRING API

TOKENS, OAUTH2 AND JWT IN A SPRING API

DOCUMENT THE API WITH SWAGGER

FUNDAMENTALS OF MONITORING WITH SPRING BOOT