Spring I/O


Andreas Falk

Hands-on securing applications with Spring Security 5.0 [Workshop]

Andreas Falk - NovaTec Consulting GmbH

With security breaches being published almost every day pushing secure applications to the cloud is getting more and more important. To achieve this, applications can use the new Spring Security 5.0 version.

In Spring Security 5.0 authentication using OAuth2/OpenId Connect has been reworked and support for reactive stack has been introduced to make it even more convenient for developers to secure their modern microservice applications.

In this workshop attendees will start with a simple unsecured reactive spring application and will add more and more security to it step-by-step using Spring Security 5.0 and Spring Boot 2.0.

In this workshop we will cover the following features:

- Baseline security with auto-configuration offered by Spring Boot 2.0
- Customized security (with auto-configuration of Spring Boot 2.0 backing off completely)
- Reactive security support
- Securing actuator endpoints
- Authorization on different layers including automated testing
- Authentication with OAuth2/OpenID Connect

Prerequisites: Prerequisites: Git, JDK 8 or 9 and use your favorite Java IDE
- Repo to clone: https://github.com/andifalk/spring-security-5-workshop