English French German Italian Portuguese Russian Spanish

logo_old

  • Java Training

    javaInterSource offers live instructor-led courses on all important Java-related technologies, including Apache Struts, Enterprise Java Beans (EJB), J2SE Desktop Java Enterprise Edition (Java EE), Java Fundamentals, Java Web Services, JavaServer Faces, JBoss, Java Server Pages (JSP), and Spring.

    Please refer to our detailed course outlines below.

  • About Java

    Java is a programming language originally developed by James Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities. Java applications are typically compiled to bytecode (class file) that can run on any Java Virtual Machine (JVM) regardless of computer architecture

    Java is general-purpose, concurrent, class-based, and object-oriented, and is specifically designed to have as few implementation dependencies as possible. It is intended to let application developers "write once, run anywhere". Java is considered by many as one of the most influential programming languages of the 20th century, and widely used from application software to web application.

    Read More

  • Course Details Java

    Classes are offered at client sites, at our Geneva training center, and via a live web conference. For detailed course outlines and scheduled classes, please see below.

    To book training, navigate to the course you need, then:

    • For scheduled online classes, register from the choices indicated.
    • If you need an alternative date, time or location, or if you want a live classroom course, click on “request an offer for this course,” to complete the form.

Spring Security Training

 PDF PrintEmail

Course duration

  • 2 Days

Course Outline

This fast-paced course introduces the Java web developer to the Spring Security framework. The first half of the course gives an overview and quickly moves into practical exercises in basic usage: XML configuration for authentication and URL-based authorization. Then we start to dig into Spring Security as a Java model, and develop advanced techniques including custom user realms, custom authorization constraints, method-based authorization, and instance-based authorization.

By the end of the course students will be able to use Spring security to implement authentication and role-based authorization policies for their own Java web applications (whether or not those applications use Spring themselves), and customize the behavior of Spring Security to their requirements.

  • Configure Spring Security for HTTP BASIC authentication.
  • Implement form-based authentication.
  • Configure other authentication features including remember-me, anonymous users, and logout.
  • Apply authorization constraints to URLs and URL patterns.
  • Bind authorization roles to user accounts in relational databases.
  • Plug application-specific user realms into Spring Security by implementing UserDetailsService.
  • Implement application-specific authorization constraints as AccessDecisionVoters.
  • Fix authorization constraints over individual methods of service beans, in lieu of URL authorization or in tandem with it.
  • Java programming:
  • Basic knowledge of XML:
  • Some servlets and/or JSP experience will be beneficial for purposes of understanding the impact of each security feature that we configure. There is no web-application coding involved in the course.
  • Experience with the Spring framework is strongly recommended
  1. The Spring Framework
    1. Overview of Spring
    2. The Core Module
    3. Inversion of Control
    4. XML and Java Views of the Container
    5. Configuring JavaBeans
    6. Dependency Injection
    7. Web Application Contexts
  2. Spring Security
    1. Acquiring and Integrating Spring Security
    2. Relationship to Spring
    3. Relationship to Java EE Standards
    4. Basic Configuration
    5. How It Works
    6. Integration: LDAP, CAS, X.509, OpeID, etc.
    7. Integration: JAAS
  3. Authentication
    1. The <http> Configuration
    2. The <intercept-url> Constraint
    3. The <form-login> Configuration
    4. Login Form Design
    5. "Remember Me"
    6. Anonymous "Authentication"
    7. Logout
    8. The JDBC Authentication Provider
    9. The Authentication/Authorization Schema
    10. Using Hashed Passwords
    11. Channel Security
    12. Session Management
  4. URL Authorization
    1. URL Authorization
    2. Programmatic Authorization: Servlets
    3. Programmatic Authorization: Spring Security
    4. Role-Based Presentation
    5. The Spring Security Tag Library
  5. Under the Hood: Authentication
    1. The Spring Security API
    2. The Filter Chain
    3. Authentication Manager and Providers
    4. The Security Context
    5. Plug-In Points
    6. Implementing UserDetailsService
    7. Connecting User Details to the Domain Model
  6. Under the Hood: Authorization
    1. Authorization
    2. FilterSecurityInterceptor and Friends
    3. The AccessDecisionManager
    4. Voting
    5. Configuration Attributes
    6. Access-Decision Strategies
    7. Implementing AccessDecisionVoter
    8. The Role Prefix
  7. Method and Instance Authorization
    1. Method Authorization
    2. Using Spring AOP
    3. XML vs. Annotations
    4. Domain-Object Authorization
    5. The ACL Schema
    6. Interface Model
    7. ACL-Based Presentation

InterSource Geneva, a premier Information Technology training firm, offers over 400 different courses on server, database and programming technologies, as well as end-user classes for the most popular office, graphics and design applications. We serve clients in Switzerland (Geneva, Lausanne, Bern, Basel, Zurich) and throughout Europe (France, Germany, Austria, Finland, Sweden, England, Netherlands, Spain, etc.).


InterSource offers custom, private courses at client sites, standard public courses in our Geneva classroom, and online training via live Web conference. Training is offered in English and many other languages (Francais, Deutsch, Espanol, Italiano.)


For an overall view of our offerings, please visit us at www.intersource.ch.