All Courses are 25% of till 26th May, 2025

Days
Hours
Minutes
Seconds

Learn Spring Security Core

The definitive video guide to secure your Java application

Why Spring Security?

Robust security for web applications is and has always been a must. But the security landscape has been changing rapidly over the last few years, with REST APIs becoming mainstream, the adoption of OAuth2, single-page apps (SPAs), two-factor authentication (2FA) and so many other security requirements.

Spring Security has been the standard in most Java implementations for years, of course. And with the launch of 6.0, it’s been continuously evolving.

That meant full Java configuration with lambdas, native Boot integration, complex authorization support, reactive security implementation, and support for pretty much any security mechanism you need.

Now, in 2025, there’s still no debate. Spring Security is THE framework to properly and maturely handle a modern security implementation if you’re working in Java.

I’ve created the Course to be THE reference Spring Security education if you’re working with Java today

The course is amazing. I’m not really a junior regarding the Spring framework.

I decided to go through all your materials, even the ones focused on beginners, though I’m not a beginner myself.

I try to apply what I’ve learned in live projects that I’m working on and improve my coding skills by using your course. The only problem that I have is time, but step by step I’m going through all your materials. Sometimes I only go through the lesson I need at that moment.

I recommend your course to anyone who might need it – my colleagues, friends, and fellow students. You did a great job with this course. Thank you for that!

– Alexandru-Bogdan Galusca, Software Engineer at Miracle A/S

 

This course, as I’m sure you’re aware – is primarily focused on the core of Spring Security If your core focus is OAuth, then definitely have a look at the “Learn Spring Security OAuth” course.

The canonical reference for securing a Spring application.

The 14 modules, with over 8 hours of video material, cover everything from the basics of Spring Security in both an MVC application and a REST API, to advanced deep-dives into fully working security implementations.

We’ll do a complete ACL implementation for applications that simply need to go beyond roles and privileges, we’ll tackle 2FA for extra security and we’ll focus on Multi-Tenancy, LDAP, Single Sign On and a wide variety of other scenarios.

This is everything I wish I had access to when I secured my first application with Spring Security.

This Course contains:

Of course, if you have any questions about the material, ping me directly here, on chat, or over email.

~26 Hours

lssc-course-page-master-white.png

Original Price $127

1. Secure a Simple Spring MVC Application

7 LESSONS (6 Video + 1 Text) ~ 3 HOURS

  1. Intro to Spring Security
  2. A Basic Security Java Config
  3. URL Authorization (Preview lesson)
  4. Building a Login Form
  5. Implementing Logout
  6. Anonymous “Authentication”
  7. Overview of Spring Security Objects (text)

2. A Full Registration Flow

6 LESSONS (Video) ~ 2.5 HOURS

  1. A Simple Registration Flow 
  2. Authentication using Real Users 
  3. Activate a New Account via Email 
  4. Deal with “I forgot my password” 
  5. Doing Security Questions Right 
  6. Ensure Password Strength during Registration (2 parts)

3. Remember Me

3 LESSONS (Video) ~ 1 HOUR

  1. A Simple Remember Me Flow (Preview lesson)
  2. Remember Me with Cookie
  3. Remember Me with Persistence (Preview lesson)

4. Spring Security on the Client

4 LESSONS (Video) ~ 1.5 HOURS

  1. Spring Security with JSP
  2. The Authentication Tag and Displaying the Current User 
  3. Spring Security with Thymeleaf 
  4. The Authorize Tag

5. Spring Security Expressions

4 LESSONS (Video) ~ 1.5 HOURS

  1. By URL Authorization with Expressions 
  2. On-method Authorization with Expressions 
  3. In-page URL Authorization with Expressions 
  4. Programmatic Expressions and a custom PermissionEvaluator

6. Password Storage

5 LESSONS (Video) ~ 2 HOURS

  1. Introduction to Storing Passwords 
  2. Hashing Passwords (MD5 and SHA-256) 
  3. Why Hashing Isn’t Enough – Using Salts 
  4. Key Stretching 
  5. The bcrypt Solution

7. Spring Security Advanced Configuration

4 LESSONS (Video) ~ 2 HOURS

  1. Breaking Down the Authentication Flow 
  2. Run As a Different User 
  3. The Security Context 
  4. Configure the Filter Chain

8. Advanced Authentication

5 LESSONS (4 Video + 1 Text) ~ 2.5 HOURS

  1. A Custom Authentication Provider (Preview lesson)
  2. Multiple Providers and the Authentication Manager
  3. In-Memory, JDBC and Hibernate/JPA User Storage
  4. Tracking Logged-in Users
  5.  Setting up Users at Startup (text)

9. Advanced Authorization

4 LESSONS (Video) ~ 2.5 HOURS

  1. How Authorization Works
  2. The Topology of Roles and Privileges (2 parts)
  3. Secure Method Invocations with AOP
  4. Defining Custom Access-Control Logic

10. Basic REST API Security

3 LESSONS (Video) ~ 1 HOUR

  1. The Basics of API Security 
  2. Basic Authentication for the API 
  3. Certificates and HTTPS for Tomcat

11. ACL with Spring Security

3 LESSONS (Video) ~ 2 HOURS

  1. Introduction to ACL and Domain Object Security 
  2. The Data Structure of ACL
  3. ACL with Spring Security (2 parts)

12. Two-Factor Authentication

2 LESSONS (Video) ~ 1 HOUR

  1. A Simple Two-Factor Implementation with a Soft Token (Preview lesson)
  2. A Two-Factor Implementation with SMS

13. Advanced Spring Security Scenarios

4 LESSONS (Video) ~ 2 HOURS

  1. Spring Security for a non-Spring Application 
  2. Multi-Tenancy with Spring Security 
  3. Session Management with spring-session 
  4. Spring Security with LDAP 

14. Reactive Security

3 LESSONS (2 Video + 1 Text) ~ 1 HOUR

  1. A Basic Reactive Security Example 
  2. Reactive Method Security
  3. WebFlux Form Login (text)

Learn Spring Security Core​


The canonical reference to secure a web application, exercises, downloads and the Certificate of Completion
  • 14 Modules
  • 61 Video Lessons
  • + Exercises in Each Lesson
  • + Full Downloads for All Videos
  • + Certificate of Completion
  • Original Price $127

Baeldung - All Access


Get started with Spring and get from the fundamentals to API mastery
  • 41 Modules (All Courses)
  • 206 Lessons (All Courses)
  • + Exercises in Each Lesson
  • + Full Downloads for All Videos
  • + Certificates of Completion
  • + Free IntelliJ IDEA Ultimate License
  • + Pro Access

Do you have a team who would benefit from taking the course?

rws-course-page-img-guarantee.png

20-Day Money Back Guarantee

I believe strongly in the quality of the course material to teach you the fundamentals of coding in Spring. I’ve put a lot of work and care into these lessons and hope you’re going to use it fully and up your Spring game.

I confidently back all courses with a 20-Day Money Back Guarantee. I want you to dive in deep and experience the full wealth of this resource without hesitation.

If the material isn’t a good fit, just contact me within 20 days of purchase, and ask for a full refund for any single course package.

Eugen is a very knowledgeable teacher and communicates his material in a clear and concise manner. I am self-taught in Spring and a semi-ok to good Java developer but found the barrier to entry to learn Spring too high.

I’ve saved myself hundreds of hours of research and learning effort by taking his courses. The material is easy to follow and broken up into appropriate lengths allowing for timely progress. The course also can be used as reference material on the subject matter allowing you to quickly jump in and explore a given topic. The courses are worth every cent!

– Thomas Sødring, Associate Professor at Oslo and Akershus University College of Applied Sciences

 

The lessons are practical and easy to follow and the structure of the course allows you to watch the videos in one go, or pick individual topics any time you want. Some previous experience with Spring is needed but I think that’s to be expected from an advanced course..
Alexander Fridlund
Consultant and owner Visegue Solutions AB
I got a lot out of the course, especially the registration with email validation, two factor authentication and how to use the framework interfaces. I was actually able to apply the knowledge in a project for my client, so I’d definitely recommend the course to anyone wanting to learn about Spring Security.
Li Zhang
Senior Software Engineer at Grant Thornton LLP
I have several years of experience with Java and REST, and I am now working on a project that makes heavy use of Spring and OAuth2. Because initially I was not involved in it, a lot of Spring aspects have been hard work for me. This course has given me a better knowledge of Spring and showed really good examples of how to test.
John Reah
Head of Software Engineering at HTK
The great combination of theory and practice turned this video course into a real workshop. With all the practical knowledge and live examples, I’ve not only learned a lot but also systematized my Spring knowledge.
Maciej Scislowski
Senior Java Consultant
I went through the course step by step and I’ve been using it in many ways ever since. I like the combination of theory and real-life implementation - that helped me solve many practical problems in my daily work.
Bernd Fischer
CTO at MindApproach GmbH
The course is very practical and shows how things can be done in production-grade code. The fact that the lessons are video-based with transcripts and code projects for each step makes the course very accessible. It requires literally only a few minutes between buying the course and following the first lessons.
Bavo De Ridder
IT Solution Architect at VDAB
Thanks for putting this together. I greatly appreciate the great lesson's pace - they're not dry or boring. The content is well worth it - industry-standard stuff, and used throughout enterprises and start-ups alike. It'd be hard to gather this much information and detail even after years of experience
Rob Anhart
Senior Professional Services Engineer at Netskope
I knew what authentication and authorization were and the basic methodologies for implementing them in an application. What I seriously lacked was the knowledge of what was going on behind the scenes. The videos really helped me understand what is happening under the hood and truly customize Spring Security to fit my needs.
Timothy Schmiandle
Engineering Team Lead at Finicity
The implementation of best security practice for production grade apps is a real minefield. This course has been an invaluable resource in helping us with our web application security. There are dozens of toy Spring Security examples on the web, but we really needed one which showed us what a production grade implementation looks like.
Leon Roy
CEO at Brring