Spring Security

Hello. I am knowledge sharer Jeong Su-won. ^^

I would like to share with you, my students who love my lectures and have supported me, news about a new course that is about to open soon.

The course that will open this time is

Java Concurrency Programming
(Subtitle: Reactive Programming Part.1)

no see.

Concurrency programming in Java is one of the most difficult, complex, and high-barrier areas of Java technology.

However, in modern software development, the areas of multi-threading and concurrent development are becoming increasingly important as the scale of systems grows and technologies advance.

So, for backend developers, concurrent programming is a mountain they must overcome and a necessary gateway to take their capabilities to the next level.

This lecture is the first in a series of lectures included in the upcoming reactive programming roadmap, and will serve as a foundation for building the essential fundamentals and fundamentals for a deep and accurate understanding of asynchronous non-blocking concepts such as Spring's WebFlux.

I hope that this Java concurrent programming lecture will be a good guide for you into the world of concurrent programming.

Open and lecture information is as follows:

- Lecture opening date: Expected to be around November 21st ~ 28th
- Course name : Java Concurrency Programming - Reactive Programming Part.1
- Number of lectures : Approximately 80 lectures
- Lecture materials PPT: Approximately 420 pages

This lecture will cover the following topics:

Section 1. Operating System Basics
Learn the fundamentals of operating systems, multitasking, and the differences between processes and threads.
You will also learn the basics of concurrent programming and the fundamental principles of scheduling through core operating system concepts such as Parallel & Concurrent, Context Switch, CPU Bound & I/O Bound, User Mode & Kernel Mode, etc.

Section 2. Java Thread Fundamentals - Thread Creation and Execution Structure
Learn in detail how to create, run, and terminate threads in Java. Simulate the life cycle of a thread by state and learn step-by-step what characteristics and execution flow each state has.

Section 3. Java Thread Fundamentals - Basic Thread API
Explains in-depth concepts and structure of Java's thread-related APIs.
You will learn in depth about concepts that you must know for implementing multi-threading, such as sleep, join, interrupt, and priority, as well as the structure and flow of connections between the JVM and OS through native method execution.

Section 4. Java Thread Fundamentals - Using Threads
Learn how to use threads effectively in real-world projects.
We cover topics such as interruption and recovery, and learn about thread groups, thread locals, and thread exception handling.

Section 5. Synchronization Fundamentals - Synchronization Concepts
Learn in depth the fundamental concepts of synchronization and its importance in a multithreading environment.
Learn in depth the basic concepts needed to understand synchronization techniques, such as synchronization and its relationship with the CPU, critical sequence, and safe thread configuration.

Section 6. Synchronization Fundamentals - Synchronization Techniques
We cover in depth the various techniques of synchronization and how to apply them.
Learn about the concepts of locks such as mutexes, semaphores, monitors, and spin locks, which are synchronization techniques, and strategies for protecting data and maintaining consistency using synchronization.

Section 7. Java Synchronization
Learn in depth the synchronization mechanisms provided by Java.
Covers various synchronization mechanisms provided by Java, including the concept of synchronized, condition variables, volatile, deadlock, etc.

Section 8. Java Locks
Learn about Java's Lock interface and various types of classes, and learn how to use Lock and solve synchronization problems using Lock.
In particular, we will look at the characteristics, pros and cons of write locks and read locks, and learn how to use conditional variables of locks and the correct usage method through practical examples.

Section 9. Java Synchronization Tool
Learn about the various synchronization tools provided by Java.
Learn practical application methods using tools such as Atomic Variables, Atomic * FieldUpdater, Countdown Latch, and Cyclic Barrier.

. Section 10. Java Concurrency Framework
Understand the concepts and features of the Executor, ExecutorService, and Executors classes provided by Java, and learn how to efficiently manage and optimize multithreaded applications using thread pools.
It also provides practical knowledge on how to process and manage the results of asynchronous operations through the Future interface.
By applying these concepts through real-world examples and exercises, you will be able to solve complex concurrency problems and develop responsive, high-performance Java applications.

Section 11. ThreadPoolExecutor
Learn in detail about the principles and usage of ThreadPoolExecutor.
This section covers how to create, manage, and optimize thread pools, and learn how to use thread pools to efficiently manage resources and exception handling, as well as the overall architecture and flow chart.

Section 12: CompletableFuture
This article delves deeper into CompletableFuture, an asynchronous programming feature in Java.
This powerful class, introduced in Java 8, will teach you the fundamental concepts of asynchronous programming, and how to structure and manage real-world workflows.
Each session details different methods and use cases for CompletableFuture, and you'll learn practical techniques for exception handling, result composition, and asynchronous task chaining.

Hello^^

Spring Security OAuth2 (Spring Security OAuth2 developed based on Spring Boot)

The course is finally open

It's a bit later than expected, but I'm more than happy with the news of the opening^^

To celebrate the opening, I am offering a 30% discount on all of my lectures, including new lectures, so please take them at a discounted price.

This Spring Security OAuth2 tutorial covers the technology of OAuth 2.0, which is designated as an Internet standard.

After completing this course, you will be able to focus on not only the basic technologies of OAuth 2.0 , but also the ability to implement more extended functions by utilizing OAuth 2.0 technology.

I sincerely hope that this course will be helpful to all students who are interested in developing applications using OAuth 2.0 technology or who are working on projects in the field.

thank you

Hello. ^^

Spring Security OAuth2 lecture is coming soon.

This can be said to be the second lecture following the first lecture on Spring Security.

Although there are common denominators, the topics are clearly different and require prior knowledge from Lecture 1.

I feel this every time I make a lecture, but this lecture also seems to have taken more time and energy than I had originally planned. It's been almost a year since it was released to the world~~
I hope that this lecture, which we prepared diligently for, will bear good fruit for all students.

The opening date is expected to be around October 14th to 16th.

- Course name: Spring Security OAuth2
- Number of lectures: Approximately 110 lectures
- Lecture material PPT: 420 pages

This lecture will cover the following topics:

1. Understanding Spring Security OAuth2 Core

Based on the OAuth2.0 standard technology and Spring Security OAuth2's core concepts, the lecture will focus on the three axes of OAuth2 Client, Resource Server, and Authorization Server.

1) OAuth 2.0 Authorization Framework
We will look at the overall concepts, principles, and structure of the OAuth 2.0 authorization framework, which is an RFC standard technology.
Before learning the full-fledged technology of Spring Security OAuth2, you should first understand the basics and fundamental theories of the standard technology of OAuth 2.0 and become familiar with the exact concepts through practice so that you can follow the contents of Spring Security OAuth2 without difficulty.

2) OAuth2 Client
As a client module of OAuth 2.0, we will introduce various types of authorization grant types and request APIs that can be used by clients to connect to authorization servers, and learn how to implement access control to resource servers using tokens issued from authorization servers.
We also introduce how to implement social login functionality through integration with OAuth 2.0 Authorization Server service providers such as Google, Facebook, GitHub, Naver, and Kakao.
We will also introduce OpenID Connect, an authentication protocol, and understand the flow and various options for authentication processing.

3) OAuth2 Resource Server
It acts as an API server, protecting the user's resources.
Learn how a resource server protects resources, how to validate tokens for requests that include Access Tokens, and the flow that controls the authorization chain.

Let's look at how to extract the Scope when the Access Token issued by the OAuth2 service provider is a token generated in JWT format, and learn how the resource server analyzes the Scope included in the Access Token to determine whether or not it is authorized.

4) OAuth2 Authorization Server
There are a variety of Authorization Server commercial products and services on the market, including open source.
For this reason, the Spring Security development team discontinued the Authorization Server framework project, but due to numerous requests from developers, the Authorization Server project was reborn with a completely new design.
This course was created based on the Authorization Server project that was reborn with a new architecture, and we will look at the details of the function as an authorization server through linkage with OAuth2 Client and Resource Server, and learn how to build and service an authorization server on your own. The focus is on equipping you with knowledge.

Learn about the main classes that handle Authorization Server functionality and how you can customize them.
We will also look at the specifications for the OAuth 2.0 standard endpoints and learn about the structure and processing of filters set for each endpoint.

2. Learning Curriculum

Spring Security Fundamentals
We'll look at the core fundamentals of Spring Security.
We will learn more about the initialization process and its principles, and cover elements such as HttpBasic, Cors, etc.

OAuth 2.0 Authorization Framework
Learn about the detailed specifications for the OAuth 2.0 standard technology.
First, understand the various terms expressed in OAuth 2.0, organize the concept of the types of authorization flow, and understand the overall flow of the authorization framework by utilizing the keycloak open source.

OAuth 2.0 Client - oauth2Login()
We will learn how to automate the functions of the client app and how to connect to the authorization server using the Authorization Code method, which is a type of authorization flow, and examine the entire process from user approval and approval to receiving an Access Token and then authentication/authorization processing. You will learn about structure.

OAuth 2.0 Client - oauth2Client()
In addition to Authorization Code, which is the type of authorization flow provided by the oauth2Login() API, we will look at how to connect to the authorization server with the Resource Owner Password and Client Credentials types, and learn how to use DefaultOAuth2AuthorizedClientManager and @RegisteredOAuth2AuthorizedClient to understand the client authorization flow through this. do.

OAuth 2.0 Client - OAuth 2.0 Social Login
There are OAuth2 service providers such as Google, Facebook, GitHub, Naver, and Kakao. We will look at the login authentication method using Google, Naver, and KeyCloak, as well as the implementation method for follow-up processing after authentication.

OAuth 2.0 Resource Server API - jwt()
We will look at how to configure a resource server and the functionality of JwtDecoder to handle Access Token requests, and learn the structure and usage of authentication-related objects created after successful token verification.
We will also look at the MAC & RSA algorithms used to verify the validity of the Access Token and the processing procedures used to verify it.

OAuth 2.0 Resource Server - Implementing Resource Server Authorization
Learn how to handle Access Token requests with filters and convert Scope extracted by JwtDecoder into permissions and control access to resources with the converted permissions.

OAuth 2.0 Resource Server - opaque()
Learn how to use the remote token validation process to directly communicate with the authorization server to determine whether an Access Token is active.

Spring Authorization Server - Main Domain Classes
You will learn about the types, concepts, and roles of the main domain classes that make up the authorization server, and how these classes can be referenced and utilized in Spring MVC.

Spring Authorization Server - Endpoint Protocol
Learn about the different types of endpoint protocols that are core to the authorization server.
We'll walk through the entire process in detail, with diagrams and flows, from the endpoint that initiates the authorization request to the endpoint that requests user information.

OAuth 2.0 Client + Resource Server + Authorization Server integration
We will learn how to link and connect each OAuth2 module provided by Spring Security, and examine specific items that perform functions as an OAuth2 service provider through examples.

3. Understanding the architecture/flow/principles

Among the Spring Framework projects, Spring Security requires a comprehensive understanding of the internal source level implementation, including technical architecture, operating principles, and flow.

If you use a given API and encounter unexpected errors or issues, you will search Google to find solutions. However, there is not much information about Spring Security OAuth2, and most of the cases are similar cases that appear repeatedly. Therefore, if you do not accurately understand or analyze the internal structure and operating principles of Spring Security OAuth2, you will face many difficulties in operating the service.

That is why this course focuses on providing knowledge that allows you to respond flexibly in any situation by completely analyzing and understanding the structure and flow of Spring Security OAuth2 beyond simple API usage and functional examples through various diagrams and accurate and detailed explanations through Flow and debugging. This can be said to be the pattern and common characteristics of the lectures opened by this instructor.

hello

Spring Batch (Spring Batch developed based on Spring Boot)

The course is open

It's a bit later than expected, but I'm more than happy with the news of the opening^^

To celebrate our opening, we are holding a 30% discount event, so please take the class at the discounted price.

This Spring Batch course focuses on the fundamentals of Spring Batch.

That is, we spent a lot of time learning how to catch fish.

So after completing this course, you will be able to use the basic techniques of Spring Batch as well as the techniques of Spring Batch.

It can be said that the focus is on developing the capacity to implement more expanded functions.

I sincerely hope that this course will be helpful to all students who are interested in developing batch applications or who are working on projects in the field.

thank you

hello

A new course is coming soon.

The lecture topic is Spring Batch (Spring Batch developed based on Spring Boot). no see .

Although it opened a little later than planned, we tried our best to provide you with good content.

The expected schedule is around mid-September.

I sincerely hope that this course will be beneficial and helpful to everyone who takes it.

Please wait a little longer.

Thank you.^^