Saturday, June 15, 2019

3 Books and Courses to Learn Spring Security 5 in Depth

The Spring Security is one of the popular projects under the Spring framework umbrella which address security requirements of modern web applications. Since Security is a paramount concern for enterprise Java applications, good knowledge of a security framework like Spring security goes a long way in someone's career. It not only helps you to become a full stack developer but also opens a lot of opportunity in terms of job and career growth. There is a lot of demand of Java developers who know the Spring framework and understands how to secure their application on the web. They are also one of the highest paid professionals in the Java world, where a Java developer with Spring + Spring Security getting anywhere to 120,000 - 150,000 USD or equivalent across the world. Even in India, you get a lot of good opportunities, interesting work, and a higher salary if you have these skills.

There is a lot of emphasis on securities and many organizations and using third-party security audit and tools like Fortify to identify security holes in their application. A good understanding of Spring security not only helps you think about security at the start of an application but also allows you to treat security as a concern and secure an already built application.

So, we know that security is important and Java developer will benefit a lot from learning and use Spring security, but how do you learn them? They are not the easiest of concepts to master and try, hence select a good book and training course is very important.

Fortunately, Spring security is a matured framework and there is a lot of material available on the internet which you can use to learn and master it, but if you are starting from scratch, then I suggest reading a book or taking an online course first, instead of learning by bits and pieces on blogs and articles.

No doubt, that blog posts, and article provides a lot of value but a book and a structured course provide you with a comprehensive learning experience. Once you are familiar with most of the stuff, you can read blog post and articles to learn more and further solidify your understanding.

Btw, if you are not familiar to Spring framework itself then it's better you start with that first before jumping on Spring Security and if you need recommendations then Spring Framework 5: Beginner to Guru by John Thompson on Udemy is the best course to start with.




Top 3 Spring Security Books and Course for Java Developers

Since many of my readers ask me about the best books to learn Spring Security, I am sharing a couple of titles which I have read and found good. Ideally, I like to read a couple of books but in general, one good book and one good training course are more than enough to start with. Anyway, here are my recommendations for learning Spring Security from scratch


1. Hands-On Spring Security 5 for Reactive Applications
This is a good book which initially looked boring to me. When I read a first a couple of chapters I was about to put it down but then the real action begins with deep diving with spring security. The book has a lot of sample code and it enforces you not only read but also work, I mean, try and test sample application and builds along with each new concepts, which is great.

It also does a good job on explaining behind essential details like it tells you what happens when you add <http> tag, what is security context, how the order of intercept-url matters and consequence of using security=none for leaving out CSS and JavaScript another URLs.

 All in all its a complete book which not only covers basics but also advanced details and on top of that, it's also the most up-to-date course as it covers Spring Security 5.  My big thanks to the Tomcy John and Packt Pub, the author and publisher of Hands-on Spring Security 5 for Reactive Applications for creating this awesome book.


3 Books and Courses to Learn Spring Security in Depth

Along with Spring Security basics, you will learn how to customize Spring security based on your need, starting with form-based logging to integrating with custom authentication provider based on your company and environment.

You will also discover the relationship between OAuth2 and OpenID Connect and learn how to secure your microservices and serverless applications with Spring.



2. Java Spring Security by Trevor Page
This is another good course on Spring security from fellow blogger Trevor Page. I love Trevor's teaching style because of clear and concise explanation and touching the basics which most of the instructor ignores.

For example in this Spring Security course, his first few lectures will give you a good idea about what is Spring security and why do you need it. You will understand about Authentication like Http Basic Authentication and Authorization like Role-based access control, and how Spring security help with that, which is great.

One of the things any Java developer really like to improve is their understanding of security in the web application. I have interviewed so many experienced developers not knowing much about common security exploits like SQL Injection, Cross Site Scripting, Session Hijacking, etc.


Top 3 Spring Security Books and Course for Java Developers

They can benefit a lot from joining this course and taking Learn Spring Security 5 training from Eugen, which we'll discuss in the next section.

Even though these two courses and Spring Security book is more than enough to get all the required Spring security skills for most of Java developers, if you need more choices, you can also take a look at Spring Security Fundamentals course form Pluralsight.

The Author, Bryan Hassen has presented some good information on Spring security framework, the best thing is that Pluralsight provides a free trial, which means you can just signup and take this course for free.





This is one of the best online course to learn Spring Security in depth by Eugen, Paraschiv of Baeldung. Eugen needs no introduction, he is also the author of one of the most popular advance Spring course, REST with Spring, which teaches about developing RESTful Web Services using Spring, but not many people know that he also has one more gem, his learn Spring Security course.

The course is not only properly structured, which makes it good for both junior and experienced developer, but also covers all necessary security stuff required in a production like, real-world enterprise application.

 Learn Spring Security Certification Class


This is not only one of the best course to learn Spring Security but also the most up-to-date and very hands-on.  You can take this course along with Spring Security 5 book to learn Spring Security 5 in depth to secure your Microservice and Java applications.

That's all about some of the best books and courses to learn Spring Security in depth. Even though Spring in Action is a nice book, which covers most of the features of the Spring framework, it's kinda light on Spring security. It does cover Spring security, especially the web application security and method level security but that's not good enough.

If you are using Spring security to protect your application, you should know more than that and this is where these books help. They not only complement what is covered in Spring in Action but also provide internal implementation details which are key for extending and customizing the Spring security for your need. The Learn Spring Security training course from Baeldung, combined with these books is perfect to master Spring Security from start to end.


Other Java and Spring Articles you may like to explore

Thanks for reading this article. If you find these Spring Security resources useful then please share with your friends and colleagues.

No comments :

Post a Comment