# Finally. A Real Spring Security Course

## Метаданные

- **Канал:** Amigoscode
- **YouTube:** https://www.youtube.com/watch?v=zYop3D8EXYU
- **Дата:** 05.05.2026
- **Длительность:** 5:29
- **Просмотры:** 4,189
- **Источник:** https://ekstraktznaniy.ru/video/51765

## Описание

👉 Land the job. Get the promotion. Become a better dev. https://skool.com/amigoscode-academy
👉 Join the waitlist: https://skool.com/amigoscode-academy

Spring Security 7 is finally here  and we've rebuilt the course from the ground up.

After years of breaking changes and outdated tutorials, this is the Spring Security course I've been wanting to make: a clean, modern, end-to-end roadmap that actually sticks. We're releasing it as a 3-part series:

🔐 Part 1 — Spring Security Foundations
🔑 Part 2 — JWT + Refresh Tokens
🚀 Part 3 — Advanced (coming soon)

Parts 1 & 2 drop next week. Join the waitlist below to be the first in.

What you will learn:

✅ Authentication vs Authorization (explained the way it should be)
✅ The Security Filter Chain — broken down piece by piece
✅ AuthenticationProvider, AuthenticationManager & SecurityContextHolder
✅ UserDetailsService & custom DAO authentication
✅ Form login, Basic Auth & sessions
✅ BCrypt, salting, hashing & why rainbow tables matter
✅ Roles vs

## Транскрипт

### Segment 1 (00:00 - 05:00) []

What's going on, guys? Assalamualaikum. In this video, I want to talk to you about the brand new course that we are about to release, which is Spring Security 7. Yes. So, Spring Security is one of those frameworks that or libraries, whatever you want to call it, that people really don't understand. And yeah, so I think this was a couple years ago where I had this exact same course, but it was with the older version of Spring Security. And things were moving too fast at a time where new things were being added, breaking changes, etc. And it was a bit difficult to record and a course that would stay for a while, actually, for you guys to enjoy. So, yeah, so we have this brand new course that we are about to release, and literally it's just a matter of you know, polishing up things. I'll show you in a second. We have most of the sections, and it's actually a road map. So, there's it's going to be a three-part course series. So, the first one, the foundations, the second one, JWT, including refresh tokens, and then the third one is going to be more of the advanced level, which it will come at some point in the next few weeks. But, we're going to release the first two from sometime next week. So, I've got this Excalidraw in here, so this contains a bunch of things that we worked in terms of you know, making sure that we have the right diagrams. So, you can see you know, what is Spring Security, the security filter chain in here, the auth and access process, what is Spring Security, right? So, it provides authentication. So, this is who you are, and then we have authorization in here. What can you do? So, you can think about you know, a card that you enter buildings. So, that's the authentication, and then we have authorization is what can you access within the building. And also, we have some stuff on accounting in here. So, security events by using event listeners. We are going to Yeah, so all of these event listeners, we're going to cover this. Then, we actually going to go through some of the common attacks, not in great detail. So, this will be later in the advanced, but very important to know what really Spring Security gives us. And then, more important, the architecture in here, right? And it's more about understanding from the request going through the filters in here, and then the authentication and authorization. So, once you understand these few components, which I'm breaking it down so easy for you to understand, then everything will make sense. And I'll make a separate video on on the Spring architecture in here. So, we have a bunch of things. We have security filter chain in here, authentication provider, the manager, context holder, user detail service. We also talk about basic authentication, form login, BCrypt as well. So, very important. So, you know, why we don't store in plain text, salt, hashing. And then we talk about rainbow tables as well. And you'll see also, so one which is very important, authorization. which is roles and authorities, or simply roles and permissions. And you see sometimes where you have role, so capital role underscore. Why do we do that, right? So, a lot of people they get confused with the prefixed. So, hopefully we can solve all of that. More important, we're going to store things to a database. So, this is storing the application user, the app role, and then also the permission. So, we'll learn how to do all of this. And where is it? There we go. And then, so it's quite big. So, then we talk about J JWT, JSON web tokens in here. What it solves, and also in here, the refresh tokens, and how it works. And then, we'll cover some of the more advanced things with Spring Security. All right. So, I'm going to actually give you access to this right here, so you can have a look for yourself and what we're going to cover. And this is actually the road map in here. So, it's a bundle, actually. So, if I open it up, and there we go. So, you can see that the first one is Security Foundations, and then JWT, and then we continue. But, if I just open this one in here, I want to show you the current section. So, it's about 5 hours long, and you can see we talk about the introduction, what is Spring Security, official documentation, the form login, how it works, sessions, and then basic auth in here. Um and then also, we have quizzes for each section. You can see here no-op password, BCrypt encoder, custom DAO, authentication manager, user detail service. We also have security context holder, roles and permissions, authorization, security events, and then move on to the next course, which is in here

### Segment 2 (05:00 - 05:00) [5:00]

Spring Yeah, so Spring Security with JWT. But, it's going to be awesome. So, this is a course that a lot of you have been asking for some time, and I'm so excited to release this in the next week or so. I'm going to leave a link where you can actually grab all of this, and then join the waiting list for the course, so that once it's out, then you'll be the first one to be notified. That's all for now. I'll see you in the next one. Assalamualaikum.