Training program "à la carte"

Photo of a trainee busy coding

As knowledge, experience, and needs change from a team to another, the program, the theoretical content, and the labs subjects are adapted for each session.

More than half of the training time is spent in labs.

Select the whole themes or individual subjects below to estimate training duration and price.

Unfold a subject to see its content and select it discretely.

OAuth2 / OpenIDAuthentication, access control, and personal data management

  • Detail what the authorization server, the resource server, the client, and the resource owner are.
  • Explain the different flows: authorization code, client credentials, device code, and refresh token.
  • See how OpenID and OIDC build on top of OAuth2.
  • Discover claims, both standard (sub, scope, iat, exp, aud, ...) and private.
  • Review tokens types and validation.
  • Build a Docker container to deploy Keycloak on a dev machine.
  • Create, save, and restore a Keycloak realm.
  • Declare confidential clients to authenticate users or to act on their own name.
  • Work with claim mappers (choose which claims are set in witch token).
  • Configure RBAC (Role-Based Access Control).
  • Spring Boot properties for OAuth2 clients using OIDC (OpenID Connect).
  • Configure a security filter chain for user authentication (authorization code, and refresh token).
  • Protect applications against CSRF attacks and expose the token in a cookie for SPAs.
  • Use the TokenRelay filter on a gateway when forwarding requests from a SPA to resource servers.
  • Configure RP-Initiated Logout and Back-Channel Logout.
  • Sharing sessions across instances in a cluster.
  • Get a hand on the authorization code's responses status and Location header.
  • Choose between JWT decoding and token introspection to validate tokens.
  • Make a security filter-chain "stateless".
  • Accept tokens from several trusted issuers.
  • Turn private claims into Spring authorities.
  • Use custom "Authentication" implementations.
  • Use and extend Spring Security DSL (SpEL methods and "magic" parameters).
  • Mock the security context in unit and integration tests.
  • Read users data.
  • Manage the meta-data (roles, groupes, etc.).
  • Adapt authorization server's UI look & feel.
  • Configure login mechanisms (multi-factor, magic-link, ...)
  • Delegate user authentication to another OpenID Provider (server federation).
  • Connect to an LDAP server (user federation).
  • Understand Back-Channel Logout.

REST APIsSpring in action

  • Check required tools (Git, Java, Docker, IDE, Postman).
  • Environment variables.
  • See how to inject dependencies to an object.
  • @Bean and affiliates.
  • @Value and @ConfigurationProperties.
  • Unit testing (stubs, mocks, and spies).
  • Path
  • HTTP method
  • Parameters
  • Request and response bodies
  • Response status
  • Unit testing with @WebMvcTest and MockMvc
  • Drastically reduce Java verbosity.
  • Prevent infinite loops (toString(), equals(), and hashCode() methods).
  • Bi-directional mapping between DTOs and domain model.
  • Mappers unit testing.
  • Use built-in validation rules and write custom ones.
  • Trigger input validation (request parameters and body).
  • Use @ControllerAdvice and @ExceptionHandler to intercept Throwables and return error responses.
  • Testing invalid requests processing.
  • Object-relational mapping (define DB model and relations between entities).
  • Spring Data @Repository and methods naming conventions.
  • Write JPA specifications for advanced filtering use cases.
  • Transactions.
  • Unit testing with an in-memory database.
  • Use Swagger annotations for API and operations documentation.
  • Generate OpenAPI specification file at build time.
  • Build Docker containers for Loki, Prometheus, Tempo, and Graphana.
  • Configure Logback to export logs to Loki.
  • Configure Spring Security to allow Prometheus to scrape metrics.
  • Configure Spring Boot Actuator to push traces to Zipkin.
  • Use OpenAPI generator to create client code from an OpenAPI spec.
  • Configure @RestClient requests authorizations, timeouts, and to go through an HTTP proxy.
  • Generate @HttpExchange implementations using pre-configured @RestClients.
  • Track database schema changes with Liquibase.
  • Use Hibernate Envers to audit entities.
  • Query audit records.
  • Get to know existing converters and define new ones.
  • HttpMessageConverter and FormattingConversionService.
  • Project structure.
  • Conditional configurations classes and beans.
  • Best practices and recommendations.
Selection

Your selection requires approximately 2 training hours (1 session).

Each session:

  • lasts 4 hours and is preferably scheduled in the morning (trainees local time)
  • has a capacity of up to 6 trainees
  • costs €400.00
  • can be followed with some post-training mentoring (design workshop, pair-programming, code review, ...)

Travel expenses might be added for on-site training. Post training mentoring is charged separately.

Please to contact me about the subjects you selected.
Picture of Jérôme Wacongne
Jérôme Wacongnech4mp@c4-soft.com(+689)89 28 52 43 (tel. / WhatsApp / Signal)