This can be the first course for anyone interested in IT security:
https://app.pluralsight.com/library/courses/comptia-security-plus-sy0-401-threats-vulnerabilities/table-of-contents
Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts
Monday, 16 November 2015
Wednesday, 20 May 2015
Online Course: Spring Security Fundamental
Just completes this course. Very nice introductory course for spring security, talks about role and permission based authentication and authorization as well as various login mechanism (default, http-basics, form-login) and other cool features such as permission evaluator, ldap server, https channels.
Link: http://www.pluralsight.com/courses/spring-security-fundamentals
Notes: For some reasons the <form-login> section described in the course does not work with the latest spring security 4.0.1.RELEASE:
Firstly for the example in the course to work with spring security 4.0.1.RELEASE, use-expressions="false" must be included in the <http auto-config="true"> in the security-config.xml for the <intercept-url> which does not use expressions (it seems that spring security 4.0.1.RELEASE <http auto-config="true"> has default use-expressions="true")
Secondly, j_spring_security_check does not work with spring security 4.0.1. RELEASE, it always bounced back to the same login pages and j_spring_security_check issues 302 error messages, furthermore, the latest spring security has the csrf default to true in the <http>.
The examples in the course worked after I switch to spring security 3.2.6.RELEASE instead.
Link: http://www.pluralsight.com/courses/spring-security-fundamentals
Notes: For some reasons the <form-login> section described in the course does not work with the latest spring security 4.0.1.RELEASE:
Firstly for the example in the course to work with spring security 4.0.1.RELEASE, use-expressions="false" must be included in the <http auto-config="true"> in the security-config.xml for the <intercept-url> which does not use expressions (it seems that spring security 4.0.1.RELEASE <http auto-config="true"> has default use-expressions="true")
Secondly, j_spring_security_check does not work with spring security 4.0.1. RELEASE, it always bounced back to the same login pages and j_spring_security_check issues 302 error messages, furthermore, the latest spring security has the csrf default to true in the <http>.
The examples in the course worked after I switch to spring security 3.2.6.RELEASE instead.
Subscribe to:
Comments (Atom)