When you need to secure your application, you use Spring Security. It’s the de-facto standard, it’s robust, extensible, and brings sensible defaults to your application. But newcomers can feel lost as soon as they step out of the “Getting Started” guides and need to fine-tune the configuration to their specific use-cases. Developers can find themselves frantically copy-pasting from Stack Overflow until it kinda-sorta works. 
Spring Security only uses a handful of core building blocks, and they are present everywhere in the library. Knowing what those are, how they are meant to be used, and how to effectively leverage them will give you the keys you need to implement all your custom needs. 
This hands-on lab is the opposite of a “getting started” guide. You will implement custom use-cases from scratch, using Spring Security core classes. You will learn the general architecture, the foundational patterns, how Spring Security is built. Most importantly, you will understand how to use the extension points to add your own, specific behavior.
Pre-requisites: your laptop, Java 17, an IDE and Docker installed.
Daniel Garnier-Moiroux
Broadcom - Spring
Daniel Garnier is a software engineer at VMware, working in the identity space and on SSO for applications. He is an adjunct professor at Mines Paris, where he teaches CS and software engineering classes.
He contributes to Spring Security, and has a keen interest in automation and developer productivity.