Introduction2:01 with Chris Ramacciotti
In this intro, you'll hear what this workshop is all about!
[SOUND] Hello there I'm Chris and 0:00 I teach Java here at Tree House. 0:04 During today's workshop, 0:08 I'd like to discuss what is called User Authentication and Authorization. 0:09 In general, authentication is the process of an application 0:14 confirming the identification of a client. 0:17 That client will be user in our case, but could just as easily be another 0:20 application if what we're coding is an API. 0:24 You've seen authentication everywhere. 0:27 Anytime you're asked for a username and password, that's authentication. 0:29 We'll be implementing that sign in or authentication process in Spring today. 0:33 In addition, we'll chat a little about authorization in Spring by assigning 0:39 users what are called Roles. 0:43 This allows us fine grained control over which resources 0:45 each kind of user can access. 0:49 For example, we could have an admin user that has a high level of control over 0:51 the application, with even the ability to add, edit, and delete other user accounts. 0:55 In addition, we could have a standard user account 1:00 that wouldn't be able to perform those high level functions. 1:03 Because we'll be requiring users to authenticate with our application, we'll 1:06 also talk about how to associate certain resources with the authenticated user. 1:11 For example, we should show an authenticated user only his or 1:16 her profile page when they choose to be with, not some other user's profile page. 1:19 Or in a contact manager, we'd only want to show the current user's contact and 1:24 not all user's contacts. 1:29 Finally, we'll ice the cake with a couple best practices, including how to properly 1:32 store passwords in a database, as well as how to prevent a certain type of attack. 1:36 For the project, 1:41 we'll be adding authentication to a simple task management application. 1:42 One where a user can log-in, create items, and mark them as complete or incomplete. 1:46 The application itself is pretty simple, so 1:51 that we can more effectively focus our attention on user authentication. 1:54 All right, let's get started. 1:58
You need to sign up for Treehouse in order to download course files.Sign up