Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
In this intro, you'll hear what this workshop is all about!
[SOUND] Hello there I'm Chris and
0:00
I teach Java here at Tree House.
0:04
During today's workshop,
0:08
I'd like to discuss what is called
User Authentication and Authorization.
0:09
In general, authentication is
the process of an application
0:14
confirming the identification of a client.
0:17
That client will be user in our case,
but could just as easily be another
0:20
application if what
we're coding is an API.
0:24
You've seen authentication everywhere.
0:27
Anytime you're asked for a username and
password, that's authentication.
0:29
We'll be implementing that sign in or
authentication process in Spring today.
0:33
In addition, we'll chat a little about
authorization in Spring by assigning
0:39
users what are called Roles.
0:43
This allows us fine grained
control over which resources
0:45
each kind of user can access.
0:49
For example, we could have an admin user
that has a high level of control over
0:51
the application, with even the ability to
add, edit, and delete other user accounts.
0:55
In addition,
we could have a standard user account
1:00
that wouldn't be able to perform
those high level functions.
1:03
Because we'll be requiring users to
authenticate with our application, we'll
1:06
also talk about how to associate certain
resources with the authenticated user.
1:11
For example, we should show
an authenticated user only his or
1:16
her profile page when they choose to be
with, not some other user's profile page.
1:19
Or in a contact manager, we'd only want
to show the current user's contact and
1:24
not all user's contacts.
1:29
Finally, we'll ice the cake with a couple
best practices, including how to properly
1:32
store passwords in a database, as well as
how to prevent a certain type of attack.
1:36
For the project,
1:41
we'll be adding authentication to
a simple task management application.
1:42
One where a user can log-in, create items,
and mark them as complete or incomplete.
1:46
The application itself is pretty simple,
so
1:51
that we can more effectively focus
our attention on user authentication.
1:54
All right, let's get started.
1:58
You need to sign up for Treehouse in order to download course files.
Sign up