NB: there are sometimes readme.md
files in each subfolder, too. be sure to consult them for more on the demo flow and approach.
basics
- high level overview of all things Spring Security, providing a mental framework on which to approach everything that follows.ssl
- demonstrates both centralized configuration of trust materials in an application and the reloadability of those trust materialspasskeys
- demonstrates the use of Webauthn and an arbitrary factor like TouchID, FaceID, etc., as the credential with an as-yet not GA effortoauth
- demonstrates both acting as an OAuth client to an arbitrary OAuth IDP and our spiffy Authorization Server, which is better than all the OAuth servers that have ever or yet been written.
- the Spring Security Livelessons that Rob and I did years ago. not sure how relevant that is in the modern world.