new.tar.gz

taskOne

tasktwo

taskthree

formPF

oauth2

openid

ldap

hashing

JWTHello

JWKManager

JwtAuthCode

demo

Challenge 1

Challenge2

Challenge3

simple-hash

hash-with-salt

PBKD

Challenge2-Faizan

Challenge3-Faizan

This course covers authentication and authorization within web applications in Java Enterprise security. Security is a vast concept with many aspects. In particular, we'll focus on the security of applications and the data they contain, an area that is known as information security.

We will start by identifying our end users and dive deep into the differences between encoding, encryption, and hashing techniques. After that, we will learn to propagate information with microservices architecture.

By the end of this course, you'll have hands-on experience with the integration and configuration of OAuth2 and OpenID Connect into the Java application.

JakartaEE Security Workshop

## Overview
Not everything can be simply divided into groups. OAuth2 and OpenID Connect are two examples of this in the world of authentication.

**OAuth2** is an open standard for authorization. In that respect, it can be compared to a realm on the application runtime we already know, but it is more than that. Not only does it keep and validate the credentials of the user, it also accepts input for them.

OAuth2 defines how an application can access data or information stored in a system, such as Google Calendar events. The OAuth2 standard gives the end  user the control over which applications can access their data and how they can use it. For example, data may be read-only for some applications, while others may be allowed to make changes.

The OpenID Connect specification, which we cover in the lesson “[OpenId Connect](https://www.educative.io/courses/jakarta-ee-security-workshop/openid-connect),” goes further. It allows the application to identify the user and their permissions based on an external system, the OpenId Connect Provider. Think of it as outsourcing your authentication to a third party.

The following diagram shows what is happening behind the scenes:

# Overview
Not everything can be simply divided into groups. OAuth2 and OpenID Connect are two examples of this in the world of authentication.

**OAuth2** is an open standard for authorization. In that respect, it can be compared to a realm on the application runtime we already know, but it is more than that. Not only does it keep and validate the credentials of the user, it also accepts input for them.

OAuth2 defines how an application can access data or information stored in a system, such as Google Calendar events. The OAuth2 standard gives the end  user the control over which applications can access their data and how they can use it. For example, data may be read-only for some applications, while others may be allowed to make changes.

The OpenID Connect specification, which we cover in the lesson “[OpenId Connect](https://www.educative.io/courses/jakarta-ee-security-workshop/openid-connect),” goes further. It allows the application to identify the user and their permissions based on an external system, the OpenId Connect Provider. Think of it as outsourcing your authentication to a third party.

The following diagram shows what is happening behind the scenes:

Get a brief introduction to OAuth2 and web server flow. 

OAuth2

Get a brief introduction to OAuth2 and web server flow.

Before We Begin

Introduction

Concepts

Window Shopping

Authentication Methods

Standards

Authentication Data Stores

Secure Data Transfer

OAuth2

Overview