new.tar.gz

taskOne

tasktwo

taskthree

formPF

oauth2

openid

ldap

hashing

JWTHello

JWKManager

JwtAuthCode

demo

Challenge 1

Challenge2

Challenge3

simple-hash

hash-with-salt

PBKD

Challenge2-Faizan

Challenge3-Faizan

This course covers authentication and authorization within web applications in Java Enterprise security. Security is a vast concept with many aspects. In particular, we'll focus on the security of applications and the data they contain, an area that is known as information security.

We will start by identifying our end users and dive deep into the differences between encoding, encryption, and hashing techniques. After that, we will learn to propagate information with microservices architecture.

By the end of this course, you'll have hands-on experience with the integration and configuration of OAuth2 and OpenID Connect into the Java application.

JakartaEE Security Workshop

Because applications don’t allow for fewer characters.

If a hacker has obtained the hash of your password, they can find out the original password by a brute force attack in less than two days when it has 10 or fewer characters.

Applications don’t save passwords with fewer characters in the hash.

Passwords with fewer characters are not authentication protected.

Why should a password be longer than 10 characters in 2022?

Why should a password be longer than 10 characters in 2022?

It is slower than a simple hash and thus the brute force method takes more time.

Sometimes the simple hash doesn't work properly. 

The hackers can predict the hash value of a simple hash function right away. 

A simple hash function is much more difficult to implement. 

Why do we prefer to perform a key derivation function on a password and not a simple hash?

Why do we prefer to perform a key derivation function on a password and not a simple hash?

The resulting value can then be stored in a simple text database field, and we don’t need to store it as a binary value, which is more complex.

The resulting value can then be stored in a simple binary value database field, which is more secure.

The resulting value can then be stored after a simple hash in a simple binary value database field, which is more secure.

The resulting value can then be stored after a simple hash in a simple text database field and you don’t need to store it as a binary value, which is more complex.

Why does the Security API perform a Base64 encoding of the salt and the output of the key derivation function?

Why does the Security API perform a Base64 encoding of the salt and the output of the key derivation function?

In which directory is LDAP is a protocol to access data?

In which directory is LDAP is a protocol to access data?

The SHA-512 is a hashing algorithm that generates ________ bytes as the hash value.

The SHA-512 is a hashing algorithm that generates ________ bytes as the hash value.

Test your understanding of authentication data stores.

Before We Begin

Introduction

Concepts

Window Shopping

Authentication Methods

Standards

Authentication Data Stores

Secure Data Transfer

Quiz