If you are a Java Spring developer and working with Spring Security then you may be familiar with the "Learn Spring Security" course by Eugen Paraschiv of Baeldung.com. It is one of the most advanced and comprehensive courses on Spring Security and the best part of this course is that Eugen always keeps it up-to-date with new Spring Security release. Now that version Spring Security 5 is out - he has updated his course to use new features of Spring Security 5. Btw, there is some really cool new functionality coming in Spring Security 5 for the reactive programming model, and many other improvements and new features. But, the most important one is the release of OAuth2. This means:

• No more picking spring-social modules to integrate with third-parties OAuth providers.
• No more limitations in the way the OAuth2 spec is implemented.

On Spring Security side, It took a big rewrite - which very, very rarely happens in the Spring ecosystem - but Spring Security 5 fixed all of that. When it comes to Security my advice to all of my readers is always use the most up-to-date information and if you have to choose a

course to learn Spring security, you should use one which is focused on Spring Security 5 and Eugen has done a commendable job to update his course right in time. Btw, he is not only updating existing lesson but also adding new modules, lessons and expanding the scope of the course to touch base some more advanced topics e.g. Security Architecture.

A lesson on Security Architecture is also coming

He is also adding a new chapter on Security Architecture, which is what most students have requested him from last year. As per Eugen, the course material is very much focused on practical implementation, and he wants to keep that way. But, he agrees that there are certainly a couple of architectural scenarios which he sees over and over again in his client engagements - that are core to implementing a real-world security system today. One very common scenario is handling token verification in a microservice architecture, using OAuth.  Simply put, instead of having to verify the token in each microservice independently, the token is checked in the Gateway and gets propagated down.  That way, when a single request hits multiple services, the token isn't checked multiple times.

New Modules on Learn Spring Security Course

In short, to incorporate new features, he has also added a lot of new modules in Learn Spring Security course e.g. New Module 16 - Reactive Security:   Lesson 1: A Basic Reactive Security Example Lesson 2: Reactive Method Security Lesson 3: WebFlux Form Log In Lesson 4: WebTestClient Security Support Lesson 5: Advanced Reactive Security New Module 17 - OAuth2 in Spring Security 5:  Lesson 1: OAuth 2 Login Java Config Lesson 2: New Support for OpenID Connect 1.0 and the ID Token Lesson 3: New Support for JSON Web Token (JWT) and JSON Web Signature (JWS) Lesson 4: OAuth 2 New Client Support Lesson 5: OAuth 2 Improvements and Additions Lesson 6: OAuth 2 Support in Spring Boot 2 New Module 18 - Security Architecture - Deep Dives:  Lesson 1: How to handle OAuth2 security in the Gateway, in a microservice architecture In short, the New Learn Spring Security is certainly the best course to learn Spring Security 5 and with Eugen upgrading all existing lessons to Spring Security 5 - especially the two extensive OAuth2 modules, it becomes a great resource to master this highly regarded skill.

Hurry up  - Price is Increasing too

Btw, he is also increasing the price of course, which is fair enough given all these update and work, but the course is currently available on old price. The Exact Pricing Changes for "Learn Spring Security" after 8th December would be following: In short, only 3 Days Left for price change. So, if you're planning to join the program and want to benefit from the last few days of the current pricing, make sure you do that soon.