Protecting User Data with Spring Security and OAuth2

Spring Framework • fundamentals of Spring Security • fundamentals of OAuth 2
skills learned
implementing an OAuth 2 authorization server • implementing an OAuth 2 resource server • implementing an OAuth 2 client • using a gateway service in an OAuth 2 system • setting up a full OAuth 2 microservices system
Laurentiu Spilca
6 weeks · 7-10 hours per week · INTERMEDIATE
This title has been retired and is no longer for sale.
Look inside
Your client’s data is both valuable and vulnerable. Luckily, the Spring ecosystem of tools makes it easy to secure your microservices architecture to keep health, financial, and other important information safe from attack.

In this liveProject, you’ll learn how to use Spring Security and OAuth 2 to build and secure the backend microservices architecture of health startup HealthX. Working hands-on on this real-world project, you’ll learn how to implement the security requirements in an OAuth 2 system, develop a microservice authorization server for user management, write authorization rules to secure endpoints that your clients can call, and more. This system you create will be able to protect your users’ privacy details, and easily scale to handle the growth of your company.
This project is designed for learning purposes and is not a complete, production-ready application or solution.

book resources

When you start your liveProject, you get full access to the following books for 90 days.

project author

Laurentiu Spilca
Laurentiu Spilca is a dedicated development lead and trainer at Endava, where he leads and consults on multiple projects from various locations in Europe, Asia, and the U.S. Laurentiu believes it's essential to not only deliver high-quality software but to also share knowledge and help others to up-skill, which has driven him to design and teach courses related to Java technologies and deliver presentations and workshops. He is the author of Spring Security in Action and Spring Quickly.


This liveProject is for intermediate Java developers familiar with Spring and Spring Security. To begin this liveProject you need to be familiar with the following tools, technologies, and techniques.

  • Spring framework
  • Spring Data
  • Spring Security
  • Spring Cloud Gateway
  • H2 (or a SQL DBMS)
  • JUnit/Mockito

  • Implementing a system over the OAuth 2 specification
  • Using data persistence
  • Designing secure microservices
  • Using a gateway design for authorizing and auditing the requests

you will learn

In this liveProject, you’ll master essential skills for securing Java-based microservices architectures.

  • Secure microservices with Spring Boot and Spring Security
  • Implement authentication functionality and issue access tokens
  • Create authorization configurations for protecting users’ data
  • Protect persisted data
  • Write unit and integration tests using JUnit
  • Configure mock objects with Mockito and WireMock


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.