I. Introduction:
I have been very interested in the security services, so we learn. This is the note of learning immoc jojo teacher's "Spring Cloud Services Security micro real course", talking about the good.
Course Description:
Second, the architecture of FIG finally formed
Third, the chapter directory
Chapter 1 Course Guidance
A brief description of the contents of the entire program, including organization of chapters, the main technology stack used to introduce and introduce pre-knowledge of the actual cases and so on.
1-1 Course Guidance
Chapter 2 environmental structures
Describes installation development tools, project code describes the structure and construction, and substantially dependent parameters.
2-1 Installation Environment
Chapter 3 API Security
Starting from a simple API scene, about API security-related knowledge. First, we will introduce an API to ensure the safety issues which need to be considered, and then we introduce common security mechanisms to address these issues, we will write the code for each issue and security mechanisms, so that we have these issues and security mechanism preliminary understanding.
3-1 API safety, security mechanisms
3-2 first API and injection attack prevention
3-3 ilk security control API
authentication API 3-4 Security Mechanism (1)
Authentication Security 3-5 API Mechanism (2 )
data check 3-6 API security mechanisms of
the data security of the encrypted 3-7 API
3-8 Https API security mechanisms of
3-9 API security audit log of
authorized security mechanisms of 3-10 API
3-11 API safety login mechanism of the
3-12 session fixation attack protection
3-13 refactor the code
3-14 chapter Summary
Chapter 4 Micro Gateway Security Service
We will transition from simple to complex micro API scene scenes service, we will introduce in the first micro-service scenario, compared to a simple API scene, what new challenges we will be facing. We will introduce a common micro SME service architecture, but also introduce OAuth2 protocol, we will talk about the architecture and protocols OAuth2 how to solve these new challenges together. In the second half of this chapter, we will do some development on the gateway, demonstrates how ...
Chapters 4-1 Overview
4-2 micro-services security challenges of the new
4-3 overall security services common micro-architecture
4-4 OAuth2 service agreement with Micro Security
4-5 build OAuth2 authentication server
4-6 set up server resources OAuth2
4-7 refactor the code to adapt to the real environment
4-8 Zuul gateway security development (a)
4-9 Zuul gateway security development (b)
4-10 Zuul gateway security development (c)
4-11 Zuul gateway security development (d)
Chapter 5 micro-services authentication and SSO
We will learn more important micro-services in a safe topic: authentication, I will achieve a complete separation of the front and rear ends of the single sign-on (SSO) service in the micro-environment. In this process, we will further introduce OAuth2 protocol in a variety of licensing agreements, as well as how to use these agreements to achieve our goal. Eventually we will get two versions of SSO: realization and implementation of server-based Session Cookie-based browser.
5-1 single sign-on basic infrastructure
5-2 front page transformation
5-3 back-end service reform
5-4 and forwards the request to exit
5-5 (1) an authorization code to achieve certification process
5-6 Authorization Code to achieve certification process (2)
5-7 realize the SSO the session (session client application period) based on
5-8 based on the SSO the session (session validity authentication server)
5-9 based on the session SSO (Token valid)
5-10 based on the session SSO (token valid)
5-11 achieved the token SSO (1) based on
5-12 achieve SSO (2) based on the token
Secure communications between Chapter 6 Micro Services
We will focus on security between the micro-services. We will demonstrate how to use the CA to distribute certificates to ensure communication between the micro service is safe. We will also explain how to use JWT to ensure secure communication between the micro-services. Finally, we will introduce the open source framework Sentinel Ali, and how to use Sentinel to implement centralized micro flow control service, fuse and downgrade management to ensure the availability of micro-services. ...
Overview 6-1 chapter
6-2 JWT certification certification service transformation
6-3 JWT service reform and transformation of the gateway
6-4 access control transformation
6-5 jwt transformation of logs and error handling (1)
6-6 jwt transformation of the log and error processing (2)
6-7 summarizes the transformation JWT
6-8 sentinel limiting actual
fusing 6-9 sentinel of degraded
hot and 6-10 sentinel system rules of
6-11 sentinel of persistent configuration
Chapter 7 micro-monitoring and alarm service
We will introduce micro-monitoring services, tracking and alarm. First we will explain how to use Promethus + Grafana + AlertManger to collect micro Metrics information services, and automatic alarm based on such information. Secondly, we will explain how to use ElasticSearch + FileBeat + Kibana micro to collect and query service logs information. Finally, we will introduce a call link tracking tool pinpoint, to monitor micro-services t ...
Chapters 7-1 Overview
7-2 docker Quick Start
7-3 prometheus environment to build
7-4 and integration SpringBoot Prometheus
7-5 configuration grafana chart and alarm
7-6 custom metrics monitoring indicators (1)
7-7 monitor custom metrics indicators (2)
7-8 ELK + SpringBoot environment to build
7-9 collection of custom log format and content of
7-10 ELK log collection infrastructure optimization
7-11 PinPoint + SpringBoot environment to build
7-12 integrate and link tracking log monitoring
Chapter 8 Lesson Summary
In this chapter we review the whole lesson learned knowledge, learning and further back out some direction.
8-1 Lessons Learned
+++++++++++++++++++++++++++++++++++++++++++ dividing line +++++ +++++++++++++++++++++++++++++++++++++++++
Read catalog, feel conscientiously learn, should be full harvest! Documented, easy access, as well as to help more people
Article code on GitHub: https://github.com/lhy1234/springcloud-security , if a help to you, give it a little star ~ ~ ~