Environment Variable Generator for Spring Boot
I like setting and overriding Spring Boot app configuration using environment variables.
Multi-tenant OAuth 2.0 Resource Servers (with Spring Security 5)
TLDR;
Cat’s Nest! OpenID Connect Authentication with NestJS, React, and MongoDB
In this post, we’ll explore how to create a NestJS back-end that handles OpenID Connect authentication for a React app that it serves up with an express-session. The session store will share the MongoDB instance that is also used for storing cats.
Merry Microservices: Part 3 ‘Policy Service’–Managing application-specific authorization based on identity and permissions
This is Part 3 of the series “Merry Microservices”
Stop overloading JWTs with permission claims
Here’s why…
Merry Microservices: Part 2 ‘UI Gateway’–A React UI served by a Spring Cloud Gateway OAuth 2.0 Client
This is Part 2 of the series “Merry Microservices”
Merry Microservices: Part 1 ‘Resource Server’–An OAuth 2.0 Resource Server with Webflux and R2DBC
This is Part 1 of the series “Merry Microservices”
Merry Microservices: An Introduction–Reactive, Full Stack and Policy-Driven on Kubernetes
Implementing Microservices Security Protocols and Patterns with Spring Security 5.2
Last month, I had the opportunity to speak with Joe Grandja at SpringOne Platform 2019 in Austin, Texas. In the talk, we break apart the pieces of an intentionally non-trivial demo to show how you can secure real-life microservices architectures with OAuth 2.0 and OpenID Connect.
HttpInvoker over OAuth 2.0 with Spring Boot 2.2
Ok, so HttpInvoker may not be the what the hipsters are using (it’s been around since 2003 or so) but there are still plenty of Java desktop applications out there communicating over RMI or EJB that could use a security boost by using OAuth 2.0.