Thomas Vitale | Software Engineer, Spring, Cloud Native, Kubernetes | Software Engineer

An imaginative chemistry lab specialized in component analysis on coffee.

Supply Chain Security: SBOMs for Java Applications

SBOMs identify software components in an application. Generate SBOMs for Java to enable vulnerability scanning, license checks and risk analysis.

Landscape of Danish beach and sea at sunrise, with surfers and sailboat in the background.

Cloud Native Diary #9

Devoxx conference and supply chain security, Java and Generative AI, Spring Boot and OpenTelemetry, platform engineering on Kubernetes.

Colourful houses in a row, in a sunny day in Denmark.

Cloud Native Diary #8

Conferences and events about cloud native, Kubernetes, Java, and Spring Boot. Open source contributions to kpack and Carvel. Developer productivity tooling.

View of Amsterdam at night. Photo by Thomas Vitale.

Cloud Native Diary #7

The past few weeks have been intense. KubeCon, platforms, Kubernetes, Carvel, Buildpacks, Cartographer, OSS, conferences, and more.

Cute seal on crystal clear water.

Podman Desktop for Java Development

Install Podman Desktop for managing containers and learn how to use it for Java development (Spring Boot, Quarkus, Testcontainers, Buildpacks).

Leafless trees and wooden table on meadow in countryside

Cloud Native Diary #6

A lot happened in the past few weeks. YouTube shows, meetups, cloud native platforms, Java, Kustomize, Carvel, Cartographer, Keycloak.

Landscape photo of mountain scenery in East Java, Indonesia.

Cloud Native Diary #5

This week, I talk about the future of Java, new features in Spring Boot 3, ARM64 support in Buildpacks, cloud native platforms, and more. Let's get to it.

A picture of a sunny and sandy beach. In the background, the Mediterranean Sea with a ship sailing.

Cloud Native Diary #4

Cloud Native Spring in Action, OpenTelemetry, Buildpacks, Carvel package management, and cloud native platforms.

A path surrounded by flowers and green plants, heading towards mountains covered in snow.

Cloud Native Diary #3

Great feedback for Cloud Native Spring in Action, Spring Boot 3, SLSA, SBOMs, multi-architecture Buildpacks, and platforms.

A container ship sailing at sunset

Cloud Native Diary #2

Excellent feedback for Cloud Native Spring in Action, supply chain security (SLSA, Sigstore), images (Buildpacks, kpack, Paketo), and platforms.

Cloud Native Diary #1

Cloud Native Diary #1

The start of a new blog series. Every week, I'll share my journey working with application development, platform engineering, and cloud native.

Spring Native: Getting started with GraalVM native images

Spring Native: Getting started with GraalVM native images

The Spring Native project provides support for packaging Spring applications as native images using GraalVM, with fast startup times and optimized memory usage.

Devoxx Ukraine 2020: "Cloud Native Spring - Migrating traditional apps" (Talk)

Devoxx Ukraine 2020: "Cloud Native Spring - Migrating traditional apps" (Talk)

Learn the main steps for migrating traditional Spring applications to cloud native: embedded servers, Docker images, externalized configuration, disposability, logging and monitoring.

New Book: Cloud Native Spring in Action - With Spring Boot and Kubernetes

New Book: Cloud Native Spring in Action - With Spring Boot and Kubernetes

I’m thrilled to announce that my book is available in early access. Learn cloud native development with Spring Boot, Spring Cloud, Docker and Kubernetes.

Centralized Configuration with Spring Cloud Config

Centralized Configuration with Spring Cloud Config

Learn how to build a central config server with Spring Cloud Config, configure a Spring Boot application with it, and refresh the config at runtime.

Spring Security and Keycloak to Secure a Spring Boot Application - A First Look

Spring Security and Keycloak to Secure a Spring Boot Application - A First Look

Keycloak is a solution for identity and access management. In this article, we're going to secure a Spring Boot application using Spring Security and Keycloak.

Quarkus - Develop Your First Supersonic Enterprise Java Application

Quarkus - Develop Your First Supersonic Enterprise Java Application

In this article, we're going to getting started with our first supersonic Quarkus application. We will develop a RESTful application using the familiar JAX-RS and CDI APIs, learn how to run it in a Quarkus environment and see how to test it.

Getting Started With Jakarta EE - A Sample Application

Getting Started With Jakarta EE - A Sample Application

Jakarta EE 8 has officially been released last Tuesday. It's the beginning of what it's been promised as "the Future of Cloud Native Java". Let's look at a sample application in Jakarta EE, using Wildfly, Gradle and Docker.

Keycloak Authentication Flows, SSO Protocols and Client Configuration

Keycloak Authentication Flows, SSO Protocols and Client Configuration

In this article, I'm going to introduce the concept of authentication flows. Then, I'll briefly mention the two protocols Keycloak can use to provide its services: OpenID Connect (on top of OAuth 2.0) and SAML. Finally, I'll show you how to configure Keycloak clients.

New Blog, New Platform, New Goal

New Blog, New Platform, New Goal

Starting a blog is easy. Keep writing is not. This time, I'm confident it's going to be different. I'll be writing about security, Keycloak, Spring and software development on my brand new blog, just migrated from WordPress to Ghost.

Access Control: Identification, Authentication, and Authorization

Access Control: Identification, Authentication, and Authorization

Unauthorized access to data and resources is one of the most significant and dangerous risks of the digital world. The OWASP Foundation, in their project about the Top 10 Application Security Risks - 2017, placed “Broken Authentication” as second, “Broken Access Control” as fifth.

Securing a Spring Boot Application with Keycloak - A First Look

Securing a Spring Boot Application with Keycloak - A First Look

Learn how to: set up a Spring Boot application for a public library, define the application resources, add access policies based on user roles. We're going to use OAuth 2.0 and OpenID Connect, specifically the standard Authorization Code Flow.

Keycloak Basic Configuration for Authentication and Authorization

Keycloak Basic Configuration for Authentication and Authorization

Managing authentication and authorization is an essential task in every good-designed web application or service. Keycloak makes it very easy and practical, letting us focus on the application business logic rather than on the implementation of security features.

Introducing Keycloak for Identity and Access Management

Introducing Keycloak for Identity and Access Management

This article is the first of a series where I'd like to introduce Keycloak as a solution to manage authentication and authorization, how to install it and which are the fundamental concepts and configurations.

Highlights from HL7® FHIR® DevDays 2018 in Amsterdam

Highlights from HL7® FHIR® DevDays 2018 in Amsterdam

Last week I attended the HL7 FHIR DevDays 2018 in Amsterdam, the "most important and largest FHIR only event in the world" organised by Firely. It's been awesome: a lot of interesting and inspiring sessions, exciting projects and a vibrant and friendly community.