Software Engineer. I write about designing and developing cloud native applications with Spring and Java EE. Interested in security, privacy and software architectures.
Quarkus - Develop Your First Supersonic Enterprise Java Application
In this article, we're going to getting started with our first supersonic Quarkus application. We will develop a RESTful application using the familiar JAX-RS and CDI APIs, learn how to run it in a Quarkus environment and see how to test it.
Keycloak Authentication Flows, SSO Protocols and Client Configuration
In this article, I'm going to introduce the concept of authentication flows. Then, I'll briefly mention the two protocols Keycloak can use to provide its services: OpenID Connect (on top of OAuth 2.0) and SAML. Finally, I'll show you how to configure Keycloak clients.
Access Control: Identification, Authentication, and Authorization
Unauthorized access to data and resources is one of the most significant and dangerous risks of the digital world. The OWASP Foundation, in their project about the Top 10 Application Security Risks - 2017, placed “Broken Authentication” as second, “Broken Access Control” as fifth.
Securing a Spring Boot Application with Keycloak - A First Look
Learn how to: set up a Spring Boot application for a public library, define the application resources, add access policies based on user roles. We're going to use OAuth 2.0 and OpenID Connect, specifically the standard Authorization Code Flow.
Keycloak Basic Configuration for Authentication and Authorization
Managing authentication and authorization is an essential task in every good-designed web application or service. Keycloak makes it very easy and practical, letting us focus on the application business logic rather than on the implementation of security features.
Highlights from HL7® FHIR® DevDays 2018 in Amsterdam
Last week I attended the HL7 FHIR DevDays 2018 in Amsterdam, the "most important and largest FHIR only event in the world" organised by Firely. It's been awesome: a lot of interesting and inspiring sessions, exciting projects and a vibrant and friendly community.
How to enable HTTPS in a Spring Boot Java application
Setting up HTTPS for Spring Boot requires two steps: getting an SSL certificate and configuring SSL in Spring Boot. Whether you're going to generate a self-signed certificate or you have already got one by a CA, I'll show you how to enable HTTPS in a Spring Boot application.
Getting Started with Spring Data MongoDB using Java Configuration
In this tutorial, I'll show you how to use Spring Data MongoDB to integrate a MongoDB NoSQL database into a Spring Boot application. Spring lets you use either Java configuration or XML configuration or a mix of the two. I'll use a pure Java configuration.