Security Supply Chain Security: SBOMs for Java Applications SBOMs identify software components in an application. Generate SBOMs for Java to enable vulnerability scanning, license checks and risk analysis.
Keycloak Keycloak Authentication Flows, SSO Protocols and Client Configuration In this article, I'm going to introduce the concept of authentication flows. Then, I'll briefly mention the two protocols Keycloak can use to provide its services: OpenID Connect (on top of OAuth 2.0) and SAML. Finally, I'll show you how to configure Keycloak clients.
Security Access Control: Identification, Authentication, and Authorization Unauthorized access to data and resources is one of the most significant and dangerous risks of the digital world. The OWASP Foundation, in their project about the Top 10 Application Security Risks - 2017, placed “Broken Authentication” as second, “Broken Access Control” as fifth.
Keycloak Securing a Spring Boot Application with Keycloak - A First Look Learn how to: set up a Spring Boot application for a public library, define the application resources, add access policies based on user roles. We're going to use OAuth 2.0 and OpenID Connect, specifically the standard Authorization Code Flow.
Keycloak Keycloak Basic Configuration for Authentication and Authorization Managing authentication and authorization is an essential task in every good-designed web application or service. Keycloak makes it very easy and practical, letting us focus on the application business logic rather than on the implementation of security features.
Keycloak Introducing Keycloak for Identity and Access Management This article is the first of a series where I'd like to introduce Keycloak as a solution to manage authentication and authorization, how to install it and which are the fundamental concepts and configurations.
Spring How to enable HTTPS in a Spring Boot Java application Setting up HTTPS for Spring Boot requires two steps: getting an SSL certificate and configuring SSL in Spring Boot. Whether you're going to generate a self-signed certificate or you have already got one by a CA, I'll show you how to enable HTTPS in a Spring Boot application.