This weekend, I attended the WordCamp London 2018 and talked about the process to secure web applications based on WordPress.
After organising it last year and delivered a talk about getting started with plugin development, this year I’ve been to WordCamp Torino 2018 to talk about the process to secure web applications based on WordPress.
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
In this article, I’m going to show you how to secure a Spring Boot application using Keycloak.
Before doing that, I’d like to briefly recall what I’ve done so far.
First, I highlighted the main features of Keycloak used in this series and explained how to install and boot the Keycloak server.
Then, I set Keycloak with some basic configurations to use it for securing a web application (providing it with authentication and authorisation).
In this article, I’ll talk about how to:
- Create a client in Keycloak;
- Set up the Spring Boot application;
- Define the application resources;
- Add access policies based on user roles.
You can check out the full source code of the demo project I’m going to build on GitHub.
Let’s get started! Continue reading “Securing a Spring Boot Application with Keycloak”
“It is a truth universally acknowledged, that each person in possession of a good website, must have used WordPress.”
That’s how our story begins, just like Jane Austen’s Pride and Prejudice. Join me on this journey through the World of WordPress! Get ready for exploring commonplaces, facing fearful stereotypes and rescuing users in danger until the untold secret will be unveiled… Continue reading “Pride and Prejudice. A WordPress Story”