Java has been able to invoke native programs on an operating system for decades. Invoking native programs is often done using JNI (Java Native Interface) and JNA (Java Native Access). In the last few years, Java has also gained the ability to run JVM apps as native apps. That is, they’re binary executables that have no dependency on the Java runtime. This is huge! Mostly because it gives Java apps the ability to start up...

Read more

Sessions can be a challenging topic for developers of all skill levels. Many React developers never consider the internals of session management because so much of the work is abstracted away. But, it is important to understand what sessions are, how they work, and how best to manage and manipulate them. There are several different strategies for session management in React. In this article, you will learn the basics about sessions, how to manage them...

Read more

In our third Kong and Okta tutorial, we’ll go through the introspection flow implementation. This series will show you how to implement service authentication and authorization for Kong Konnect and Okta using the OpenID Connect (OIDC) plugin. Parts 1, 2 and 4 cover: Implement Client Credentials with Kong Konnect and Okta Implement Introspection Flow With Kong Konnect and Okta Access control based on Okta’s groups and planes (coming soon) Table of Contents Konnect and Okta...

Read more

Session Management is a pretty scary term for a lot of developers. Most of the mechanics of session management are abstracted away from developers, to the point where they don’t properly learn about it until it’s necessary. Usually, this means a late night trying to figure out a vulnerability, a bug, or how to work with a new session management library. Hopefully, I can remove some of the magic behind session management in NodeJs and...

Read more

We’ll go through the authorization code flow applied to user authentication processes in our second Kong and Okta tutorial. This series will show you how to implement service authentication and authorization for Kong Konnect and Okta using the OpenID Connect (OIDC) plugin. Parts 1, 3, and 4 cover: Implement Client Credentials with Kong Konnect and Okta Implement Introspection Flow With Kong Konnect and Okta Access control based on Okta’s groups and planes (coming soon) Table...

Read more

When your business or application is successful, it needs to scale. Not just technology-wise, but human-wise. When you’re growing rapidly, it can be difficult to hire developers fast enough. Using a microservices architecture for your apps can allow you to divide up ownership and responsibilities, and scale teams along with your code. Kubernetes is an open-source platform for managing containerized workloads and services. Kubernetes traces its lineage directly from Borg, Google’s long-rumored internal container-oriented cluster-management...

Read more

Modern-day mobile apps do so much. They communicate with different back-ends via network APIs. They store and retrieve data from the local database, do heavy media processing, and communicate with web sockets. It’s hard to keep track of all the information from different asynchronous data sources, especially knowing that the users are accustomed to constantly having a fluid experience with the apps they use. In the early days of Android, developers used the class AsyncTask...

Read more

Using Kong’s OpenID Connect (OIDC) plugin, Kong and Okta work together to solve three significant application development challenges: Connectivity Authentication Authorization The OIDC plugin enables Kong, as the API gateway, to communicate with Okta via the OAuth/OIDC flows. That way, your app teams don’t have to configure and diagnose authentication and authorization for each service individually. With these challenges solved, app teams have more time to build and innovate. Table of Contents Kong Konnect and...

Read more

Integration testing in modern Spring Boot microservices has become easier since the release of Spring Framework 5 and Spring Security 5. Spring Framework’s WebTestClient for reactive web, and MockMvc for servlet web, allow for testing controllers in a lightweight fashion without running a server. Both frameworks leverage Spring Test mock implementations of requests and responses, allowing you to verify most of the application functionality using targeted tests. With Spring Security 5, security test support provides...

Read more

Reactive APIs are a powerful way to handle and serve large amounts of data and large numbers of requests in a web application. They rely on a “server-side event” model in which the client (e.g. your browser) subscribes to “events” on the server, and the server “pushes” events to the client as they become available. For simple CRUD applications this is not very useful. However, in situations with millions of “subscribers” it can offer improved...

Read more