The Identity of OAuth Public Clients
I recently got back from a series of events filled with lots of interesting discussions around various OAuth-related topics. At the official IETF meeting in Vienna back in March, I presented the latest work on OAuth 2.1 and we discussed and made progress on some of the current open issues. At the OAuth Security Workshop a few weeks later, I presented a session on client authentication for mobile apps, and there were many more presentations...
Launch a Java REST API with Micronaut
In this tutorial, I’ll show you how to create a secure REST API and native image with Micronaut. You’ll see how to run a secure, OAuth 2.0-protected, Java REST API that allows JWT authentication. Then, I’ll compare its performance with Quarkus, Spring Boot, and Helidon. This tutorial is also available as a screencast. Prerequisites: SDKMAN (for Java 17 with GraalVM) HTTPie (a better version of cURL) An Okta Developer Account (or the Okta CLI) The...
Start a Java REST API with Spring Boot
In this tutorial, I’ll show you how to create a secure REST API and native image with Spring Boot. You’ll see how to run a secure, OAuth 2.0-protected, Java REST API that allows JWT authentication. Then, I’ll compare its performance with Micronaut, Quarkus, and Helidon. This tutorial is also available as a screencast. Prerequisites: SDKMAN (for Java 17 with GraalVM) HTTPie (a better version of cURL) An Okta Developer Account (or the Okta CLI) The...
Kickstart a Java REST API with Quarkus
In this tutorial, I’ll show you how to create a secure REST API and native image with Quarkus. You’ll see how to run a secure, OAuth 2.0-protected, Java REST API that allows JWT authentication. Then, I’ll compare its performance with Micronaut, Spring Boot, and Helidon. This tutorial is also available as a screencast. Prerequisites: SDKMAN (for Java 17 with GraalVM) HTTPie (a better version of cURL) An Okta Developer Account (or the Okta CLI) The...
Secure and Deploy Micro Frontends with Angular
Micro frontends continue to gain interest and traction in front-end development. The architecture models the same concept as micro services - as a way to decompose monolithic front-end applications. And just like with micro services, micro frontends have complexities to manage. This post is part two in a series about building an e-commerce site with Angular using micro frontends. We use Webpack 5 with Module Federation to wire the micro frontends together, demonstrate sharing authenticated...
How to Build Micro Frontends Using Module Federation in Angular
The demands placed on front-end web applications continue to grow. As consumers, we expect our web applications to be feature-rich and highly performant. As developers, we worry about how to provide quality features and performance while keeping good development practices and architecture in mind. Enter micro-frontend architecture. Micro frontends are modeled after the same concept as microservices, as a way to decompose monolithic frontends. You can combine micro-sized frontends to form a fully-featured web app....
Build Secure Ionic Apps with Angular and JHipster
Ionic is a framework for building mobile apps with web technologies that look and act like native apps. Because they’re built with web technologies (HTML, JavaScript, and CSS), you can also deploy your Ionic apps as single-page applications. Or, even better, as progressive web apps (PWAs) that work offline. Ionic supports the big three web frameworks: Angular, React, and Vue. Once you’ve written your app, you can deploy it to a simulator or device with...
A Beginner's Guide to Application Security
Over the past decade, and even more swiftly since the time of the COVID-19 pandemic, digital transformation of the workplace has primarily been driven by applications. Apps have become an integral part of everyday life for many organizations. Modern applications are complex. Their functionality frequently relies on APIs and third-party integrations, leading to an increased attack surface and more security vulnerabilities. A data breach or an attacker exploiting a security weakness can permanently damage your...
Kubernetes Microservices on Azure with Cosmos DB
In this tutorial, you’ll learn how to deploy a JHipster-based reactive microservice to Azure Kubernetes Service (AKS). You’ll use Azure’s Cosmos DB as a persistent store for one of the services. For security, you’ll use Okta as an OAuth 2.0 and OpenID Connect (OIDC) provider. You’ll also securely encrypt all secrets in the project configuration files using Kubernetes secrets and kubeseal. This tutorial focuses on deploying an already generated project to Azure AKS. It does...
The Benefits of GDPR for Application Security
As the internet has grown, so has the need to protect users from privacy invasions, fraud, or other types of abuse by attackers. The European Union’s solution is the General Data Protection Regulation, or GDPR. First put into effect in 2018, the policy applies not only to the organizations in the EU but to any organization that uses or collects data from people in the EU. If your organization is subject to GDPR, you’ll need...