Dive into the latest releases from #Spring 
https://bit.ly/3Y32ilE
Spring Boot, Spring Security, Spring Authorization Server, Spring for GraphQL, Spring Integration, Spring AMQP, Spring for Apache Kafka and Spring Web Services.
Recent searches
Search options
#springsecurity
0 posts0 participants0 posts today
Hey #Scala people working on web auth, any recommendations for a useable, maintained TOTP library?
Or should I just use #SpringSecurity ?
Dive into the latest releases from #Spring https://bit.ly/3QuNKaD
Releases of: Spring Boot, Spring Security, Spring Authorization Server, Spring Integration, Spring AI and Spring AMQP.
Many of these releases are included in Spring Boot 3.5.0-M2, 3.4.3 & 3.3.9.
Securing #Vaadin Applications with One-Time Token by @SimonMartinelli
https://martinelli.ch/securing-vaadin-applications-with-one-time-token/
Martinelli · Securing Vaadin Applications with One-Time TokenLogging into an application should be simple for users but still safe and secure. Traditional logins with usernames and passwords work, but they can be inconvenient and sometimes risky if passwords are stolen. A one-time token login offers a solution—it's both easy for users and secure.
In this blog post,
In my new blog post, "Securing Vaadin Applications With One-Time Token," I show you how to use the new Spring Security feature that enables the user to log in with a one-time token combined with Vaadin.
#Vaadin #SpringBoot #SpringSecurity
https://buff.ly/3WFsUsn
Martinelli · Securing Vaadin Applications with One-Time TokenLogging into an application should be simple for users but still safe and secure. Traditional logins with usernames and passwords work, but they can be inconvenient and sometimes risky if passwords are stolen. A one-time token login offers a solution—it's both easy for users and secure.
In this blog post,
Dive into the latest releases from Spring https://bit.ly/3EaPWB3
Milestone releases of: Spring Boot, Spring Framework, Spring Data, Spring Security, Spring Integration and Spring Modulith.
#SpringSecurity is widely used, offering numerous settings for various scenarios.
This #InfoQ article demonstrates basic configurations with detailed component analysis through diagrams and code examples, providing a starting point for further customization.
Read now: https://bit.ly/3DWoKFX
Dive into the latest releases from #Spring! https://bit.ly/3DBHv1l
Spring Boot, Spring Security, Spring Authorization Server, Spring Session, Spring Integration, Spring Modulith, Spring Batch, Spring AMQP, Spring for Apache Kafka, Spring for Apache Pulsar and Spring Shell.
In this post I report on some further progress on integrating #Cerbos authorization with #SpringSecurity and #SpringDataJPA. I made a library we're currently using, and here I outline how the code can be used and how it works. Source linked from post. westergaard.site/2024/11/towards-better-spring-support-for-cerbos/
Michaelpedia Galactica · Towards Better Spring Support for CerbosIn this post I report on some further progress on integrating Cerbos authorization with Spring Security and Spring Data JPA. I made a library we're currently using, and here I outline how the code can be used and how it works.
Continued thread
We had this set up with WebSecurityConfigurerAdapter before, but that's gone sice 5.something, so we need to replace this with component based stuff according to some migration doc I found #Java #SpringBoot #SpringFramework #SpringSecurity #ProgrammingHelp
I'm a bit desperate, I really need to set up CAS authentication in a Spring 6.1+ application, and I have no fucking idea how... All I've been able to find is this thing https://docs.spring.io/spring-security/reference/servlet/authentication/cas.html#cas-pt but I am trying to configure it using Java, not XML gibberish... the CAS I'm trying to set up, to be more exact, is ECAS, the EU Login CAS. Does anybody have any pointers? I beg you fedi, please help me, this shit is due Monday and I have 0 idea how to do it... 
#Java #SpringBoot #SpringFramework #SpringSecurity #ProgrammingHelp
docs.spring.ioCAS Authentication :: Spring Security
Dive into the latest releases from #Spring! https://bit.ly/3MmKYlr
Spring Boot, Spring Data, Spring Cloud, Spring Security, Spring Authorization Server, Spring Session, Spring for Apache Kafka & Spring for Apache Pulsar.
Amazing walkthrough on method security with Spring Security, concise and perfect explanation of how it works. https://youtu.be/JYZHp5eqS2I?feature=shared #spring #springsecurity #springboot
www.youtube.com - YouTubeAuf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
connect2id's Nimbus OAuth2/OIDC SDK is underrated, particularly as a direct dependency!
https://connect2id.com/products/nimbus-oauth-openid-connect-sdk
Many people use it through Spring Security or Pac4j but the lib is relatively easy to use directly (particularly if you know the protocols) and can be used to add OIDC support to Java apps with much less complexity than those Spring or Pac4j authentication frameworks (but at the cost of having to handle some of the Web security yourself, mainly around CSRF)
connect2id.comNimbus OAuth 2.0 SDK with OpenID Connect extensions | Connect2id
,
&
Spring survey 2024 is here. Let us know what you like about Spring, its portfolio, and how we can improve so you become more productive.
dimensionalresearch.co1.qualtrics.comSurveySurvey
I'll be honest, I've never really liked #SpringFramework. I've had to learn to use it, but upgrading is still such a pile of shit.
My headache (literally) is having to upgrade the #SpringSecurity from version 5.x to 6.2.1. We've always used XML configuration for the security config. This is allows us to support different customers. However, with the 6.2.1 I can't seem to get the XML configurations to work, and all the documentation for the XML stuff are not up-to-date.
Aaaaaaaaa #SpringSecurity mit #Websockets bringt mich grad auf die Palme :/
Derweil will ich ja nur sicherstellen das keine Subscriptions von nicht angemeldeten Usern gemacht werden. Aber es werden einfach alle Requests geblockt, auch wenn ich alles whiteliste. -.-
Jemand eine Tipp in die richtige Richtung?
I just updated a ~10 year old application I started in pre #SpringBoot 1 from v2.7 to the latest 3.2, and I have to say, it was flawless now that with ActiveMQ finally has a Jakarta version out.
Hat tip to the #SpringSecurity team, for once I do find the "new" way here way nicer, well done.
GitHubUpgrade to Spring Boot 3.2, including Javax -> Jakarta migration. · michael-simons/biking2@375794dThis is the source code of http://biking.michael-simons.eu - Upgrade to Spring Boot 3.2, including Javax -> Jakarta migration. · michael-simons/biking2@375794d
I see so many #SpringBoot and #SpringSecurity tutorials store usernames and passwords in a database. Sure, the passwords are appropriately encrypted, but why are folks rolling their own database storage and not being shown how to use OAuth or OpenID and authenticate against a third-party system where they've done this for you?
There's so many more important things to learn than storing usernames/passwords in a database table (integrating with OAuth/OpenID is hard enough!), which folks will unlikely every do in their career.