Spring Security
initializr
Our great sponsors
Spring Security | initializr | |
---|---|---|
10 | 258 | |
8,406 | 3,344 | |
1.6% | 0.8% | |
9.9 | 8.9 | |
7 days ago | 7 days ago | |
Java | Java | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Spring Security
-
Spring Security private_key_jwt with AWS KMS
Spring security has long had great OAuth2.0 support from both the server and client elements. Recently spring security added support for the private_key_jwt client authentication method as part of the authorization code grant flow. Spring Security GitHub ref
- Issue since upgrading to Spring Boot 3 - 2: cannot access H2-console
-
Spring with java vs Spring with kotlin
To be fair there were quite some unexpected surprises in the past with Spring and Kotlin (e.g. the Cachable annotation did not work with suspend functions, not all Spring security annotations were supported with coroutines), but most of them were ironed out already.
-
Spring Security WebSecurityConfigurerAdapter deprecated
They recently updated all the examples in the javadocs if you wanna bump your Spring Security version to 5.7.3 (see here). Otherwise the reference docs all reflect the non-deprecated approach that uses SecurityFilterChain and supporting beans.
-
🎀 Spring Boot 2.7.0 Released
Spring Security 5.7
-
Spring Security without the WebSecurityConfigurerAdapter
Since Spring Security 5.7.0-M2 the use of WebSecurityConfigurerAdapter was deprecated (link to GitHub - https://github.com/spring-projects/spring-security/issues/10822) to move to component-based security configuration.
-
Spring Reactive Oauth2 Webclient not using configured proxy
When i start the flow, no proxy is used and even the WebClient is not used to get access token. And i get a timeout exception for that. The same issue was discussed in Github: https://github.com/spring-projects/spring-security/issues/8966
-
How to ignore Url from Once per request filter
You can extract (and validate) the JWT token into the Principal by implementing the getPreAuthenticatedPrincipal method, and map the claims to user details by providing through a custom implementation of AuthenticationUserDetailsService.
-
Dynamically updating user roles.
Or, maybe simpler, is to create your own filter and add it after the SecurityContextPersistenceFilter. Here, just recreate the authentication token from the database, which is what token based authentication does (token based authentication has to preauthenticated authentication from the token for the actual user authentication with the user details).
initializr
- Como funciona um Load Balance e como implementar utilizando Nginx.
-
Develop your Tomcat App with Docker Compose Watch
The best way, for generating a ready-to-run application in Java you can use the Spring Boot Initializr tool.
-
Consuming and Testing third party API's using Spring Webclient
curl --location 'https://start.spring.io/starter.zip?type=maven-project&language=java&bootVersion=3.2.2&baseDir=ms-xcoffee&groupId=com.xcoffee&artifactId=ms-xcoffee&name=ms-xcoffee&description=Demo%20project%20for%20Spring%20Boot&packageName=com.xcoffee.ms-xcoffee&packaging=jar&javaVersion=21&dependencies=webflux%2Clombok%2Cvalidation' | tar -xzvf -
-
Spring boot and PostgreSQL in Docker Compose
In this segment we will create a basic Spring boot app from Spring Initializer. Add the below dependencies:
-
Spring Data MongoDB — CRUD, Aggregations, Views and Materialized Views
Add the following MongoDB dependencies in your pom.xml or use spring initializer and select the Spring Data MongoDB dependency:
- AWS SQS: Como publicar e consumir mensagens com Spring Cloud AWS
-
Java Microservices with Spring Boot and Spring Cloud
I created all of these applications using start.spring.io's REST API and HTTPie.
-
Run a java service serverless with ECS and Fargate
An easy way to create the skeleton project is to visit Spring Initializr, I set the Project to Gradle - Groovy, Language to Java, and add Spring Web dependency. Then it's just to generate the project and unpack it.
-
A Passwordless Future! Passkeys for Java Developers
Create a new Spring Boot application using the Spring Initializr. You can use the web version or the curl command below. Use the default for most of the options. For the dependencies, select web, and okta. For the build tool, select Gradle.
-
Spring Cloud Functions, Kafka | How to interact asynchronous
I will start with a simple example of a cloud function, which is the same as a rest endpoint in the classical spring boot web application. You can create a project from your favorite IDE or from Spring Initliazr.
What are some alternatives?
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
JHipster - JHipster, much like Spring initializr, is a generator to create a boilerplate backend application, but also with an integrated front end implementation in React, Vue or Angular. In their own words, it "Is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures."
Bouncy Castle - Bouncy Castle Java Distribution (Mirror)
Spring Boot - Spring Boot
Apache Shiro - Apache Shiro
Javet - Javet is Java + V8 (JAVa + V + EighT). It is an awesome way of embedding Node.js and V8 in Java.
jCasbin - An authorization library that supports access control models like ACL, RBAC, ABAC in Java
elastic-beanstalk-roadmap - AWS Elastic Beanstalk roadmap
Nimbus JOSE+JWT - JSON Web Token (JWT) implementation for Java with support for signatures (JWS), encryption (JWE) and web keys (JWK).
jhipster-sample-app - This is a sample application created with JHipster
jjwt - Java JWT: JSON Web Token for Java and Android
spring-petclinic - A sample Spring-based application