Posts by Les Hazlewood

How We Migrated Our Backend to Spring Boot in 3 Weeks

Last week, we updated the core Stormpath product – our REST API – to Spring Boot. This is a major architectural upgrade for our codebase and it simplified application development and deployment for our whole team, for both software engineering and operations. And it was shockingly easy. This blog post will cover the entire migration, …

Java Web App Example: User Login with Servlet, JSP, and Stormpath

Update 5/12/2016: Watch Stormpath CTO Les Hazlewood’s presentation on REST + JSON API design best practices. We just released a major upgrade of our Java SDK, which now includes Java Webapp (Servlet 3.1+) support with a ton of user automation. Just drop our Servlet plugin into your Java web application and boom – instant user …

Build a Node API Client – Part 3: Queries, Caching and Authentication

Welcome to Part Three of our guide to Node.js REST clients. This third and final blogpost will wrap up the series with a look at topics like querying, caching, API authentication, and lessons learned the hard way. If you haven’t already, please start with Part One, the RESTful principles important for REST clients. Or skip …

Build a Node API Client – Part 2: Encapsulation, Resources, & Architecture

Welcome to Part Two of our series on Node.js Client Libraries. This post serves as our guide to REST client design and architecture. Be sure to check out Part One on Need-To-Know RESTful Concepts before reading on. Update: Stormpath now secures authentication to your API- without code! API Encapsulation Before sinking our teeth into resources …

Build a Node API Client – Part 1: REST Principles

If you want developers to love your API, focus the bulk of your efforts on designing a beautiful one. If you want to boost adoption of your API, consider a tool to make life easier on your users: client libraries. Specifically, Node.js client libraries. This series will cover our playbook for building a stable, useful …

MultiTenant User Management- the Easy Way

Building a multi-tenant SaaS isn’t easy, but in a world where your customers expect on-demand services and your engineering team wants a central codebase, multitenancy offers tremendous value.  The hardest part is user management. Multi-tenant applications come with special user considerations: How will tenants be represented in the data model? How will users be created? …

Stormpath + Apache Shiro = Love

Apache Shiro is the biggest and fastest growing security framework for Java. From the smallest mobile applications to the largest web and enterprise applications, Shiro powers all kinds of JVM-based applications. Organizations large and small rely on Apache Shiro for complete application security–from cutting edge startups MuleSoft and Sonatype to Fortune 100s like NYSE and …

Apache Shiro Stormpath Integration!

Stormpath is pleased to announce a formal integration with Apache Shiro, a leading Java security framework with over 200,000 downloads. This integration allows an Apache Shiro-enabled application to use the Stormpath cloud Identity Management service for all authentication and access control needs. Shiro has been growing exponentially in 2012 and we are excited to provide a …

Top Six Reasons to Use API Keys (and How!)

Update 5/12/2016: Stormpath now secures authentication to your API- without code! Also, we have some awesome new resources for API developers building user management: Easy API Key Management with Node.js PHP API Authentication is a PITA! The Fundamentals of REST API Design (a presentation by Stormpath CTO Les Hazlewood)   While working on the redesign …

Yahoo! Hacked; How to Secure Passwords from SQL Injections

Wow, first LinkedIn, and now Yahoo!. Yahoo! News has reported that its own service has been hacked, resulting in 450,000 compromised passwords.  The attack was an SQL Injection Attack, much like the same attack that compromised over 1 million Sony Pictures accounts.