Category: Java

Tutorial: Get Started with Angular, Spring Boot, and Stormpath

Last fall, I wrote about how to get started with AngularJS, Spring Boot, and Stormpath. Since then, AngularJS has become a legacy technology, verified by ThoughWorks Radar and their “hold” recommendation in November 2016. This article shows how to get started with the latest release of Angular, and how to add authentication to it, a …

4 Challenges to Building Multi-factor Authentication

Multi-factor authentication is the most reliable way to ensure the security of your users PII (personally identifiable information), and with Stormpath it’s easier than ever to implement in your application! Why is MFA super-secure? It’s simple: While a user may have a lousy password, additional factors are inherently immutable. Some common second factors of authentication …

Secure Your Spring Boot App with Stormpath & start.spring.io in 5 Minutes

Have you ever wanted to write a Spring Boot application but are not sure where to start? Spring Initializr makes it easy to get up and running in minutes by generating a fully functional Spring Boot project that includes dependencies and tests. A web version is hosted at https://start.spring.io. From here, you can search for …

Protecting JAX-RS Resources with RBAC and Apache Shiro

Security is probably the most important thing for your application, but it doesn’t have to be the hardest thing. Today I’ll show you how to use Shiro’s wildcard permissions to enable fine grained Role-Based Access Control (RBAC) which makes granting user permissions trivial (a single line). This will also make your application’s security policy more …

JAX-RS vs Spring for REST Endpoints

REST endpoints are used just about everywhere you need to decouple your web service and client. Many developers have used Spring or JAX-RS for this purpose. Some have used one but not the other, in this post I’ll go over the the differences between the two using basically the same code. In future posts I’ll …

Angular and Microservices at The Rich Web Experience 2016

As a Developer Evangelist at Stormpath, I’m tasked with developing our integrations, as well as showing developers how to use them. I do this through blog posts and speaking at conferences/meetups. It’s been a great ride so far and I’ve really enjoyed creating our JHipster integration and our initial Angular 2 support. I’ve been speaking …

Tutorial: Establish Trust Between Microservices with JWT and Spring Boot

If you’ve never heard of JWTs (JSON Web Tokens), well then you didn’t read my last post on CSRF Protection with JWTs. To briefly recap: JWTs can be used wherever you need a stand-in to represent a “user” of some kind (in quotes, because the user could be another microservice). And, they’re used where you …

Tutorial: Build a Spring Boot Application with React and User Authentication

Previously you created a CRUD application using Spring Boot, React and Stormpath where React handled the data view and the Stormpath Spring Boot Starter set up the login and registration pages. Now you’ll see how to use Stormpath’s React SDK to create login and signup pages manually so that every view on your site is …

Tips and Tricks for AngularJS and Spring Boot with Stormpath

In October, I showed you how to integrate AngularJS, Spring Boot, and Stormpath. As part of that tutorial, I demonstrated how to use our AngularJS SDK to create registration, login and forgot password screen. I also showed how to configure Spring Boot to allow cross-domain requests. Today, I’ll show you how to 1) restrict access …

String Interpolation with Apache Shiro

I am happy to announce the the 0.8.0-RC1 release of our Stormpath-Shiro integration. This release builds on top of the recent Apache Shiro 1.4.0-RC2 release. The 1.4.0 Apache Shiro release adds a handful of great features: More modular: new config, crypto and lang were modules split out from shiro-core New Spring Boot modules added (no …