🚀 Exciting news! Introducing Grails Spring Security Core 6.0.0 🛡️. Elevate security, Grails 6 compatibility, seamless docs, and more! Upgrade now for a fortified development experience. #GrailsSecurity #UpgradeNow #Grails6 #SpringSecurity #GrailsFramework https://grails.org/blog/2023-08-25-introducing-grails-spring-security-core-6.html

In my current project(spring boot, java 17) i have to secure a rest-api so that only members of a certain active directory can use the endpoints. I have not used spring security or active directory / ldap before. We should i start my research? Are there any good tutorials on this? #java #spring #springboot #springsecurity #ldap #activedirectory

When exposing an application, consider a an #APIGateway to protect it from attacks. Rate Limiting comes to mind first, but it shouldn’t stop there. We can factor many features in the API Gateway and should be bold in moving them from our apps. In this post, I’ll show how to implement authentication at the Gateway API stage.

https://blog.frankel.ch/authentication-api-gateway/

#authentication #keycloack #SpringSecurity #SystemArchitecture

SecurityOnline: Spring Security fixes two high-severity flaws – CVE-2023-34034 & CVE-2023-34035 https://securityonline.info/spring-security-fixes-two-high-severity-flaws-cve-2023-34034-cve-2023-34035/ #CVE-2023-34034 #CVE-2023-34035 #SpringSecurity #Vulnerability

#StickySessions with @ApacheAPISIX - the demo https://blog.frankel.ch/sticky-sessions-apache-apisix/2/

#SessionAffinity #hazelcast #SpringSession #SpringSecurity

RT @therealdanvega@twitter.activitypub.actor

One of my favorite cheat codes for debugging Spring Security is one I learned from my friend @kehrlann@twitter.activitypub.actor and that is to turn on TRACE logging. You will have some real insight into what #SpringSecurity is doing in your #SpringBoot applications

🐦🔗: https://twitter.com/therealdanvega/status/1646867149766443008

Make your #security #policy auditable https://blog.frankel.ch/security-policy-auditable/

#SpringSecurity #OpenPolicyAgent #SoftwareArchitecture #SolutionArchitecture #ApacheAPISIX

Learn from @SimonMartinelli how to configure #Vaadin and #SpringSecurity to use #OAuth2 with #Keycloak on Foojay :foojay: Today!

https://foojay.io/today/vaadin-oauth2-and-keycloak/

#foojaytip

What a fantastic talk on #SpringSecurity by Daniel Garnier Moiroux (ok, already two months old, but 2.5 hours require some time) https://youtu.be/iJ2muJniikY

Voici ma première vidéo
Développons avec Simon - 1 - Configurer Microsoft Azure OIDC
https://www.foilen.com/fr/dev_simon/1/

Je montre comment ajouter et utiliser Microsoft Azure OIDC dans un projet #java #spring #springboot #springsecurity

@codesmell Managing transitive dependencies that I didn't know depend on old stuff was one challenge.

The biggest challenge was making build & runtime work, only to find that any request I did resulted in a 403. That was the start of a journey through an elusive filterchain into the depths of #SpringSecurity and how it's (not) set up in this particular case.

Just reading https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.0-Migration-Guide and https://github.com/spring-projects/spring-framework/wiki/Upgrading-to-Spring-Framework-6.x helped, but also https://docs.spring.io/spring-security/reference/5.8.0/migration/index.html and https://docs.spring.io/spring-security/reference/6.0.0/migration/index.html

RT @BrianVerm@twitter.com

Java developers, take note! A Spring Security vulnerability has been discovered. Upgrade to version 5.7.5 or beyond to protect against the authorization bypass. More info: https://buff.ly/3Fw5cW3 #java #cybersecurity #springsecurity

🐦🔗: https://twitter.com/BrianVerm/status/1605533672496668672

Spring Boot Security mit OAuth2 Tutorial
#springboot #springboot3 #springsecurity #softwareengineering #workshop
https://youtu.be/D4kKLW2_jcM

Prevent Cross-Site Scripting (XSS) in Spring Boot with Content-Security Policies (CSPs) - https://stackabuse.com/prevent-cross-site-scripting-xss-in-spring-boot-with-content-security-policies-csps/ #springsecurity #springboot #spring #java