Java, Spring Boot, Microservices, Cloud and DevOps Tutorials
In the previous article, we have created messages-webapp and secured it with Spring Security OAuth 2.0 using Authorization Code Flow. In this article, we will create messages-service, which is a Spring Boot Resource Server, and secure it with Spring Security OAuth 2.0.
In this article, we will create messages-webapp which is a Spring MVC + Thymeleaf web application and secure it with Spring Security OAuth 2.0 using Keycloak.
In the previous articles, we have learned about various OAuth 2.0 / OpenID Connect flows using web browser, cURL and Postman. Now it’s time to put what we have learned into practice. What better way to do that than to build a sample project?
In the Part 4: OAuth 2.0 Authorization Code Flow with PKCE, we learned how to acquire access_token using Authorization Code Flow with PKCE.
In this article, we will explore how to use Implicit Flow and Resource Owner Password Credentials Flow.
In the Part 3: OAuth 2.0 Client Credentials Flow, we learned how to acquire access_token using Client Credentials Flow. In this article, we will explore how to use Authorization Code Flow with PKCE.
In the Part 2: OAuth 2.0 Authorization Code Flow, we learned how to authenticate a user using Authorization Code Flow.
In this article, we will explore how to use Client Credentials Flow that is typically used for Service-to-Service communication without any user (Resource Owner) context.
In the Part 1: Getting familiar with OAuth 2 concepts, we learned how to set up Keycloak, created a realm, a client with Standard flow enabled and a user. In this Part 2, you will learn how to authenticate a user using Authorization Code Flow.
Security is a complex topic to understand in-depth. In addition to that, implementing security for complex microservices based systems using OAuth 2.0 and OpenID Connect specs is even harder. Frameworks and libraries, like Spring Security, help to reduce the complexity, but still there is a steep learning curve to understand how to properly implement security.
Spring framework 6.1 introduced a new JdbcClient API, which is a wrapper on top of JdbcTemplate, for performing database operations using a fluent API.
Spring Boot 3.2 includes Spring framework 6.1, so let’s take a quick look at how we can use JdbcClient to implement various database operations in a simplified manner.
In this Spring Boot REST API Best Practices series, we have learned how to implement CRUD operations so far. In this Part-4, we will explore how to implement exception handling for our APIs.