Home » JWT

Tag Archives: JWT

Node.js JWT Implementation

Hello. In this tutorial, we will implement a Node.js JWT (JSON Web Token) to protect the application endpoints from unauthorized access. The Node.js framework is commonly used to create server-based applications which are further used to show the contents to the users. 1. Introduction JSON web tokens (or the JWT’s) is an Open RFC standard that defines a compact and ...

Read More »

Centralized Authorization with OAuth2 & JWT using Spring Boot 2

spring-interview-questions-answers

This guide walks through the process to create a centralized authentication and authorization server with Spring Boot 2, a demo resource server will also be provided. If you’re not familiar with OAuth2 I recommend this read. Pre-req JDK 1.8Text editor or your favorite IDEMaven 3.0+ Implementation Overview For this project we’ll be using Spring Security 5 through Spring Boot. If you’re familiar with ...

Read More »

Tutorial: Create and Verify JWTs in Java

“I love writing authentication and authorization code.” ~ No Java Developer Ever. Tired of building the same login screens over and over? Try the Okta API for hosted authentication, authorization, and multi-factor auth. Java support for JWT (JSON Web Tokens) used to require a lot of work: extensive customization, hours lost resolving dependencies, and pages of code just to assemble ...

Read More »

Simple Token Authentication for Java Apps

“I love writing authentication and authorization code.” ~ No Web Developer Ever. Tired of building the same login screens over and over? Try the Okta API for hosted authentication, authorization, and multi-factor auth. JSON Web Tokens have quickly become the standard for securing web applications, superseding older technologies like cookies and sessions. Used properly, they address a range of security ...

Read More »

Secret Rotation for JWT tokens

java-interview-questions-answers

When you are using JSON Web Token (JWT), or any other token technology that requires to sign or encrypt payload information, it is important to set an expiration date to the token, so if the token expires, you can either assume that this might be considered a security breach and you refuse any communication using this token, or you decide to ...

Read More »

Cloud Native Applications with JWT

java-interview-questions-answers

A native cloud application is an application that is developed for a cloud computing environment. There is no specific answer to the question ” what is a cloud-native application” but different concepts that must be met. One of the most important in my opinion is the ability to scale up and down at a rapid rate. And this means that our applications cannot ...

Read More »

OAuth2, JWT, Open-ID Connect and other confusing things

java-interview-questions-answers

Disclaimer If feel I have to start this post with an important disclaimer: don’t trust too much what I’m about to say. The reason why I say this is because we are discussing security. And when you talk about security anything other then 100% correct statements risks to expose you to some risk of any sort.  So, please, read this article ...

Read More »

Validating JWT with Spring Boot and Spring Security

spring-interview-questions-answers

For my current project I will have a REST API set up with Spring Boot (most likely running with BoxFuse). To be able to use the API endpoint the application will check that the incoming request has a valid JWT token provided earlier (by an API service that I trust). To implement this functionality I want to make use of ...

Read More »