Aliyesha.com11h ago

EdDSA (Ed25519) JWT verification on Spring Boot 4 resource servers — the missing pieces I had to stitch together.

https://aliyesha.com/sub/articles/programming/display/pr_jwt_eddsa_spring_boot_4_resource_server_support

#Spring #SpringSecurity #SpringBoot #SpringBoot4 #Java #EdDSA #Ed25519 #Security

Enjoy tracker free reading with us. #privacy #privacymatters

EdDSA (Ed25519) JWT verification on Spring Boot 4 resource servers — the missing pieces I had to stitch together.

How to enable EdDSA/Ed25519 JWT verification on Spring Boot 4 resource servers by surgically patching Spring Security's three integration gaps using Boot 4's JwkSetUriJwtDecoderBuilderCustomizer hook.

Aliyesha
Aliyesha.com2d ago

EdDSA (Ed25519) JWT verification on Spring Boot 4 resource servers — the missing pieces I had to stitch together.

https://aliyesha.com/sub/articles/programming/display/pr_jwt_eddsa_spring_boot_4_resource_server_support

#Spring #SpringSecurity #SpringBoot #SpringBoot4 #Java #EdDSA #Ed25519 #Security

Enjoy tracker free reading with us. #privacy #privacymatters

EdDSA (Ed25519) JWT verification on Spring Boot 4 resource servers — the missing pieces I had to stitch together.

How to enable EdDSA/Ed25519 JWT verification on Spring Boot 4 resource servers by surgically patching Spring Security's three integration gaps using Boot 4's JwkSetUriJwtDecoderBuilderCustomizer hook.

Aliyesha
IAMDevBoxMar 2

Complete guide to configuring SAML SSO with Spring Security 6 — metadata-location setup, multi-IdP support, custom attribute mapping, and troubleshooting signature validation errors. Companion repo with Docker Compose and Keycloak included.

https://iamdevbox.com/posts/configuring-saml-login-with-spring-security/?utm_source=mastodon&utm_medium=social&utm_campaign=blog_post

#springsecurity #saml #sso #springboot #java

Configuring SAML Login with Spring Security: metadata-location and Relying Party Setup

Complete guide to configuring SAML login with Spring Security — including metadata-location setup, spring.security.saml2.relyingparty.registration configuration, certificate management, and troubleshooting common SAML errors.

IAMDevBox
IAMDevBoxFeb 28

Production-grade Keycloak + Spring Boot 3 OAuth2 resource server: JWT validation, realm role extraction, audience validation, multi-tenant support, and Testcontainers integration tests. Includes working companion repo.

https://iamdevbox.com/posts/keycloak-spring-boot-oauth2-integration-complete-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=blog_post

#Keycloak #SpringBoot #OAuth2 #SpringSecurity #Java

InfoQFeb 25

Check out what's new in the #Spring community 👉 https://bit.ly/4kZSJyw

The second milestone releases of: Spring Boot, Spring Security, Spring Integration, Spring Modulith and Spring AMQP; along with the first milestone releases of Spring Session, Spring for Apache Kafka and Spring LDAP.

#Java #SpringBoot #SpringData #SpringSecurity #SpringAMQP #ApacheKafka

Manuel Hernandez ZemljicJan 27

Ever wondered if you're handling passwords securely in Java? 🤔 I switched to char[] instead of String — it’s mutable, log-safe, and I can wipe it from memory after use. But here's the kicker: Spring Security still expects String in many places. 🔄

Is it worth using char[] despite the framework limits? What’s your go-to strategy for securing passwords in memory?

Full breakdown on my blog: https://manueltechlabs.com/posts/why-i-used-char%5B%5D-for-passwords-in-spring-security-and-what-i-learned/
#Java #SpringSecurity #Cybersecurity #DevCommunity

Part 2: Why I Chose char[] for Passwords — And What I Learned

I used char[] for passwords in my Spring app. Here’s why it’s not a magic bullet — and what actually matters for security.

Spring Boot Developer
InfoQJan 12

This #InfoQ article explores a solution for Registering & Authenticating users through a client-side JavaScript application using the #SpringSecurity infrastructure, access and refresh tokens.

🎯 The goal is to explain the process in greater detail through clear and easy-to-follow #FlowDiagrams.

👉 Read it here: https://bit.ly/3DWoKFX

#Java #Spring #InfoQ

InfoQJan 9

🔍 Explore the best of #Java in 2025!

We’ve handpicked our favorite #InfoQ articles to help you master the trends that defined last year and are already shaping 2026. These are the must-reads for every JVM developer:

➡️ Building a RAG Application with Spring Boot, Spring AI, MongoDB Atlas Vector Search, and OpenAI by Matteo Rossi
https://bit.ly/47KRUUX

➡️ Spring Security Configuration with Flow Diagrams by Alexandr Manunin
https://bit.ly/3DWoKFX

➡️ Infusing AI into Your Java applications by Don Bourne, Michal Broz, Laura Cowen, Daniel Oh, Kevin Dubois
https://bit.ly/4oNmLqH

➡️ Spring AI 1.0 Delivers Easy AI Systems and Services by Josh Long
https://bit.ly/4lTYBc3

➡️ Jakarta EE 11 Overview: Virtual Threads, Records, and the Future of Persistence by Otavio Santana
https://bit.ly/46Pj4tX

Stay informed. Stay inspired. And always #StayAhead of the curve! Knowledge is power! 💪

#SpringAI #SpringSecurity #AI #RAG #JakartaEE #SoftwareEngineering

Show threadultramagneticDec 1
There is also #SpringSecurity integration and #Actuator integration examples on the website. Really interested to hear feedback from #Spring developers.
JAVAPRONov 27

Wie bleibt #OAuth2 sicher nach dem Login? #XDEV SSE löst das per Auto-Revalidierung statt komplexem Backchannel-Logout – effizient, fail-safe, frontend-ready.

Mehr von Alexander Bierler: https://javapro.io/de/xdev-sse-verbesserung-der-spring-security-fuer-moderne-anwendungen/

@xdevsoftware #OpenSource #Vaadin @vaadin #JAVAPRO #SpringSecurity