Archive

Category Archives for "Multi-part series"

Multi-part series

GDPR compliant forget-me app with Spring Integration (Part 3): Conditional configuration with Spring Boot 2

In the previous part I explained one of the messages flows in detail from the point of view of implementing in- and outbound messaging with Spring Integration’s AMQP support. I briefly mentioned that data handler adapters are loaded dynamically and they’re plugged into the message flow. In this third part, we’ll explore one of those technical challenges in detail that the application’s modular design raise and how it can be tackled by using Spring Boot 2’s new property Binder API.

Continue reading

GDPR compliant forget-me app with Spring Integration (Part 2): In and outbound messaging

This second part focuses on how to use Java DSL for defining in- and outbound messaging with Spring Integration’s AMQP support. Java DSL is now (as of version 5) part of Spring Integration‘s core project and doesn’t have be included as a separate dependency. Altought sending and receiving messages to RabbitMQ doesn’t necessarily appear to be complicated at a first glance, there are pitfalls you might run into.

Continue reading

GDPR compliant forget-me app with Spring Integration (Part 1): Requirements

In preparation for the enforcement of GDPR which becomes final on the 25th of May 2018, I’m creating a simple, open source forget-me app for springuni.com in compliance with Art. 17 GDPR (‘right to be forgotten’). In the first phrase I’d like to support a simple forget-me process driven by the Scatter-Gather messaging pattern using Spring Integration and RabbitMQ, although I’ve got a tons of ideas about making a generally usable, granular and flexible consent management app for fellow bloggers. Before going into coding the app instantly, in this article I just setting the initial requirements for myself and for starting a discussion if someone else is interested in having their own forget-me app.

Continue reading

Building a user management microservice (Part 7): Putting it together

During writing the last six parts of this article series a lot has happened. From absolutely zero the building blocks of a user management application had been developed. In this last article, I’d like to show you how to assemble the pieces in order to get the app working. Some functionalities are still missing and I’m still working on the first release to make make it feature complete, but the very basics are available now.

Continue reading

Building a user management microservice (Part 6): Adding remember me authentication with persistent JWT tokens

Last time I added username and password based authentication with using Spring Security. Should you have missed the that, I notice here that JWT tokens were issued upon a successful login and validated for subsequent requests. Creating long-lived JWTs isn’t practical, as they’re self contained and there’s no way to revoke them. If tokens are stolen all bets are off. For that reason, I wanted to add the classic remember-me style authentication with persistent tokens. Remember-me tokens are stored in cookies as JWTs as the first line of defense, however they are also persisted to the database and their lifecycle is being tracked.

Continue reading

Building a user management microservice (Part 5): Implementing authentication with JWT tokens and Spring Security

So far the business logic, data access layer and the front controllers had been build, however enforcing authentication was completely missing. As Spring Security became the de-facto standard when is comes to building authentication and authorization into a Java web application, I’ll be using that. In this fifth part I show you how Spring Security can be used with JWT tokens, another technology gaining traction nowadays.

Continue reading

Building a user management microservice (Part 2): Implementing the domain model

In my previous post I defined the requirements of a user management microservice and designed the initial domain model of it. Getting lots of positive energy from the community and many valuable comments on Reddit ensured me, that it’s worth going on with the project. In this second part, I’ll detail how the domain model got implemented and what decisions were made behind the code.

Continue reading