Microservices for the Masses with Spring Boot, JHipster, and JWT - Devoxx UK 2017

Matt Raible presented 11 security patterns for microservice architectures: 1) be secure by design, 2) scan dependencies, 3) use HTTPS everywhere, 4) use access and identity tokens, 5) encrypt and protect secrets, 6) verify security with delivery pipelines, 7) slow down attackers, 8) use Docker rootless mode, 9) use time-based security, 10) scan Docker and Kubernetes configurations for vulnerabilities, and 11) know your cloud and cluster security. He discussed each pattern in detail and provided examples and recommendations for implementation.

This tutorial is about Spring Boot. The tutorial includes an introduction to Spring Boot, key features of Spring Boot, prototyping using CLI, managing profiles aka environment in Grails, using GORM and using GSP. The tutorial begins with a section which is an introduction to Spring Boot. It includes an introduction to Spring Boot, the benefits of using Spring Boot. Following is a features section which includes the key features of Spring Boot like embedded servers, security, metrics etc. Next is a section about prototyping. It includes prototyping using CLI, getting started, the things that happen during prototyping, starter POMs and a demo, building Gradle, using plugin and adding dependencies, and hot reloading. Consecutively there is a section about managing profiles. It includes managing profiles aka managing environment in Grails like binding properties and its examples, using spring data to add dependency. Moreover, there's also a section which includes using GORM for next level persistence and also includes server side view template libraries like JSP, velocity, tiles, GSP etc. The last section of this tutorial is about GSP. It includes using GSP with Spring Boot as it has limited tags, adds dependency and helps in packaging executable JAR and WAR files.

To simplify development and deployment, you want everything in the same artifact, so you put your React app “inside” your Spring Boot app, right? But what if you could create your React app as a standalone app and make cross-origin requests to your API? A client app that can point to any server makes it easy to test your current client code against other servers (e.g. test, staging, production). This session shows how to develop with Java 8, Spring Boot, React, and TypeScript. You’ll learn how to create REST endpoints with Spring MVC, configure Spring Boot to allow CORS, and create an React app to display its data. If time allows we’ll cover authentication with OpenID Connect and deployment to Cloud Foundry. Blog post: https://developer.okta.com/blog/2017/12/06/bootiful-development-with-spring-boot-and-react Demo app: https://github.com/oktadeveloper/spring-boot-react-example

Intro to Spring Boot and Angular presentation from JHipster 4 Workshop on Connect.Tech 2017. To simplify development and deployment, you want everything in the same artifact, so you put on your Angular app "inside" and your Spring Boot app, right? But what if you could create your Angular app as a standalone app and make cross-origin requests to your API? This session shows how to develop with Java 8, Spring Boot, Angular 4, and TypeScript. You'll learn how to create REST endpoints with Spring MVC, Spring Data REST, configure Spring Boot to allow CORS, and create an Angular app to display its data.

To simplify development and deployment, you want everything in the same artifact, so you put your React app “inside” your Spring Boot app, right? But what if you could create your React app as a standalone app and make cross-origin requests to your API? A client app that can point to any server makes it easy to test your current client code against other servers (e.g. test, staging, production). This session shows how to develop with Java 8, Spring Boot, React, and TypeScript. You’ll learn how to create REST endpoints with Spring MVC, configure Spring Boot to allow CORS, and create an React app to display its data. If time allows we’ll cover authentication with OpenID Connect and deployment to Cloud Foundry. Blog post: https://developer.okta.com/blog/2017/12/06/bootiful-development-with-spring-boot-and-react Demo app: https://github.com/oktadeveloper/spring-boot-react-example

To simplify development and deployment, you want everything in the same artifact, so you put your React app “inside” your Spring Boot app, right? But what if you could create your React app as a standalone app and make cross-origin requests to your API? A client app that can point to any server makes it easy to test your current client code against other servers (e.g. test, staging, production). This session shows how to develop with Java 8, Spring Boot, React, and TypeScript. You’ll learn how to create REST endpoints with Spring MVC, configure Spring Boot to allow CORS, and create a React app to display its data. If time allows we’ll cover authentication with OpenID Connect and deployment to Cloud Foundry. Blog: https://developer.okta.com/blog/2017/12/06/bootiful-development-with-spring-boot-and-react YouTube: https://youtu.be/P6rwKHnXUJI

Building a modern web application requires a lot of tools, frameworks, and techniques. This session shows how JHipster unites popular frameworks such as Angular, Spring Boot, and Bootstrap. Learn how Yeoman, a scaffolding tool for modern web apps, works with JHipster to generate a project that uses Java 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Webpack, WebSockets, and BrowserSync. It also supports a number of different authentication mechanisms, including classic session-based auth, OAuth 2.0, and JWT-based authentication. For production deployments, JHipster includes out-of-the-box support for AWS, Cloud Foundry, Heroku, Docker, and Kubernetes.

Tips and criteria for selecting a web presentation framework. The focus is on Java-based frameworks, but the criteria are valid for any platform. From a panel discussion at the Seattle Java User Group (SeaJUG)

During this presentation, I demonstrate how to implement authentication in your Java web applications using good ol' Java EE Container Managed Authentication, Spring Security and Apache Shiro. You'll also learn how to secure your REST API with OAuth and lock it down with SSL. After learning how to develop authentication, I'll introduce you to pentest your app, as well as OWASP, the OWASP Top 10, its Testing Guide and its Code Review Guide. Much of this talk is contained in demos and tutorials, which are available on my blog at http://raibledesigns.com/rd/tags/security and http://youtube.com/mraible.

Spring Boot is a framework that simplifies building standalone applications and provides tools to automate configuration and add features like embedded servers. It aims to reduce the amount of configuration and code needed to build an application. Spring Boot can help developers build applications faster and with less code. It provides defaults and auto-configuration that allow applications to get started quickly without needing to define extensive configuration files or annotations.

In this session, I show how to build a Progressive Web App (PWA) AND a mobile app using Ionic, Angular and JHipster. PWAs are being hyped as the next big thing in mobile development. This talk describes the trials and tribulations of developing the Ionic Module for JHipster. It will show how you can easily generate Ionic UIs and describe the pain points of working with Node and Yeoman to develop this module. My Dev Story about Ionic for JHipster on YouTube: https://www.youtube.com/watch?v=B7TjR_rJVeU

A micro frontend architecture is an approach to developing web applications as a composition of small frontend apps. Instead of writing a large monolith frontend application, the application can be broken down into domain-specific micro frontends, which are self-contained and can be developed and deployed independently. Each micro frontend can be owned by verticalised domain specific teams. Micro frontends do have advantages and disadvantages and they are not suitable in many cases. When micro frontends is a potential solution, make sure to use a domain driven top-down approach, with no big design upfronts. Keep it simple! Frontend Developer Love Amsterdam - 30 January 2018

AppFuse is an open source project/application that uses best-of-breed Java open source tools to help you develop web applications quickly and efficiently. Not only does it provide documentation on how to develop light-weight POJO-based applications, it includes features that many applications need out-of-the-box: authentication and authorization, remember me, password hint, skinnability, file upload, Ajax libraries, signup and SSL switching. This is one of the main features in AppFuse that separates it from the other "CRUD Generation" frameworks like Ruby on Rails, Trails and Grails. AppFuse is already an application when you start using it, which means code examples are already in your project. Furthermore, because features already exist, the amount of boiler-plate code that most projects need will be eliminated. In this session, you will learn Seven Simple Reasons to Use AppFuse. If you don't use it to start your own projects, hopefully you will see that it provides much of the boiler-plate code that can be used in Java-based web applications. Since it's Apache Licensed, you're more than welcome to copy/paste any code from it into your own applications. Also see article published at: http://www.ibm.com/developerworks/java/library/j-appfuse/index.html

Are you a backend developer that’s being pushed into front-end development? Are you frustrated with all JavaScript frameworks and build tools you have to learn to be a good UI developer? If so, this session is for you! We’ll explore the tools for frontend development and frameworks too! Streamed live at 8pm MST on Oct 25, 2017! https://virtualjug.com/vjug24/

You've figured out how to split up your backend services into microservices and scale your teams to the moon! But what about the front-end? Are you still building monoliths for your UI? This session will talk about the history of web frameworks, the microservices explosion, and techniques + frameworks for complementing your microservices with micro frontends. It'll include developer stories from folks implementing micro frontends and recommendations for learning more about them.

Overview of Spring Boot for the rapid development of Java Applications and Microservices. More information can be found at : https://www.spiraltrain.nl/course-spring-boot-development/?lang=en

Remember the choose your own adventure books that you used to read as a kid? This session is a reincarnation of a choose your own adventure book as a conference talk! You'll learn about Spring Boot, Docker, and Kubernetes in this talk, along with the choices you make in the following areas: * What kind of application architecture to build? Monolith or microservices? * Would you like to use Java or Kotlin? * MySQL, PostgreSQL, or MongoDB? * Spring MVC or Spring WebFlux? * Angular, React, or Vue.js? * PWA or mobile app? * Istio with Kubernetes or Kubernetes without Istio? GitHub repos of demos: * Monolith: https://github.com/mraible/healthy-hipster * Microservices: https://github.com/mraible/ujug-microservices

Microservices are all the rage and being deployed by many Java Hipsters. If you’re working with a large team that needs different release cycles for product components, microservices can be a blessing. If you’re working at your VW Restoration Shop and running its online store with your own software, having five services to manage and deploy can be a real pain. Share your knowledge and experience about microservices in this informative and code-heavy talk. We’ll use JHipster (a Yeoman generator) to create Angular + Spring Boot apps on separate instances with a unified front-end. I’ll also show you options for securing your API gateway and individual applications using JWT. Heroku, Kubernetes, Docker, ELK, Spring Cloud, Okta; there will be plenty of interesting demos to see!

Microservices are all the rage and being deployed by many Java Hipsters. If you’re working on a large team that needs different release cycles for product components, microservices can be a blessing. If you’re working at your VW Restoration Shop and running its online store with your own software, having five services to manage and deploy can be a real pain. Share your knowledge and experience about microservices in this informative and code-heavy talk. We’ll use JHipster (a Yeoman generator) to create Angular + Spring Boot apps on separate instances with a unified front-end. I’ll also show you options for securing your API gateway and individual applications using JWT. Heroku, Kubernetes, Docker, ELK, Spring Cloud, Stormpath; there will be plenty of interesting demos to see!

The document discusses the history and evolution of DevOps practices over time, from concepts like daily builds in the 1990s to more recent approaches like infrastructure as code and serverless architectures. It provides an overview of key figures and texts that helped establish ideas like continuous integration, continuous delivery, and site reliability engineering. The document also shares the author's perspective on what commercial security tools have been developed for DevOps workflows and mentions some open source collaboration and automation tools.

This document discusses the use of stateful mock servers to test REST APIs in microservices architectures. It describes some challenges with testing complex microservices ecosystems, including long test times due to dependencies. Stateful mock servers are proposed as a solution by replacing real dependencies with fake implementations that can be controlled during tests. Examples of different faking techniques like client fakes, proxies, and fake servers are provided. The document emphasizes generating mock server code to reduce development time and easily support contract and integration tests.

Microservices are being deployed by many Java Hipsters. If you're working with a large team that needs different release cycles for product components, microservices can be a blessing. If you're working at your VW Restoration Shop and running its online store with your own software, having five services to manage and deploy can be a real pain. This presentation will show you how to use JHipster to create Angular + Spring Boot apps with a unified front-end. You will leave with the know-how to create your own excellent apps! Blog post: https://developer.okta.com/blog/2018/03/01/develop-microservices-jhipster-oauth Source code: https://github.com/oktadeveloper/okta-jhipster-microservices-oauth-example Download the JHipster Mini-Book v5.0 for free from InfoQ! https://www.infoq.com/minibooks/jhipster-mini-book-5

“Serverless” can be defined as a couple simple things: 1 - It’s a programming model for structuring applications as functions and events (basically a manifestation of microservices). 2 - It’s a cloud business model, where use is billed by the function call instead of by the provisioned server, so apps only pay when they run and for how long they run, eliminating over-provisioning and typically reducing costs. In this talk, we’ll cover the what, why and how of serverless, and learn more about it through running code. Throughout the session, we’ll focus on how the serverless model is being leveraged in the real world - not just toy functions and demos. Legacy enterprise apps - which are typically monolithic, written by large teams of Java and .Net devs, and resembling a bit of a mud ball - are being shaved down to take advantage of serverless, and we’ll be sharing some early results from those efforts. We'll discuss examples of how Fortune 50 companies are building their serverless projects on the Kubernetes and Mesos clouds they have already deployed. Le terme “Serverless” a plusieurs significations: 1 - un modèle de programmation pour structurer les applications en tant que fonctions et événements (essentiellement une manifestation de microservices); et 2 - Il s'agit d'un modèle d'entreprise Cloud, où l'utilisation est facturée par l'appel de fonction plutôt que par le serveur provisionné, de sorte que les applications ne paient que lorsqu'elles fonctionnent et pour combien de temps elles courent, éliminant le sur-provisionnement et réduisant les coûts associés. Dans ce discours, nous allons couvrir le quoi, le pourquoi et comment de Serverless, et en savoir plus à ce sujet en exécutant le code. Nous nous concentrerons sur la façon dont le modèle Serverless est utilisé dans le monde réel - pas seulement les fonctions et démos. Les applications d'entreprise héritées - qui sont généralement monolithiques, écrites par de grandes équipes de développeurs Java et .Net et ressemblant à un peu une grande boule de boue - sont rasées pour profiter de Serverless, et nous partagerons des résultats préliminaires de ces efforts.

You've figured out how to split up your backend services into microservices and scale your teams to the moon, right? But what about the frontend? Are you still building monoliths for your UI? If so, you might want to check out micro frontends—basically extensions to the microservices pattern, where the concept is extended to the frontend. Find out how to package and deploy your microservices and their UIs in the same artifact, as well as make it possible to test and develop them independently. In this live session, Matt will show you how to build a microservices and micro frontends architecture using Angular, Spring Boot, and Spring Cloud. Related blog post: https://auth0.com/blog/micro-frontends-for-java-microservices GitHub repo: https://github.com/oktadev/auth0-micro-frontends-jhipster-example

Erik Costlow, Product Evangelist at Contrast Security, was Oracle's principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.

Presented by Erik Costlow, Contrast Security, at DevSecOps 101: Containers, Clouds, and Apps in Boston on May 16th, 2019.

RightScale Webinar: Cloud is the most nebulous and abused term in information technology today. It describes multiple, disparate service models and has been retroactively applied to countless legacy technologies in attempts to keep them current. In this webinar, we'll discuss the cloud technology landscape and where RightScale fits in to drive agility, cost, and time savings above cloud infrastructure. RightScale has been investing heavily for the past four years to make cloud infrastructure easy to leverage. This webinar will clarify elements that are straightforward, what continues to be difficult, and the impact on your schedule and budget.

This document summarizes a presentation on monitoring microservices with Spring Boot. It discusses evolving architectures from monolithic to microservices and challenges in microservices. It then covers different monitoring techniques like metrics, tracing and logging. It provides an overview of tools like Prometheus, Grafana, Spring Boot Admin, Eureka and Consul for monitoring microservices. Finally, it outlines hands-on labs to set up monitoring of a sample application with different tool combinations.

마이크로서비스 아키텍쳐에서의 분산된 서비스간의 모니터링 방법을 소개합니다. - Microservice Monitoring with Service Discovery (Eureka) Spring Boot Admin - Microservice Monitoring with Service Discovery (Consul), Prometheus, Grafana

The document discusses micro frontends for Java microservices. It provides an overview of microservices and frameworks like Spring and JHipster that can be used to develop microservices in Java. It then introduces the concept of micro frontends as an architecture for microservice applications and demonstrates how to build a sample application with micro frontends using JHipster. It also covers securing microservices with OAuth 2.1 and shows a live demo of creating and running microservice applications with JHipster.

This document introduces Spring Boot for beginners. It provides an overview of what Spring framework is, why it is used, how it works with layered architecture, and how it started as an IoC container. It also lists some of Spring's core modules and what topics will be covered, such as creating Spring Boot projects and REST services, integrating data persistence, security, and deploying to AWS. The document encourages readers to get started by creating their first Spring Boot application in the next video.

You've figured out how to split up your backend services into microservices and scale your teams to the moon, right? But what about the frontend? Are you still building monoliths for your UI? If so, you might want to check out micro frontends—basically extensions to the microservices pattern, where the concept is extended to the frontend. Find out how to package and deploy your microservices and their UIs in the same artifact, as well as make it possible to test and develop them independently. In this live session, Matt will show you how to build a microservices and micro frontends architecture using Angular, Spring Boot, and Spring Cloud. Related blog post: https://auth0.com/blog/micro-frontends-for-java-microservices GitHub repo: https://github.com/oktadev/auth0-micro-frontends-jhipster-example

Microservices are being deployed by many Java Hipsters. If you're working with a large team that needs different release cycles for product components, microservices can be a blessing. If you're working at your VW Restoration Shop and running its online store with your own software, having five services to manage and deploy can be a real pain. This presentation will show you how to use JHipster to create Angular + Spring Boot apps with a unified front-end. You will leave with the know-how to create your own excellent apps! Bonus: I'll show you how to use Ionic for JHipster to create native applications on mobile. It's pretty darn slick! Blog posts: * https://developer.okta.com/blog/2018/03/01/develop-microservices-jhipster-oauth * https://developer.okta.com/blog/2018/01/30/jhipster-ionic-with-oidc-authentication GitHub: https://github.com/oktadeveloper/okta-jhipster-microservices-oauth-example Download the JHipster Mini-Book v5.0 for free from InfoQ! https://www.infoq.com/minibooks/jhipster-mini-book-5 You can also watch my JHipster Microservices course on Pluralsight. https://www.pluralsight.com/courses/play-by-play-developing-microservices-mobile-apps-jhipster