Apache Shiro is a Java security framework that can perform authentication, authorization, session management, along with a host of other features for building secure applications. In this tutorial, you will build a simple Java REST application using JAX-RS. JAX-RS, like many Java APIs, is a set of interfaces, and you will need to pick an implementation

Many of us are not familiar with vulnerability reporting and how it is different from reporting a regular bug. Frequently, I’ve seen people report vulnerabilities or potential security issues incorrectly. A public bug tracker or Stack Overflow is NOT the right tool; developers need to handle vulnerabilities differently and should not disclose them until the project/vendor fixes them.

PASETO is the latest trend in security token formats. Its primary goal is to reduce the problems the JSON Web Token (JWT) related specifications introduce. In this post, I’ll give you a brief introduction to PASETO tokens and then jump into an example that creates and parses tokens using in Java using JPaseto.

Curious to know best practices for securing your Spring Boot applications? This webinar provides 10 excellent ways to secure your Spring Boot apps with Spring Security and other techniques.

This screencast walks you through building a secure Spring Boot application in two commands using the Spring Initalizr and the Okta Maven Plugin on the command line!