Multi Factor Authentication

Multi factor authentication has become ubiquitous in web applications. If you work in financial services it’s even a legal requirement in some states. For most of us working professionals I believe we all agree enhanced security for our customers is a good thing. While we have already tackled broader approaches, such as encryption and server hardening, we also want to cover more fine grained approaches that affect an individual’s experience.… Read more

Account Verification

Once a user signs up for service on our site we want to make sure we have some type of verification system in place to help ensure they are a real user. Quite often this is done by sending out an email with an account verification link which allows a prospective user to finalize their account creation.… Read more

Authentication and Authorization

We’ve all most likely seen they boiler plate code for managing users in Spring. This post really won’t be that much different so feel free to skip this if you are already familiar. We will be building off of this code so if a subsequent post throws you for a loop please come back here.… Read more

Mutual TLS using SpringBoot

Moving from a legacy in-house framework to an open standard like SpringBoot has been extremely satisfying. However, being part of a large organization sometimes one doesn’t get the exposure to how things are done, case in point mTLS. Another group is responsible for the solution that’s used by others and exposed through a common library.… Read more