gRPC builds on HTTP/2’s long-lived connections which provides a foundation for long-lived, real-time communication streams
and allows gRPC to support multiple communication patterns, one of which is server streaming RPC.
One use case for server streaming RPC could be to implement long-lived streaming of events or notifications from the server to interested clients,
and in this tutorial, we are going to look at how to implement this with gRPC Java using observer pattern.
We may run into the need to inject Spring Beans into JPA entities or some other unmanaged objects,
which could be an indication that we need to rethink our architecture, but sometimes this cannot be avoided.
It is possible to do this using @Configurable annotation,
but for this to work, the annotated types must be woven with the AspectJ weaver.
In this tutorial, we are going to look at an alternative way to access Spring-managed components from unmanaged objects that is arguably better than injection.
The Saga pattern is a way to maintain data consistency in distributed systems by sacrificing atomicity and relying on eventual consistency.
A saga is a sequence of transactions that update each service, and if at some stage it fails, it performs compensating transactions that counteract the previous stages.
There are two common saga implementation approaches - choreography and orchestration.
In this tutorial, we are going to look at how to implement orchestration-based saga using Cadence Workflow.
While OAuth2 and OIDC have become the de-facto standard for authentication and are very popular,
existing authorization standards (e.g. XACML, UMA) are difficult to implement and even use,
so developers continue to roll their own solutions, which is time-consuming and increases maintenance costs.
In this tutorial, we are going to look at how to simplify authorization by externalizing access control decisions using Open Policy Agent and Spring Security.
Spring Security OAuth is deprecated, and many of us wonder what to use as an alternative.
Security fixes for the deprecated project will be supported until May 2022,
so we have time to wait for the recently announced Spring Authorization Server,
or we can migrate to one of the plenty of authorization servers available today.
In this tutorial, we are going to look at how to migrate from Spring Security OAuth to Keycloak.
RFC 7636: Proof Key for Code Exchange (PKCE, pronounced “pixy”) describes an extension to the Authorization Code flow to protect public clients from authorization code interception attack.
In this tutorial, we are going to look at how to implement this extension in an OAuth 2.0 authorization server built using Spring Security OAuth, which does not support it out of the box.
