jbspeakr.cc

Clean Code. Web. Security.

It’s Velothon-time in Berlin! For the 10th time in a row, the sportive cycling race will take place in my home-town Berlin. This year not just offering the classic 60 and 120km routes but also an all-new 180km course that incorporates both old-school tracks…

JSON Web Tokens or just JWTs (pron. [ˈdʒɒts]) are the new fancy kids around the block when it comes to transporting proofs of identity within an untrusted environment like the web. In this article, I will describe the true purpose of JWTs. I will compare classical, stateful authentication with modern,...

Often supporting open source software is just fixing one tiny thing you stumbled upon. However, getting ready and diving into even the smallest piece of source-code can lead to surprising results. I fixed a small HTTP header extractor for the Spring Security OAuth project recently. Here’s what happened.

Finally, I managed to come up with a name for my regular reading tips series which will feature both, latest info around recent events & incidents (especially when it comes to identity and security topics) as well as long running articles I strongly advice to read… it’s simply called Readme....

Self-contained JWTs can be used as one-time tokens. I’ll show when this makes sense & how to implement it.