Supercharge Java Authentication with JSON Web Tokens (JWTs) Getting ready to build, or struggling with, secure authentication in your Java application? Unsure of the benefits of using tokens (and specifically JSON web tokens), or how they should be deployed? I’m excited to answer these questions, and more, for you in… Continue Reading java-json-web-tokens-jjwt

Difference Between a Java Keystore and a Truststore 1. Overview In this quick article, we’ll provide an overview of the differences between a Java keystore and a Java truststore. 2. Concepts In most cases, we use a keystore and a truststore when our application needs to communicate over SSL/TLS. Usually,… Continue Reading java-keystore-truststore-difference

HTTPS using Self-Signed Certificate in Spring Boot 1. Overview In this tutorial, we’re going to illustrate step by step an example of enabling HTTPS in a Spring Boot application. We’ll generate a self-signed certificate and configure it in a sample app. For more details on Spring Boot projects, we can… Continue Reading spring-boot-https-self-signed-certificate

First Round of Improvements to the Reddit Application 1. Overview The Reddit web application Case Study is moving along nicely – and the small web application is shaping up and slowly becoming usable. In this installment, we’re going to be making small improvements to the existing functionality – some externally… Continue Reading reddit-web-app-improvements-1

The Java SecureRandom Class 1. Introduction In this short tutorial, we’ll learn about, a class that provides a cryptographically strong random number generator. 2. Comparison to java.util.Random Standard JDK implementations of java.util.Random use a Linear Congruential Generator (LCG) algorithm for providing random numbers. The problem with this algorithm is that it’s… Continue Reading java-secure-random