Simple permission handling in AngularJS

Despite of a simple authentication, a lot of applications have a concept of authorisation. An user is not only logged-in, but has a set of roles which allow him to perform certain actions or see certain views. For example an user with the role ADMIN will probably be able to do more things as an […]

Login by captcha and authenticate with JSON Web Token

We use a login to secure our application and restrict its access to a certain group of users. But what if everybody should be allowed to use our application if he can prove he’s human? Well, we would use a captcha. The following example shows how we can use Google’s ReCaptcha for an anonymous login […]

Expression based security with Spring Security

Many web apps have a very simple security concept based on user roles. You might have some admin, some common users and maybe some more roles like a moderator or a super-user. Such a role concept can be easily implemented with Spring Security. For example, you could secure your app based on routes which are […]

A mocked Spring security configuration for testing

Spring security is great! It gives you the possibility to secure your app and to create a login with a few simple lines of code. However, it could also become annoying during development, when you have to log yourself in again and again. So why not create a mocked Spring authentication for development and testing? […]

A Windows SSO (for Java on client and server)

A couple of months ago I worked on a single sign-on (SSO) for a Windows client and server made in Java. The scenario was the following: A client made with Java running on Windows A server made with Java running on Windows Both where logged-in to the same domain (an Active Directory LDAP) The question […]