Search fresh public links, source activity, and post angles for Spring Security.
Fresh curated links around Spring Security are collected here so marketers can spot useful updates and turn timely ideas into posts faster.
Recent items include:
Recent curated links from global sources. Generate one free draft from any story, then use SocialBu to schedule and refine your content calendar.
Spring Security 7 introduces built-in support for multi-factor authentication, allowing developers to enforce multiple authentication steps using the existing authorization model....
If you just want to see how the authentication looks like in Spring Boot, this blog is for you. Basic Authentication Create any controller which you want to secure....
Multi-Factor Authentication (MFA) is a security mechanism that requires users to verify their identity using multiple authentication methods before gaining access to an application...
Learn how the HTTP Basic Authentication works and how to extract credentials from a HTTP request in a Spring-based application. The post Getting HTTP Basic Authentication from Htt...
A critical vulnerability, tracked as CVE-2026-22752, has been disclosed in Spring Security Authorization Server, affecting organizations running Dynamic Client Registration endpoin...
In this article, I will discuss a highly available solution developed using Spring Boot 3 and Spring Security 6 to address the "centralized authentication method" problem frequentl...
There was a flurry of activity in the Spring ecosystem during the week of April 20th, 2026, highlighting the first release candidates of: Spring Boot, Spring Security, Spring Integ...
Безопасность данных сегодня стала главным приоритетом для любого веб-ресурса. Базовым стандартом защиты учетных записей является хеширование паролей. Этот процесс превращает конфид...
Overview Identity and access security is built on two fundamental requirements: Authentication (AuthN) — who you are, and Authorization (AuthZ) — what you are allowed to do. Ev...
OAuth 2.1 consolidates years of security best practices and formally retires the implicit grant, the resource owner password credentials grant, and plain PKCE. Spring Security 6.x...
Single-page application (SPA) such as those built with React, Angular, or Vue handle routing on the client side. When deployed with a Spring Boot backend, direct navigation to rout...
I’ve spent years reviewing applications after security incidents, conducting code audits, and helping teams rebuild trust after token misuse exposed sensitive data. If there’s one...
SAN JOSE — A survey from BellSoft found that Spring developers don’t know their Dockerfiles affect their security posture, aren’t using hardened images and can’t name their complia...
Sometimes, in modern backend systems, you need to perform one or more actions after database inserts or updates. You may need to publish to a message broker, send an email, or trig...
Originally appeared on Saeloun Blog.Rails gives us a strong security baseline. It does not make an application secure by itself. That distinction matters. Most real Rails security...
In developing REST APIs, you often need to log HTTP incoming requests. You want to see exactly what data your application is receiving and how it is processed. You want a detailed...
Spring Boot is a widely used framework for building production-ready Java applications with minimal configuration. At the core of Spring Boot lies the concept of Dependency Injecti...
In microservices, you’ve likely broken a cold sweat more than once when a request suddenly 'vanishes' the moment it hits a Database or a Message Broker. It is a true operational ni...
Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could allow a...
Это часть 2. Первую часть смотреть по ссылке.Данная статья является второй из цикла по описанию особенностей построения приложений с использованием идей, описанных в книге «Искусст...
In modern software architectures, especially microservices-based systems, authentication is no longer a simple “login once, use everywhere” problem. A single access token is often...
Originally appeared on Saeloun Blog.Authentication proves identity. Authorization enforces rules. Most production authorization bugs in Rails are not syntax mistakes. They are mis...
Enterprise Java applications still serve business-critical processes but are becoming vulnerable to changing security threats and regulatory demands. Traditional compliance-based s...
A global case management system depends on a telephony surface to bind a live call to a customer record. When a call arrives, an external CTI frame loads inside Lightning, identifi...
Use SocialBu to discover ideas, generate post drafts, and schedule them across your social channels.