Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016
-
Upload
matt-raible -
Category
Technology
-
view
562 -
download
4
Transcript of Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016
![Page 1: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/1.jpg)
Microservices for the Masses
Spring Boot · JWT · JHipster
Brought to you by Matt Raible and Stormpath
![Page 2: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/2.jpg)
![Page 3: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/3.jpg)
![Page 4: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/4.jpg)
![Page 5: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/5.jpg)
![Page 6: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/6.jpg)
Conway’s Law
Any organization that designs a system (defined
broadly) will produce a design whose structure is a copy
of the organization’s communication structure.
Melvyn Conway 1967
![Page 7: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/7.jpg)
"Do one thing and do it well."
![Page 8: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/8.jpg)
The Future?
![Page 9: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/9.jpg)
You shouldn’t start with a microservices architecture.
Instead begin with a monolith, keep it modular, and split
it into microservices once the monolith becomes a
problem.
Martin Fowler March 2014
![Page 10: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/10.jpg)
![Page 11: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/11.jpg)
![Page 12: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/12.jpg)
![Page 14: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/14.jpg)
![Page 15: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/15.jpg)
![Page 16: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/16.jpg)
![Page 17: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/17.jpg)
Microservices are awesome, but they’re not free.
Les Hazlewood Stormpath CTO
![Page 18: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/18.jpg)
Spring Boot Demo
![Page 19: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/19.jpg)
![Page 20: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/20.jpg)
![Page 21: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/21.jpg)
JHipster by the numbers
+250 contributors+5400 Github stars+320,000 installations+100 companies officially using it
![Page 22: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/22.jpg)
How to use JHipster
To install JHipster, you run an npm command:
$ npm install -g generator-jhipster
$ mkdir myapp && cd myapp $ yo jhipster
![Page 23: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/23.jpg)
What’s Generated?
Spring Boot applicationAngularJS applicationLiquibase changelog filesConfiguration files
![Page 24: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/24.jpg)
Security Screens
Several generated screensLogin, logout, forgot passwordAccount managementUser management
Useful for most applicationsPages must be tweakedUser roles will be added/extended
Provides good examples of working screensForms, directives, validation…
![Page 25: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/25.jpg)
Admin Screens
MonitoringHealth
Spring Boot configurationSpring Security auditsLog management
Very useful in production
![Page 26: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/26.jpg)
Liquibase
![Page 27: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/27.jpg)
![Page 28: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/28.jpg)
![Page 29: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/29.jpg)
![Page 30: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/30.jpg)
![Page 31: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/31.jpg)
![Page 32: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/32.jpg)
ThoughtWorks Radar
![Page 33: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/33.jpg)
![Page 34: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/34.jpg)
![Page 35: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/35.jpg)
![Page 36: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/36.jpg)
![Page 37: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/37.jpg)
Securing your API
Choose the Right API Security ProtocolBasic API Authentication w/ TLS (formlerly known as SSL)OAuth1.0a, OAuth2
API Keys vs. Username/Password AuthenticationStore Your API Security Key securely
Use globally unique IDs (e.g. Url62)Avoid sessions, especially in URLs
![Page 38: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/38.jpg)
How to Secure your API
https://www.youtube.com/watch?v=hdSrT4yjS1g
Learn more on the Stormpath blog
![Page 39: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/39.jpg)
![Page 40: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/40.jpg)
Anatomy of a JWT
![Page 41: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/41.jpg)
Create a JWT in Java
String jwt = Jwts.builder() .setSubject("users/TzMUocMF4p")
.setExpiration(new Date(1300819380)) .claim("name", "Robert Token Man")
.claim("scope", "self groups/admins")
.signWith(
SignatureAlgorithm.HS256,
"secret".getBytes("UTF-8")
)
.compact();
![Page 42: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/42.jpg)
Validating a JWT
String jwt = // get JWT from Authorization header Jws<Claims> claims = Jwts.parser()
.setSigningKey("secret".getBytes("UTF-8"))
.parseClaimsJws(jwt)
String scope = claims.getBody().get("scope") assertEquals(scope, "self groups/admins");
![Page 43: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/43.jpg)
Better Secret
String b64EncodedSecret = "Yn2kjibddFAWtnPJ2AFlL8WXmohJMCvigQggaEypa5E=";
.signWith(SignatureAlgorithm.HS256,
TextCodec.BASE64.decode(b64EncodedSecret))
![Page 44: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/44.jpg)
JWTs in Java for CSRF and Microservices
https://www.youtube.com/watch?v=QSYK4OCmycI
Learn more on the Stormpath blog
![Page 45: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/45.jpg)
Microservices with JHipster
![Page 46: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/46.jpg)
![Page 47: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/47.jpg)
![Page 48: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/48.jpg)
Microservices are not free, but you get a deep discount
on microservices with JHipster.
Matt Raible 2016
![Page 49: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/49.jpg)
JHipster.next
Angular 2JUnit 5Spring 5 and ReactiveApache KafkaHTTP/2Progressive Web App Support
![Page 50: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/50.jpg)
![Page 51: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/51.jpg)
Do one thing and do it well.
Unix philosophy
![Page 52: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/52.jpg)
This Presentation and Demos
https://github.com/mraible/microservices-for-the-masses
![Page 53: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/53.jpg)
![Page 54: Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016](https://reader034.fdocuments.in/reader034/viewer/2022052308/5871ff8a1a28ab176b8b4d11/html5/thumbnails/54.jpg)
Image Credits
Fountain of colours - Paulius Malinovskis on FlickrPonte dell’Accademia at Sunrise - Trey Ratcliff on Stuck in CustomsConway’s Law - Martin Fowler and James Lewis on MicroservicesGood Morning Denver - Sheila Sund on FlickrMonoliths - Arches National Park on FlickrMexico - Trish McGinity on McGinity PhotoFuture - vivianhir on FlickrSpring Runoff - Ian Sane on FlickrThe memory Seeker, Santa Monica Pier, CA - Pacheco on FlickrSan Francisco By Night - Trish McGinity on McGinity Photo