Java to Pod

From Java code in your repo to a running Pod on Kubernetes. This article explains all the steps needed, including basic shortcuts.

How to secure microservice applications with role-based access control? (6/7)

Option: API Gateway Foto Source: Jeswin Thomas (www.pexels.com) In the last blog “OpenID Connect & Keycloak (part 5), we have described how a 3rd party component (Keycloak) can provide intermediary services for trust and security. Amongst others, keycloak takes care of the generation and configuration of the JWT token. The good thing: As all involved […]

How to secure microservice applications with role-based access control? (7/7)

Foto Source: Darrel Und (www.pexels.com) Option: Service Mesh We have already introduced many different options how to secure micro-service applications based on roles (RBAC). In the last part of this series, we will explore how to use a Service Mesh for RBAC. For the implementation of the Service Mesh we are using the Open Source […]

How to set up and demonstrate Quarkus GrumpyCat GitOps demo

Read this manual if you want to setup and demonstrate (or otherwise use) all the mechanisms of Quarkus GrumpyCat. First of all GrumpyCat is a micro services based multi player game, which you can use to demonstrate and play a nice PacMan / FatCat like game. But with this demo you can also easily demonstrate the benefits of using the GitOps principles for developing and deploying a bigger application.

Building Trust in the Software Supply Chain

Overview What steps can we take to establish trust in our Software Supply Chain and ensure that our software can be traced back to its origin without introducing malicious code or dependencies? Moreover, how can we integrate Open Source tools to enhance the security of our Software Supply Chain’s lifecycle? As we explained in our […]

How to secure microservice applications with role-based access control? (5/7)

Foto Source: Ron Lach (www.pexels.com) Option: OpenID & Keycloak In the previous blog (part 4), we have introduced JSON Web Token to allow more transparent and convenient authentication and access management. In this blog (part 5), we will explore how we can extend the concept of a JWT to achieve even better standardization through oAuth2 […]

How to secure microservice applications with role-based access control? (4/7)

Foto Source: Nataliya Vaitkevich (www. pexels.com) Option: JWT In the previous blog part (part 3) we have used  BasicAuthentication for transferring credentials which are then enforced in the requested service. This approach has several disadvantages. First and foremost, each service has access to user credentials. Thus, if one service is hacked, all services are impacted. […]

Using OpenTelemetry and Grafana Tempo with Your Own Services/Application

By Robert Baumgartner, Red Hat Austria, March 2023 (OpenShift 4.12, OpenShift distributed tracing data collection 0.63) In this blog, I will guide you on how to use OpenTelemetry with a Quarkus application; how to forward your OpenTelemetry information to Tempo and display it in Grafana UI. I will use distributed tracing to instrument my services […]

How to secure microservice applications with role-based access control? (1/7)

Foto Source: Life of Pix (www.pixels.com) Role-based Access Control (shortly RBAC) is one of the first things that come to mind if you think about security. But how can you do this consistently, without overburdening developers and IT-operation? And how can this be done in the context of micro-services architectures or – more generally speaking […]

How to secure microservice applications with role-based access control? (3/7)

Foto Source: CottonBro Studio (www.pexels.com) Option: BasicAuthentication In the previous post (Part 2), we have set the scene by implementing a basic service-to-service communication with 3 REST end-points (publicEP, userEP, adminEP). The checking of the role has been done programmatically against an HTTP query parameter. We have elaborated on the down-sides of this option and […]

close

Subscribe to our newsletter.

Please select all the ways you would like to hear from Open Sourcerers:

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our newsletter platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices here.