Josh Long

Using username/password credentials to access one application from another presents a huge security risk for many reasons. Today, we are announcing the preview of passwordless connections for Java applications to Azure database and eventing services, letting you finally shift away from using passwords.

Security Challenges with Passwords

Passwords should be used with caution, and developers must never place passwords in an unsecure location. Many Java applications connect to backend data, cache, messaging, and eventing services using usernames and passwords, or other sensitive credentials such as access tokens or connection strings. If exposed, the passwords could be used to gain unauthorized access to sensitive information such as a sales catalog that you built for an upcoming campaign, or simply all customer data that must be private.

Hi, Spring fans! Welcome to another installment of This Week in Spring!

It’s the last week of September, already! The year’s more done than not. The days are receding into darkness earlier. And the Pumpkin Spice Lattes are upon us. The darker and colder days are kind of a bummer, but I’m stil excited and overjoyed this time of year. You know why?

SpringOne 2022 is almost here! I feel like it’s that anxious, exciting time before sort of important holiday where you get given gifts! And with it, Spring Boot 3 and Spring Framework 6. We’re going to be announcing everything right here on the Spring blog, of course, but if you want a chance to learn from the source, then I hope you’ll join us 6-8 December, 2022, right here in my hometown of San Francisco, my favorite west coast city in the USA, and my hometown. )Psst.: If you register now, there’s a $200 discount from the pass price with this code S1VM22_Advocate_200.)

It has taken me an embarrassingly long time to appreciate and understand that the devil is in the details regarding software development. Writing happy-path business logic isn’t the hard part! It’s the failure cases, observability, resilience, and process. It’s security and other so-called non-functional requirements. It’s architecting for agility. It’s production. Spring is unique because it sits at the crossroads of many exciting application development discussions.

Spring’s community contains multitudes and is one of the key defining features. This diversity of discussion means that any conference that endeavors to cover the full sweep of ideas has its work cut out. I don’t know of any other show - and I’ve spoken at many thousands of shows and events in my life! - that completely covers the different dimensions of application development like SpringOne does. I feel like SpringOne is the closest, anyway, and I want to talk about what I’m looking forward to about this year’s SpringOne 2022 event.

Hi, Spring fans! In this installment, Josh Long (@starbuxman) talks to his friend, fellow Java Champion, and director of developer relations and strategy at Couchbase, Laurent Doguin (@ldoguin)

SpringOne 2022 is almost here! This is our first in-person event since the pandemic and it’s when we release Spring Framework 6 and Spring Boot 3, the next generation of Spring and Spring Boot respectively. It’s running 6-8 December in my sunny San Francisco, CA! Register now at SpringOne.io and use the code S1VM22_Advocate_200 to get $200 off the current registration price.

Hi, Spring fans! Welcome to another installment of This Week in Spring wherein I endeavor as best as I can to capture the latest-and-greatest in the wide, wacky, and wonderful world of Springdom! Naturally, I fail miserably basically every week. There’s no way I could hope to capture everything of note. But I persist…

Are you coming to SpringOne 2022? This is our first in-person event since the pandemic and it’s when we release Spring Framework 6 and Spring Boot 3, the next generation of Spring and Spring Boot respectively. It’s running 6-8 December here in my hometown of sunny San Francisco, CA! Register now at SpringOne.io and use the code S1VM22_Advocate_200 to get $200 off the current registration price.

Hi, Spring fans! In this installment, Josh Long (@starbuxman) talks to big data legend, former Pivot, and friend to the Spring community, Tim Spann (@PaaSDev), about big data, StreamNative, and Apache Pulsar, and Spring for Apache Pulsar. Get your notebooks ready for this one, class!

Hi, Spring fans! Welcome to another installment of This Week in Spring! We’ve got a lot of good stuff to get to so let’s dive right into it!

• A Bootiful Podcast: Hashicorp’s Rosemary Wang on securing the intersection of apps and ops with Hashicorp Vault
• a nice video by my colleague Dan Vega: Spring Security JWT
• I also loved Dan’s video on Spring Security without the WebSecurityConfigurerAdapter
• Dispatching Queries in Axon Framework
• Guide to Find the Java .class Version
• Spring Cloud 2021.0.4 (codename Jubilee) Has Been Released
• Static Fields and Garbage Collection
• Blog: Announcing the Auto-refreshing Official Kubernetes CVE Feed
• Blog: Kubernetes 1.25: KMS V2 Improvements
• Blog: Kubernetes’s IPTables Chains Are Not API
• this is an interesting post looking at how to use JUnit with Spring Boot. The only thing I didn’t quite understand is why the author declares Mockito explicitly. I’m pretty sure it’s brought in transitively in spring-boot-starter-test, but either way: good post!

Hi, Spring fans! In this episode Josh Long (@starbuxman) talks to Hashicorp Developer Advocate Rosemary Wang (@joatmon08) about a few Hashicorp technologies and their integrations with Spring Boot.

Hi, Spring fans! How are you? It’s a fantastic Tuesday, the 5th of September, 2022, and I couldn’t be happier. It’s also Labor Day weekend here in the US. It marks the unofficial end of summer, which is a bit sad. But, on the upside, it’s a four-day weekend for me! I’m technically off today. So, you’ll forgive me, but I won’t spend too much time here. Let’s dive right into this week’s roundup!

• A Bootiful Podcast: Dr. Kris De Volder on Spring Tools, VS Code, and so much more
• Connect to Multiple Databases Using Spring Data Mongodb
• End-to-end tracing with OpenTelemetry
• I love this article by Hashicorp’s Rosemary Wang on refreshable secrets for Kubernetes Applications with Vault Agent
• Microsoft is committed to the success of Java developers
• Price Reduction - Azure Spring Apps does more, costs less!
• The Second Best Way to Fetch a Spring Data JPA DTO Projection – Java, SQL and jOOQ.
• The best way to fetch a Spring Data JPA DTO Projection - Vlad Mihalcea
• Speaking of JOOQ, did you know there’s good reactive API support included? Check it out: 3.15.0 Release with Support for R2DBC, Nested ROW, ARRAY, and MULTISET types, 5 new SQL dialects, CREATE PROCEDURE, FUNCTION, and TRIGGER support and Much More

Hi, Spring fans! In this episode Josh Long (@starbuxman) talks to Dr. Kris De Volder, a longtime member of the Spring Tools team, about all the cool stuff he’s worked on and is going to work on. And then we get knee deep into a discussion around building IDE integrations.