Building Secure Applications With the Micronaut Framework

Building Secure Applications With The Micronaut Framework

Through lectures and lab exercises, this 12-hour workshop prepares you to leverage the Micronaut framework's robust, built-in security capabilities when building microservices and serverless applications.

Objectives

Participants learn how to define security for Micronaut endpoints (@Secured, Intercept URL Map), retrieve the current user, use different authentication flows (basic, ldap, database), and create custom authentication providers.

We also discuss the Micronaut framework's out-of-the-box support for JSON web token (JWT) validation, generation, claims customization, JWKS, and Oauth 2. 

Finally, we demonstrate how easy it is to integrate Micronaut apps with an OpenID connect provider, such as AWS Cognito, Auth0, or Okta.

INTENDED AUDIENCE

This workshop is a great learning opportunity for JVM developers interested in learning to leverage the Micronaut framework's wide range of capabilities to build fast, lightweight, and secure applications.

Technical Requirements

For the lab exercises, you will need JDK 11 and IntelliJ IDEA Community Edition or Ultimate.

Prerequisites

Although everyone is welcome, we recommend attendees have at least a working familiarity with web development, HTTP, and Java. Experience with the Micronaut framework is a plus, but not required.

Outline

The following topics are covered in this workshop:

• Security installation
• Access authenticated user
• Define security: @Secured, Intercept URL Map
• Session-based authentication
• Basic authentication
• Database authentication
• JSON web token (JWT) validation, generation etc.
• Cookie authentication mode
• Bearer authentication mode
• JWKS
• Security events
• Token propagation
• Oauth2
  • authorization code flow
  • password grant flows
  • integration with third-party Oauth2 providers: Auth0, Okta, Keycloack, AWS Cognito
• LDAP authentication