my blog. for you.

Let’s talk digital.

I’m an independent IT consultant and entrepreneur in the Internet and software business. I’m interested in design, enterprise applications, web apps and SaaS products. I design and develop business solutions and applications. I help companies in terms of software quality and knowledge transfer, e.g. with Angular and Spring Boot.

Secure Java Applications Against Quantum Threats by Ana Maria Mihalceanu @ Spring I/O 2025

Sunday November 30th, 2025 by Bjoern in Enterprise Software, Software
Read more

Modern Authentication Demystified: A Deep Dive Into Spring Security’s Latest Innovations by Andreas Falk @ Spring IO

Sunday October 5th, 2025 by Bjoern in Enterprise Software, Software
Read more

Secure, Test, Repeat: A Guide to Spring Security Integration Testing by Laurentiu Spilca @ Spring I/O 2024

Sunday May 11th, 2025 by Bjoern in Enterprise Software, Software
Read more

Spring Security Architecture Principles by Daniel Garnier-Moiroux @ Spring I/O 2024

Sunday June 16th, 2024 by Bjoern in Enterprise Software, Software
Read more

Everything new in Spring Security 6 baked with a Spring Boot 3 recipe by Laur Spilca @ Spring I/O

Sunday July 23rd, 2023 by Bjoern in Enterprise Software, Software
Read more

Implementing an Oauth 2 Authorization Server With Spring Security – The New Way! by Laurentiu Spilca @ Spring I/O 2022

Sunday December 4th, 2022 by Bjoern in Enterprise Software, Software
Read more

Spring Cloud Gateway: Resilience, Security, and Observability by Thomas Vitale @ Spring I/O 2022

Sunday August 14th, 2022 by Bjoern in Enterprise Software, Software
Read more

Spring Framework RCE Vulnerability With War File Deployments on Tomcat

Yesterday, an RCE vulnerability in the Spring Framework has been announced: Spring Framework RCE, Early Announcement CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ While, as of now, only WAR deployments of Spring Boot applications running under Apache Tomcat seem to be affected, it is still recommended to upgrade to Spring Boot 2.6.6 as soon as possible, even for Spring-based applications deployed as a JAR, because "the vulnerability is more general, and there may be other ways to exploit it that have ...
Friday April 1st, 2022 by Bjoern in Enterprise Software, Software, Web Applications
Read more

The Recent Log4j2 Vulnerability and How to Address it in Spring Boot Applications

By now, you probably will have heard about the Log4Shell 0-day exploit in Log4j 2 already. Since this is relevant to every Java developer and potentially every Java and hence - by extension - every Spring Boot application out there, I'd like to address this issue and how to mitigate it in Spring Boot applications. When using the default settings without any other dependencies, Spring Boot applications in general won't be vulnerable because Spring Boot uses Logback in its starter dependencies. However, if your ...
Sunday December 19th, 2021 by Bjoern in Enterprise Software, Software, Web Applications
Read more

Aaron Parecki – Why Do We Really Need OAuth Anyway? @ beyond tellerrand Düsseldorf 2021

At this year's beyond tellerrand Düsseldorf IndieWebCamp co-founder and OAuth consultant Aaron Parecki gave a talk about OAuth, why we need it, and how we can use it to simplify authentication and authorization in web applications: Aaron Parecki - Why Do We Really Need OAuth Anyway? - beyond tellerrand Düseldorf 2021 from beyond tellerrand on Vimeo. Aaron also provides a guide to building an OAuth 2.0 server and a video course titled "The Nuts and Bolts of OAuth 2.0".
Sunday December 5th, 2021 by Bjoern in Enterprise Software, Software, Web Applications
Read more
Next Page »