my blog. for you.

Let’s talk digital.

I’m an independent IT consultant and entrepreneur in the Internet and software business. I’m interested in design, enterprise applications, web apps and SaaS products. I design and develop business solutions and applications. I help companies in terms of software quality and knowledge transfer, e.g. with Angular and Spring Boot.

Spring Boot 3, Spring Security 6, and Angular 15

Spring Boot is frequently used for business applications conjunction with Angular, with Spring Boot providing REST API endpoints and an Angular app delivering a user front-end on top of those endpoints. To help you get started with that kind of setup, particularly when it comes to the subjects of authentication and authorization and how to keep user data secure between the components involved in such an architecture, these GitHub projects can be quite helpful. All of those support the most recent versions ...
Sunday March 19th, 2023 by Bjoern in Software, Web Applications
Read more

Aaron Parecki – Why Do We Really Need OAuth Anyway? @ beyond tellerrand Düsseldorf 2021

At this year's beyond tellerrand Düsseldorf IndieWebCamp co-founder and OAuth consultant Aaron Parecki gave a talk about OAuth, why we need it, and how we can use it to simplify authentication and authorization in web applications: Aaron Parecki - Why Do We Really Need OAuth Anyway? - beyond tellerrand Düseldorf 2021 from beyond tellerrand on Vimeo. Aaron also provides a guide to building an OAuth 2.0 server and a video course titled "The Nuts and Bolts of OAuth 2.0".
Sunday December 5th, 2021 by Bjoern in Enterprise Software, Software, Web Applications
Read more

JSON Web Tokens: Downsides, Best Practices and Secure and Robust Alternatives

JSON Web Tokens (JWTs) nowadays are commonly used for transmitting authentication data in web applications, especially those exhibiting the widespread client-server architecture where you have a fat client / single-page application written in JavaScript as a front-end and a back-end server providing REST endpoints for use by that front-end client. However, while common there are good arguments against this practice. In a nutshell, JWT often are used for storing session data such user authorization and authentication information although they aren't particularly well-suited to ...
Sunday November 10th, 2019 by Bjoern in Enterprise Software, Front End Development, Software, Web Applications
Read more