The Angular Mini-Book is a
guide to getting started with Angular. You'll learn how to develop a bare-bones application, test it, and
deploy it. Then you'll move on to adding Bootstrap, Angular Material, continuous integration, and authentication.
Spring Boot is a popular framework for building REST APIs. You'll learn how to integrate Angular with Spring Boot and use security best practices like HTTPS and a content security policy.
For book updates, follow @angular_book on Twitter.
The JHipster Mini-Book is a
guide to getting started with hip technologies today: Angular, Bootstrap, and Spring
Boot. All of these frameworks are wrapped up in an easy-to-use project called JHipster.
This book shows you how to build an app with JHipster, and guides you through the plethora of tools, techniques and options you can use. Furthermore, it explains the UI and API building blocks so you understand the underpinnings of your great application.
For book updates, follow @jhipster-book on Twitter.
I posted some new pictures on our photo album site this evening. These are from the last couple of weeks when we've had a whole slew of family and friends drop in to see us. Our little girl is growing up rather quickly, and still cute as a button!
Man, the East Coast is getting dumped on! You folks probably won't believe this, but I AM SO JEALOUS!! I love the snow, the more the better. But at the same time, growing up in Montana and living in Colorado for the last 10 years, my environment/state has always been prepared for it. The worst (or best storms, depending on how you look at them) storms I've ever been in are:
So sad as it may sound, I actually envy you guys.
I'm writing about how to use the same login/error page with form-based authentication. Does anyone know which servlet containers this fails on? I guess it wouldn't hurt to know which ones it works on too. You can use this security.war (1.7MB) file to test. Since it's testing the failure page, you don't need to setup a user - but if you want, the role is tomcat. I know this works on Tomcat, so no need to test it.
Damn! My phone, the Sony-Ericsson, just got a whole lot cheaper (I paid $180). From Gizmodo:
Sony Ericsson's T68i cellphone, which has a color screen, Bluetooth, and uses GPRS for surfing the Web and sending emails, text messages, and multimedia messages, is just $24.99 with new service activation over at Amazon.
If you're in the market for a new phone, I highly recommend this one - even for the $180 I paid. It's nice to use iSync and have all my contacts synchronized with no wires. It's also great for checking my e-mail (IMAP or POP), and I can even use Yahoo Messenger on it! My favorite feature though is the ability to find the closest movie times or restaurants - I just have to tell it to auto-locate me. I think most of these features are mMode features though, not just for the phone.
Erik Hatcher has convinced me that I need to give more coverage to JAAS in my chapter on Security. To quote his comment from yesterday's JAAS post:
I think you are underestimating the value of JAAS a fair bit. Suppose you want to authenticate your users against a database table of users/passwords. Without JAAS this is container-specific (sure it works nice in Tomcat, but would you be able to do FORM authentication in WebSphere easily?). We use JAAS in the big application I'm developing and it gives us the freedom to more easily port our application to other containers. What if your application needed to authenticate users (suppose for a portal, not that far fetched, eh?) where each "portlet" had a different authentication scheme: LDAP, Windows NT, database, etc. JAAS is the way to go.
While I can see Erik's point, I think that if the app servers follow the Servlet spec, implementing form-based authentication on any J2EE-compliant server should be easy. After all, Tomcat is the Reference Implementation. At the same time, the bit about the portles is a whole other can of worms - I can see what he's getting at, and I guess I need to figure out an easy way to demonstrate using JAAS. From what I understand, you do have to call the authenticate() in a servlet or filter. Hopefully, I can use a little Ant/XDoclet magic to create a sample that can switch b/w form-based, container-managed authentication and JAAS. Tell me what you think of this idea:
One thing I really like about form-based authentication (besides the ease of setup and no required programming) is that it allows users to bookmark pages in your app. When they select that bookmark again after logging out, they are prompted for a login and routed to the bookmark upon successful authentication. I hope JAAS can do this too.
