all InfoSec news
Make your security policy auditable
DEV Community dev.to
Last week, I wrote about putting the right feature at the right place. I used rate limiting as an example, moving it from a library inside the application to the API Gateway. Today, I'll use another example: authentication and authorization.
Securing a Spring Boot application
I'll keep using Spring Boot in the following because I'm familiar with it. The Spring Boot application offers a REST endpoint to check employees' salaries.
The specific use case is taken from the Open …
api api gateway application architecture authentication authorization boot case check employees endpoint gateway library moving policy rate rate limiting rest salaries security security policy spring springsecurity use case