... to the digital home of Steven Schwenke.

This site is supposed to be a showcase for my thoughts about software engineering, less a personal homepage. If you want to know more about me, invite me to a beer.


Posted by Steven

Recently, I joined a new project. As always when this happens, I got a ton of new credentials for websites, platforms and so on. This flood can easily be managed using password managers like KeePass. However, one of my new colleagues showed me some cool features I didn't know before. This article is a short review of those features.

Posted by Steven

I spend quite some time implementing a login using Active Directory via LDAP for our Spring Boot 2 application, using Spring Security. This article outlines the implementation options I faced. On my quest to solve the many problems I encountered with this, I learned that there is not much documentation available in the web. I hope this article is of some help for other developers.

I will use the term "LDAP" when refering to the Active Directory because that's what most developers do when they mean "authorization using LDAP".

Posted by Steven

This is what I learned in December 2018:

Posted by Steven

Some values of an application have to be provided from "the outside" of the application, for example the secret of a JSON Web Token (JWT). This secret must remain private and must not be shared. Hence, it cannot be written in a properties file, especially not in an open-sourced project.

In a local environment and also in a deployed state, this can be done by providing an environment variable:

Posted by Steven

This will be a short one.

I am working on an Angular 6 application that is deployed on a Pivotal Cloud Foundry, using the nginx-buildpack. With the default nginx.conf, http and https requests are served. The https request is secured using the certificate for *cfapps.io, which is nice to have without any configuration.

However, allowing http requests opens the door for accidental unencrypted logins, which I want to avoid. Hence, I want to forward all http-requests to https.

Here's the working nginx.conf for this:

Posted by Steven

This article is about deploying an Angular 6 application to Pivotal Cloud Foundry so that URLs without a hash can be used.