Source code samples for "Defence in Depth" articles and presentations.
This is an accompanying implementation of a secure REST API in Java 21 with Maven and Spring Security that follows the series of articles found at:
https://securityblog.omegapoint.se
An article that covers these concepts exactly can be found at:
https://securityblog.omegapoint.se/en/secure-apis-by-design
Presentation of this material can be found at YouTube:
https://www.youtube.com/watch?v=_7fFm8e8UpM (Jfokus 2022, demos in Java 17 with Maven and Spring Security)
https://www.youtube.com/watch?v=5nQ00_z0hF4 (NDC Oslo 2021, demos in ASP.NET Core 6)
ASP.NET repo at https://github.com/Omegapoint/defence-in-depth
Video recordings of additional "Defence in Depth" presentations (in Swedish) can be found at:
https://omegapoint.se/academy-plus
The approach follows that of the book "Secure by Design":
https://www.manning.com/books/secure-by-design
The repo also contains a docker-compose setup of KeyCloak, a token service for demo and education purposes: