It’s just plain hard to get true, real-time visibility into a running auth flow.

Parts of the process can be completely hidden from us; if the complete authorization process requires a redirect from a remote OAuth production server, then every debugging effort must go through the production server.

It’s practically unfeasible to debug this locally. There’s no way to reproduce the exact state and no way to inspect what is actually happening under the hood. Not ideal.

Knowing these types of challenges, we built Lightrun - a real-time production debugging tool - to allow you to understand complicated flows with code-level information. Add logs, take snapshots (virtual breakpoints), and instrument metrics without a remote debugger, without stopping the running service, and, most importantly - in real-time and without side effects.

Learn more with this 5-minute tutorial focused on debugging these kinds of scenarios using Lightrun:

>> Debugging Authentication and Authorization Using Lightrun

Building a full-fledged, production-ready registration for your web application is oh so much more than just putting together a simple registration page.

There are a lot of questions that need to be answered:

  • How do I verify the email addresses of new users?
  • How do I properly and safely store user credentials?
  • What if a user forgets their password?
  • What about users changing their own password?
  • How strong should passwords be? How can I enforce some sensible defaults in the app so that my users have good, strong passwords?
  • What if I have more than one type of user? I need a good way to store roles and privileges.
  • What about security questions? Should I even have them?
  • How do I do all of this with good localization support? There are a lot of messages involved.
Security bottom

I just announced the new Learn Spring Security course, including the full material focused on the new OAuth2 stack in Spring Security 5:

>> CHECK OUT THE COURSE
Security footer banner
Comments are closed on this article!