Skip to content

Instantly share code, notes, and snippets.

@AdamBien
Created November 4, 2020 06:40
Show Gist options
  • Save AdamBien/4b9214b29ed1810390bbe7ed303db6c4 to your computer and use it in GitHub Desktop.
Save AdamBien/4b9214b29ed1810390bbe7ed303db6c4 to your computer and use it in GitHub Desktop.
81stAirhacksQ&A.md

Ask questions and see you at December, 7th, 8.PM. CET: https://vimeo.com/event/154379

Also checkout recent episode:

80th airhacks.tv

Please keep the questions Jakarta EE-stic. Means: as short and as concise as only possible. Feel free to ask several, shorter questions. Upcoming airhacks.tv events are also going to be announced at meetup.com/airhacks

@thehpi
Copy link

thehpi commented Dec 7, 2020

I want to be able to configure for a user how many request per second he can fire onto my server.
And my server then should return the nr of possible requests in a response header.
And of course my server should return http response code 429 (too many request) when the max nr requests/sec is depleted.

How would you do this?

@ashburnere
Copy link

@thephi did you have a look at Mapstruct (https://mapstruct.org/)?

@thehpi
Copy link

thehpi commented Dec 9, 2020

@ashburnere yes I am investigating it, it is a very elaborate tool but I'm not sure yet if I can use it but it looks promising.

@vaibhavkulkarni
Copy link

@AdamBien
As creator of Jwtenizer do you recommend to you clients to implement in-house authentication and authorization workflows? Quarkus JPA Security and JWT Security makes it look like an easy job initially, but I fear things get tough when you realize you need:

  • self-registration
  • login
  • passwordless login
  • profile update
  • forgotten password workflow
  • multi-factor authentication
  • email verification
  • user management UI console

... Or do you recommend external providers such as Okta, Auth0, AWS Cogito?

There is also this up-and-coming German middleware ORY/Kratos, but they are very opinionated, do not recommend JWT tokens and do a lot fo server-side rendering to implement workflows.

What do your clients usually end up doing?

Have you had a look at https://gluu.org/? It probably suites you better?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment