Posts

Showing posts from April, 2026

Securing Workflows in Camunda 8 (Auth, Roles, Identity)

Image
  Securing Workflows in Camunda 8 (Auth, Roles, Identity) đź“Ś Introduction As organizations adopt workflow automation using Camunda 8 , securing workflows becomes critical. From user authentication to role-based access control , Camunda 8 provides a modern security model designed for cloud-native and distributed systems. 👉 In this blog, we’ll cover: Authentication in Camunda 8 Identity & user management Role-based authorization Best practices for securing workflows đź–Ľ️ Camunda 8 Security Architecture Camunda 8 follows a cloud-native architecture with key components: Zeebe → Workflow engine Operate → Monitoring Tasklist → User task handling Optimize → Analytics Identity → Authentication & authorization 👉 Security is mainly handled through Identity + OAuth2 providers (like Keycloak) . 🔑 Authentication in Camunda 8 Authentication answers: Who are you? Camunda 8 uses OAuth2 / OpenID Connect (OIDC) for authentication. 🔄 Flow: User logs in via Identity provider Provide...
Post a Comment
Read more

Sécuriser les Workflows dans Camunda 8 (Auth, Rôles, Identité)

Image
  SĂ©curiser les Workflows dans Camunda 8 (Auth, RĂ´les, IdentitĂ©) đź“Ś Introduction Avec l’adoption croissante de l’automatisation des processus via Camunda 8 , la sĂ©curitĂ© devient un Ă©lĂ©ment essentiel. De l’ authentification des utilisateurs au contrĂ´le d’accès basĂ© sur les rĂ´les , Camunda 8 propose un modèle moderne adaptĂ© aux architectures cloud-native. 👉 Dans cet article, nous allons voir : L’authentification dans Camunda 8 La gestion des identitĂ©s L’autorisation basĂ©e sur les rĂ´les Les bonnes pratiques de sĂ©curitĂ© đź–Ľ️ Architecture de SĂ©curitĂ© Camunda 8 Camunda 8 repose sur une architecture cloud-native composĂ©e de : Zeebe → moteur de workflow Operate → supervision Tasklist → gestion des tâches Optimize → analyse Identity → gestion de la sĂ©curitĂ© 👉 La sĂ©curitĂ© est principalement gĂ©rĂ©e via Identity + OAuth2 (ex: Keycloak) . 🔑 Authentification dans Camunda 8 Authentification = Qui ĂŞtes-vous ? Camunda 8 utilise OAuth2 / OpenID Connect (OIDC) . 🔄 Flux : L’utilisateur se con...
Post a Comment
Read more

Java + Spring Security → Authentication & Authorization (Complete Guide)

Image
  Java + Spring Security → Authentication & Authorization (Complete Guide) đź“Ś Introduction In modern applications, security is not optional — it's mandatory . Whether you're building enterprise apps, microservices, or SaaS platforms, authentication and authorization are the backbone of secure systems. In the Java ecosystem, Spring Security is the most powerful and widely used framework for implementing security. Spring Security provides robust support for authentication, authorization, and protection against attacks like CSRF, XSS, etc. đź–Ľ️ Spring Security Architecture (Flow) Spring Security works using a filter chain that processes every incoming request. 👉 Basic flow: Request → Security Filter Chain Authentication Filter extracts credentials Authentication Manager validates user UserDetailsService fetches user from DB SecurityContext stores authenticated user Request proceeds to Controller This pipeline ensures every request is validated before accessing resources . ...
Post a Comment
Read more

Java + Spring Security → Authentification & Autorisation (Guide Complet)

Image
  Java + Spring Security → Authentification & Autorisation (Guide Complet) đź“Ś Introduction Dans les applications modernes, la sĂ©curitĂ© n’est plus optionnelle — elle est essentielle . Que vous dĂ©veloppiez des applications d’entreprise, des microservices ou des plateformes SaaS, l’authentification et l’autorisation sont les piliers de la sĂ©curitĂ©. Dans l’Ă©cosystème Java, Spring Security est le framework le plus puissant et le plus utilisĂ© pour gĂ©rer la sĂ©curitĂ©. đź–Ľ️ Architecture de Spring Security (Flux) Spring Security fonctionne avec une chaĂ®ne de filtres (Security Filter Chain) qui traite chaque requĂŞte entrante. 👉 Flux de base : RequĂŞte → Security Filter Chain Le filtre d’authentification extrait les identifiants Authentication Manager valide l’utilisateur UserDetailsService rĂ©cupère les donnĂ©es utilisateur SecurityContext stocke l’utilisateur authentifiĂ© La requĂŞte atteint le contrĂ´leur 🔑 Qu’est-ce que l’Authentification ? Authentification = Qui ĂŞtes-vous ? Elle permet ...
Post a Comment
Read more