Microservices for the Masses
Spring Boot · JWT · JHipster
![]() |
![]() |
![]() |
![]() |

Conway’s Law
Any organization that designs a system (defined broadly) will produce a design whose structure is a copy of the organization’s communication structure.
"Do one thing and do it well."
The Future?
You shouldn’t start with a microservices architecture. Instead begin with a monolith, keep it modular, and split it into microservices once the monolith becomes a problem.







Microservices are awesome, but they’re not free.




Securing Your API
- Choose the Right API Security Protocol
- Basic API Authentication with TLS (aka SSL)
- OAuth 1.0a, OAuth 2.0, OpenID Connect
- API Keys vs. Username/Password Authentication
- Store Your API Security Key securely
- Use globally unique IDs (e.g. Url62)
- Avoid sessions, especially in URLs
JSON Web Tokens


Create a JWT in Java
String jwt = Jwts.builder()
.setSubject("users/TzMUocMF4p")
.setExpiration(new Date(1300819380))
.claim("name", "Robert Token Man")
.claim("scope", "self groups/admins")
.signWith(
SignatureAlgorithm.HS256,
"secret".getBytes("UTF-8")
)
.compact();
Validating a JWT
String jwt = // get JWT from Authorization header
Jws<Claims> claims = Jwts.parser()
.setSigningKey("secret".getBytes("UTF-8"))
.parseClaimsJws(jwt)
String scope = claims.getBody().get("scope")
assertEquals(scope, "self groups/admins");
Better Secret
String b64EncodedSecret =
"Yn2kjibddFAWtnPJ2AFlL8WXmohJMCvigQggaEypa5E=";
.signWith(SignatureAlgorithm.HS256,
TextCodec.BASE64.decode(b64EncodedSecret))

JHipster by the numbers
- +250 contributors
- +6800 Github stars
- +480,000 installations
- +150 companies officially using it
How to use JHipster
To install JHipster, you run an npm command:
$ npm install -g generator-jhipster
$ mkdir myapp && cd myapp
$ yo jhipster
What’s Generated?
- Spring Boot application
- Angular application
- Liquibase changelog files
- Configuration files
Security Screens
- Several generated screens
- Login, logout, forgot password
- Account management
- User management
- Useful for most applications
- Pages must be tweaked
- User roles will be added/extended
- Provides good examples of working screens
- Forms, directives, validation…
Admin Screens
- Monitoring
- Health
- Spring Boot configuration
- Spring Security audits
- Log management
- Very useful in production
Liquibase
Microservices with JHipster


JHipster on Google Cloud


Microservices are not free, but you get a deep discount on microservices with JHipster.
JHipster.next
- JHipster CLI
- gRPC Support
- React Support
- Spring 5 and Reactive
- Improved Kafka Support
Do one thing and do it well.
This Presentation and Demos

Image Credits
- Fountain of colours - Paulius Malinovskis on Flickr
- Ponte dell’Accademia at Sunrise - Trey Ratcliff on Stuck in Customs
- Conway’s Law - Martin Fowler and James Lewis on Microservices
- Good Morning Denver - Sheila Sund on Flickr
- Monoliths - Arches National Park on Flickr
- Mexico - Trish McGinity on McGinity Photo
- Future - vivianhir on Flickr
- Spring Runoff - Ian Sane on Flickr
- The memory Seeker, Santa Monica Pier, CA - Pacheco on Flickr
- San Francisco By Night - Trish McGinity on McGinity Photo