Get the latest updates on FusionAuth, identity and access management, security, general coding and major geekery here.
Spring Framework CVE: How it affects FusionAuth (TLDR: It doesn't)
The recent announcement of CVE-2022-22965, where “a Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding,” has some folks asking if FusionAuth is affected. This CVE is also known as the “Spring4Shell” vulnerability.
FusionAuth is not affected by this vulnerability in Spring. FusionAuth uses a different MVC framework, Prime, so there is no way that any FusionAuth applications could be compromised.READ MORE
How to Set Up Single Sign-On (SSO) Between FusionAuth and Shopify
With the rise in the number of internet users, companies feel the need to retain their customers as well as gather information about them. A user management system has thus become a vital part of modern application development. However, without the right tools, it quickly becomes difficult to manage users, especially when you have multiple interrelated services; for example, an application might have an accompanying forum system.READ MORE
FusionAuth Supports ARM Architecture; Makes Authorization Simple for Developers Building on ARM Architecture
FusionAuth, the authentication and authorization platform built for developers, today announced its support for ARM-based architecture. Since its inception, FusionAuth has committed to running anywhere, and supporting the ARM architecture further allows developers to run FusionAuth where and how they want. By working with ARM processors, the company is able to support additional use cases such as IoT and high-performance cloud platforms that are built on ARM-based architectures.READ MORE