Vaadin and remote code injection in Log4j

Vaadin and remote code injection in Log4j

You should have heard about the log4j security issue by now. Vaadin or typical Vaadin applications are not affected by the recent log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046). But we felt that it is important to summarize and reflect what these vulnerabilities may mean for Vaadin users.

Feature image for blog post

Comparing Frontend Frameworks for Spring Boot: React, Angular, and Vaadin (+JHipster)

Spring Boot is a preconfigured version of the Spring framework that makes it easy to create stand-alone, production-grade applications. Spring Boot is a backend framework that has become a major player in the enterprise Java ecosystem. It lets Java developers start building web applications ...

How to improve the performance of your web application

Improving a web application’s performance becomes more important as the number of concurrent users the application has. There are several reasons to enhance the performance of your web application, even if you do not have a huge amount of concurrent users. Here are a few of the benefits of doing ...
Webinar with Leif Åstrand

Should frontend developers define endpoint APIs?

In this webinar, Leif Åstrand, Product Architect here at Vaadin, discussed the complexities of building modern web applications. He challenged the notion that endpoint APIs should be managed by backend development teams, by making the case for the Backends for Frontends (or BFF) pattern. You can ...
Tracy Lee Web Performance webinar image

Web performance webinar with Tracy Lee

We kicked off this year with a webinar presentation on improving web application performance by Tracy Lee. Continue reading for the highlights and an overview of the presentation or watch the full recording on Youtube.   A big Thank You to Tracy Lee for holding this webinar!  Who is Tracy Lee? ...
Liferay Vaadin featured image

Using Vaadin 14 with Liferay - what works, what doesn't?

Liferay has advocated strongly for OSGi lately. And we have lagged behind with this. Our plan was to look into Liferay support for Vaadin 14 after getting OSGi compatibility for npm done. But not every Liferay user needs OSGi. You can already build Vaadin 14 portlets today! Create Liferay portlets ...

Polymer 3 templates and the modernization to LitElement

There are a lot of reasons to be excited about the new Vaadin client-side model based on LitElement that was introduced in Vaadin 15 and is now being ported to the newest Vaadin 14 version. Some of the reasons include: the ability to develop with TypeScript, the collection of faster and ...

Migrating Client RIA Business Applications to Web with Vaadin

The lights are going out on all plugin-based Rich Internet Applications (RIA) with the end of Adobe Flash on December 31 2020, and the end of Microsoft Silverlight on October 12 2021. Lately, a few companies have been in touch with us regarding migration from these technologies to Vaadin. Not many ...

Vaadin meets Vert.x

Vaadin server-side applications usually run in a servlet container, such as Jetty, Tomcat, or Undertow. However, Vaadin is not limited to these environments. The Vaadin building blocks are wisely designed on top of abstractions—VaadinRequest, VaadinResponse, VaadinService, VaadinSession, and ...

Building and maintaining the component library of a design system

The main purpose of adopting and using a design system is to ensure consistency with minimal time and effort in the long run. However, there’s no such thing as a “free lunch”. The trade-off of a design system is the time and effort required to implement and maintain it. It’s an investment, but you ...