Pavel B. Java Software Engineer with Keycloak expertise
Summary
- 15 years in the software development industry as a Java Engineer
- 6+ years of experience with Keycloak, utilizing Keycloak for permission and role/group-based authorization with decentralized user access management.
- Adept at integrating Keycloak with external user sources such as LDAP and databases, and implementing custom sync mappers for groups.
- Proficient in designing and implementing architectural solutions of web-based applications.
- Team leading, organization of development process experience.
- Experience with Java, and JS (SpringBoot, ReactJs).
- Experience with different DB engines, and SQL performance optimization.
- Web app security. Authentication & Authorization.
- DevOps (Docker, K8s, Jenkins)
- AWS Cloud
- Upper-Intermediate English
Experience
Java Developer, NDA
Duration: Mar 2024 - Aug 2024
Summary: A global network of online platforms enables users to buy, sell, and exchange goods and services across more than 30 countries. It integrates popular classifieds brands and provides convenient tools for seamless transactions. The platforms utilize machine learning and data analysis to improve user experience.
Responsibilities:
- Developed and maintained microservices for user profile management and payment provider integration using Kotlin and PostgreSQL;
- Applied Test-Driven Development (TDD) practices to ensure high code quality and reliable software delivery;
- Implemented infrastructure automation with AWS and Terraform to support scalable and efficient deployments;
- Deployed and managed containerized applications using Kubernetes (K8s) for optimized performance and reliability.
Technologies: Kotlin, TDD, Microservices, AWS, Terraform, PostgreSQL, K8S.
Senior Software Engineer, zooplus
Duration: Dec 2016 - Present (6 years 5 months)
Summary: An online retailer specializing in pet food and supplies serves customers across Europe. The platform offers a wide range of products for various pets, focusing on convenience and quality. Advanced logistics and data-driven solutions ensure efficient delivery and a personalized shopping experience.
Responsibilities:
- Working on a company cross-cutting topics.
- Making the architectural design and implementation in the Cloud. Working closely with other development teams daily.
- Defining and developing distributed microservices-based architecture—particular accent on security and microservices authorization, following the principles of DevOps.
- Developing and maintaining the company's SSO infrastructure and multiple client-oriented applications.
Keycloak authorization scenario:
Permission and role/group-based authorization with decentralized user access management.
The system is based on the Keycloak cluster, integrated with an external user base running on LDAP, plus another DB integration.
Keycloak has custom integration with an LDAP server that allows custom sync mappers for groups and supports event emitting via a cloud-based queue for synchronization with an external user rights management system.
Custom user permissions and group mappers are used during the authorization (OAuth2 or SAML) process. Mappers request the external user rights management system (which has REST endpoints protected by Keycloak) with authorization based on the s2s token obtained on the Keycloak level and stored in the local cache to increase performance.
Keycloak SPIs:
Keycloak is used as a central authorization/authentication point with HA cluster setup in the Cloud and has various integration with external user sources (DB, LDAP, Azure AD) with custom synchronization support extensions. Support user authorization with the usage of external permissions management system. Also, custom actions were implemented for auth flow and user account actions with user actions SPI and an extension that allows sending various events to the messaging system.
User session management SPI extension that enables running sessions backup and restores process. And much more others.
Technologies: AWS, Java, Kotlin, Spring Boot, Terraform, React JS, Keycloak, PostgreSQL, Oracle, Jenkins Pipeline DSL, Docker, K8S.
Java Developer, Luxoft
Duration: Dec 2015 - Nov 2016 (1 year)
Summary: A global IT service provider specializes in custom software development and digital transformation for industries like finance, automotive, and healthcare. It leverages advanced technologies to solve complex business challenges.
Responsibilities:
- Data visualization framework - Java web application for business data visualization and reports building.
- GWT, SpringBoot, data management (based on Apache Calcite, Apache Spark)
Technologies: Java, GWT, SpringBoot, data management tools (based on Apache Calcite, Apache Spark).
Java developer, Luxoft
Duration: Mar 2014 - Dec 2014 (10 months)
Summary: A global IT service provider specializes in custom software development and digital transformation for industries like finance, automotive, and healthcare. It leverages advanced technologies to solve complex business challenges.
Responsibilities:
- Financial Data Managing - a high-loaded system for managing, organizing, and storing incoming data.
- Enterprise Java application, JBPM5 framework, XML, XSLT data transformation, Hibernate, Spock
Technologies: Java, JBPM framework, XML, XSLT data transformation, Hibernate, Spock
Java developer, PrivatBank
Duration: Aug 2006 - Feb 2014 (7 years 7 months)
Summary: A leading Ukrainian bank provides a wide range of financial services to individuals and businesses. Known for its innovation, it was one of the first in the world to introduce internet banking and contactless payments.
Responsibilities:
- High-loaded services for inner usage.
- Java (JDBC, JMS, j2ee, JSP, Spring, MyBatis), SQL (Sybase, ASE, IQ) complex query optimization, REST
- Team leading, organization of development process
- Architecture design of web-based applications
Technologies: Java, ORM MyBatis, SQL, REST, JS.
Education
Bachelor's Degree, Computer Systems Networking and Telecommunications, National University
2002 - 2007