Adib Saikali | Devoxx

Devoxx Belgium 2018
from Monday 12 November to Friday 16 November 2018.

Adib Saikali is passionate about technology and entrepreneurship from assembly to JavaScript from cold calling to pitching venture capitalists. He’s been responsible for architecting and implementing security in a variety of applications. Adib is an Advisory Platform Architect at Pivotal helping customers build cloud native applications using Spring Cloud, Cloud Foundry, and Kubernetes. Adib is a co-organizer of the Toronto Java User Group and Toronto Cloud Foundry Meetup.

See also https://www.linkedin.com/in/adibsaikali/

Implementing Microservices Security Patterns & Protocols with Spring Deep Dive

Deep Dive


Building secure microservices requires mastering a variety of patterns, protocols, frameworks, and technologies. This deep dive provides a holistic end-to-end view of how to secure microservices using industry standard protocols and Spring. The goal is to present how standards such as JWT, JWA, JWS, JWE, JWK, OAuth2, OpenID Connect, TLS can be combined to make writing secure microservices easy.

The deep dive will alternate between slides that explain the security standards and protocols and code walkthroughs/live coding showing how to apply the patterns and standards using Spring Security 5.1. We will demonstrate the following patterns and their implementations.

  • Web SSO Login
  • Implementing OAuth2 resource servers
  • Implementing edge service gateways
  • Token Exchange in a microservice call chain
  • Token Relay in a microservice call chain
  • Integration with OpenID Connect / OAuth2 Servers
  • Features of Spring Security 5.1 that make it easier to secure microservices

We assume no prior experience with security standards or Spring Security. However, we assume that you are comfortable reading Java code and web development.

Sign-in
Make sure to download the Android or iOS mobile schedule.