Upload File

instant security and scalable user management in spring boot

  • Home
  • Technology
  • Instant Security and Scalable User Management in Spring Boot
23
@lhazlewood |@goStormpath #springone Instant Security & Scalable User Management with Spring Boot Les Hazlewood @lhazlewood Apache Shiro Project Chair CTO, Stormpath stormpath.com SpringOne 2016

Upload: spring-by-pivotal

Post on 14-Apr-2017

329 views

Category:

Technology


3 download

Report

TRANSCRIPT

Page 1: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Instant  Security&  Scalable  User  Management

with  Spring  Boot

Les  Hazlewood  @lhazlewoodApache  Shiro  Project  Chair

CTO,  Stormpath  stormpath.com

SpringOne 2016

Page 2: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

.com• User  Management  and  Authentication  API• Security  for  your applications• User  security  workflows• Security  best  practices• Developer  tools,  SDKs,  libraries

Page 3: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Spring  Security• Authentication• Authorization• Enforcement• No  user  management

Page 4: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

You’re  on  the  hook  for:• Data  store  integration• Data  modeling• HTML  pages• CSRF  view  support• Email  verification• Forgot  password• Oauth2  /  Social  setup• SAML  coordination

• Crypto  choices• Multi-­‐factor  auth• Scale  /  growth• SaaS  Multi-­‐Tenancy• Mobile  auth strategy• Microservice auth• Best  practices• ...etc...

Page 5: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Traditional  ApplicationYour  

Application

Users

Page 6: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

What  about  new  stores?

Users LDAP/AD

Your  Application

Page 7: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

And  legacy  migration?

Legacy  Users LDAP/ADNew  

Users

Your  Application

Page 8: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

And  Social?

Legacy  Users LDAP/AD Google

Apps Facebook GitHubNew  Users

Your  Application

Page 9: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

And  SSO/SAML?

Legacy  Users LDAP/AD Google

Apps Facebook GitHubNew  Users

Your  Application

PingOkta

Azure  ADFS

Oracle  SSO

SiteMinderLinkedIn

OneLogin

Page 10: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

And  Multi-­‐Tenant  /  SaaS  ?

Legacy  Users LDAP/AD Google

Apps Facebook GitHubNew  Users

Your  Application

PingOkta

Azure  ADFS

Oracle  SSO SiteMinder LinkedIn

OneLogin

Customer  A

Customer  CCustomer  F

Customer  B

Customer  D Customer  E

Customer  G

Page 11: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Oh  the  Hue  Manatee!

Page 12: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Stormpath  takes  you  from  this...

Legacy  Users LDAP/AD Google

Apps Facebook GitHubNew  Users

Your  Application

PingOkta

Azure  ADFS

Oracle  SSO SiteMinder LinkedIn

OneLogin

Customer  A

Customer  CCustomer  F

Customer  B

Customer  D Customer  E

Customer  G

Page 13: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

To  this...Your  

Application

Page 14: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

To  this...Your  

ApplicationYour  

ApplicationYour  

ApplicationYour  

Application...

Page 15: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

But  much  more  than  a  backend• Application  SDKs• Framework  Integrations• Best  practices

Page 16: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Live  Demo  Time!

Page 17: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Pages  &  Workflows

Page 18: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

SSO  &  Social

Page 19: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

OAuth &  Mobile

Page 20: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Flexible  Authorization

Page 21: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Application

Servlet  Filters

How  does  it  work?Spring  Security Stormpath  MVC

Stormpath  SDK

...

Page 22: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Stormpath  works  hard  for  you• Java  SDK  1.0.0  released  TODAY!• SDK  +  Integration  Effort:  ~  8  man  years• Extreme  customizability• Automatic  defaults• Often  no  code  required

Page 23: Instant Security and Scalable User Management in Spring Boot

@lhazlewood |  @goStormpath#springone

Thank  You!• [email protected]• Twitter:  @lhazlewood• https://stormpath.com


U boot-boot-flow

Spring Boot. Boot up your development. JEEConf 2015

User manual Boot manager Boot−US · PDF file1.5.4 Password protecting the entries in boot manager.....10 1.5.5 Administrator password for Boot−US

"Spring Boot. Boot up your development" Сергей Моренец

Instant Security and User Management in Spring Boot

INSTANT WIN GAMES, FACEBOOK INSTANT WIN GAMES, MOBILE INSTANT WIN GAMES

Chelsio T5/T4 Unified Boot for Linux & Windowsservice.chelsio.com/store1/T4/Boot/Unified Boot Option ROM(PXE,FCoE...Chelsio T5/T4 Unified Boot for Linux ... Chelsio T5/T4 Unified Boot

The Bitcoin Lightning Network Network... · The Bitcoin Lightning Network: Scalable O -Chain Instant Payments Joseph Poon [email protected] Thaddeus Dryja [email protected] November

U-Boot: Verified RSA Boot on ARM target

Catalyst 3560 Switch Boot Loader Commands A Catalyst 3560 Switch Boot Loader Commands boot Related Commands Command Description set Sets the BOOT environment variable to boot a specific

The Bitcoin Lightning Networklightning.network/lightning-network-paper.pdf · The Bitcoin Lightning Network: Scalable O -Chain Instant Payments Joseph Poon [email protected]

Arria 10 SoC Boot User Guide - Altera · Arria 10 SoC Boot User Guide ... The boot ROM code, ... Figure 3: Custom Boot loader Flow Reset Boot ROM Custom Boot Loader Application

A Massively Scalable Architecture For Instant Messaging & Presence · 2011-08-28 · In this thesis we design a scalable architecture for the instant messaging & presence service

DR Server Hyper V Instant Boot with ShadowProtect SPX

Scalable, Flexible and Generic Instant Overview Searchusers.ics.forth.gr/~fafalios/files/pubs/fafalios_2012_ · tocompletion, search-as-you-type, results clustering, faceted search,

Configuring Server Boot - · PDF fileConfiguring Server Boot ... 7 Configuring Server Boot iSCSI Boot. ThereareprerequisitesthatmustbemetbeforeyouconfigureiSCSIboot.Foralistoftheseprerequisites,

Instant 802.3af Adapters Datasheet - Ubiquiti Networksdl.ubnt.com/datasheets/instant/instant8023af.pdf · INSTANT 802.3af Datasheet INSTANT 802.3af Indoor and Outdoor Adapters Models:

A Scalable Examination Platform for BYOD Invigilated ... · Significant evidence that e-Exams works at scale! Austria • Secure Exam Environment –BYO laptops Live Linux boot from

Scalable Incremental Network Programming for Multihop …culler/papers/ijcns13... ·  · 2013-07-03binary data, along with checksums included for verifica- tion purposes. ... boot

The Scalable Brain Atlas: Instant Web-Based Access to ... · The Scalable Brain Atlas: Instant Web-Based Access to Public Brain Atlases and Related Content ... DTI, DWI, fractional

INSTANT PRICE SYSTEM INSTANT PRICING SYSTEM. INSTANT PRICE SYSTEM text

Instant Learning for the Instant Generation - Millennials

U-Boot: Verified RSA Boot on ARM target - DENX · U-Boot: Verified RSA Boot on ARM target JagannadhaSutradharudu Teki U-Boot Mini Summit- Edinburgh, 2013 Oct

Vembu extends support to Vembu BDR Suite Vembu v4.0 ......Optional Cloud Backup for data redundancy and disaster recovery Point-in-time persistent instant boot of backed up VMs Instant

The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments

Financial Instant IssuanceFinancial Instant Issuanceceesca.org/uploads/presentations/02-2013/Datacard - Petr.pdf · Financial Instant IssuanceFinancial Instant Issuance Gain new Clients

Instant rewards, instant impact

Site-in-a-Box for Local Government tm. Site-in-a-Box Instant eGovernment - “Just Add Content” Proven, Award Winning Simple Secure Scalable Affordable

A Massively Scalable Architecture For Instant Messaging ...essay.utwente.nl/59204/1/scriptie_J_Schipers.pdf · The Facebook architecture takes a partitioned approach to distribute

Exploiting Available Memory and Disk for Scalable Instant

Scalable Incremental Network Programming for Multihop ...file.scirp.org/pdf/IJCNS_2013012916423389.pdf · binary data, along with checksums ... boot loader is a small piece of code

Boot Usb Boot

Instant Notes in Biochemistry (Instant Notes)

INSTANT COMMUNICATIONS CHANGING THE … COMMUNICATIONS CHANGING THE WORLD OF WORKFORCE MANAGEMENT Mobile Tornado’s Instant Talk, Instant Locate, Instant Alert and Instant Message

Instant Security & Scalable User Management with Spring Boot