jhipster meetup #2
TRANSCRIPT
![Page 1: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/1.jpg)
jHipsterMeetUp 2016-01-25
![Page 2: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/2.jpg)
@francoisledroff
François
![Page 3: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/3.jpg)
Deep DiveNotre application “Adobe Hub”
![Page 4: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/4.jpg)
Our use case
![Page 5: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/5.jpg)
Yo
![Page 6: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/6.jpg)
Contraintes de sécurité
![Page 7: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/7.jpg)
SSO, SSL et chiffrement• Mongeez• SSL all the way• Mongo SSL• RSA Assymetric encryptor• SAML SSO– Okta IdP
• UX– 2 FA– Using OAuth2
![Page 8: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/8.jpg)
Ajouts• SAML Support
PKCS12Manager
• oAuth2 server provideroAuth2 MongoToken StoreWith clientId and client secret dynamically provisionned
• Mixing SAML||BasicAuth + oAuth2
• Mixing http + websocketactiveMQ
• Mongo SSL supportX509Condition Switching with profile
• RSA Assymetric encryptor@Encrypted
• Hystrix Commands
![Page 9: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/9.jpg)
Difficultés
• Difficulty to commit this back
• What would help– JHipster Common libraries
– Re-architecture:• microservices• + dedicated IdP• + dedicated oAuth2 server
![Page 10: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/10.jpg)
Recettes
Avec Chef• JVM• JCE• Tomcat/fat jar• iptables• haProxy• activeMQ• Splunk forwarder• SSL & Api keys
– managed with Chef-vault
Recettes
![Page 11: JHipster meetup #2](https://reader034.vdocument.in/reader034/viewer/2022051122/589e73671a28ab300b8b4e01/html5/thumbnails/11.jpg)
@francoisledroff
Questions ?