Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, February 17 • 11:25 - 12:15
Beyond OAuth2: end to end microservice security

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
OAuth2 allows users to delegate abilities to applications, so applications can act on resources on the user's behalf. It's a great story, but the story seems to end when the request makes it into your microservices based architecture. With microservices, the ""application"" in an OAuth2 interaction might actually be many applications, and the ""resource"" may need to call other resources. What should your services do once they obtain the user's token? Is there a way to assert a particular call stack through your web of applications in a way that's both performant, and flexible for when your services evolve? What if some applications don't use HTTP? In this talk, you'll see a standards based approach to solve all these problems, and provide a consistent method for enforcing each application's security policies.

Speakers
avatar for Will Tran

Will Tran

Pivotal
Will Tran has been helping startups and enterprises harness the power of the Spring Framework for a decade. Will is currently working for Pivotal, building products for Cloud Foundry and contributing to open-source Spring. While working for Pivotal, Will has made major technical contributions to Spring Cloud Services, Cloud Foundry UAA, and Pivotal Single Sign On. Will has previously presented at Cloud Foundry Summit Asia 2015 (Multitenant... Read More →


Friday February 17, 2017 11:25 - 12:15
Loft (2nd floor)